Palo Alto Networks Cortex XSOAR vs. Proofpoint Threat Response Auto-Pull

Palo Alto Networks Cortex XSOAR

Proofpoint Threat Response Auto-Pull

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Palo Alto Networks Cortex XSOAR	Score 7.1 out of 10	N/A	Cortex XSOAR, formerly Demisto and now from Palo Alto Networks since it was acquired in March 2019, provides orchestration to enable security teams to ingest alerts across sources and execute standardized, automatable playbooks for accelerated incident response. Its playbooks are powered by hundreds of integrations and thousands of security actions, striking the right balance between rapid machine execution and nuanced human oversight.	N/A
Proofpoint Threat Response Auto-Pull	Score 8.0 out of 10	N/A	Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as inappropriate, malicious, or emails containing compliance violations and also follows forwarded mail and distribution lists and creates an audit-able activity trail. With Proofpoint Threat Response…	N/A

Pricing

Palo Alto Networks Cortex XSOAR

Proofpoint Threat Response Auto-Pull

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
Palo Alto Networks Cortex XSOAR	Proofpoint Threat Response Auto-Pull
Free Trial
No	Yes
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	Palo Alto Networks Cortex XSOAR	Proofpoint Threat Response Auto-Pull

Features

Palo Alto Networks Cortex XSOAR

Proofpoint Threat Response Auto-Pull

Incident Response Platforms

Comparison of Incident Response Platforms features of Product A and Product B
	Palo Alto Networks Cortex XSOAR - Ratings	Proofpoint Threat Response Auto-Pull 8.4 Ratings 4% below category average
Integration with Other Security Systems	00 Ratings	9.00 Ratings
Attack Chain Visualization	00 Ratings	8.00 Ratings
Centralized Dashboard	00 Ratings	6.00 Ratings
Machine Learning to Prevent Incidents	00 Ratings	9.00 Ratings
Live Response for Rapid Remediation	00 Ratings	10.00 Ratings

User Ratings
	Palo Alto Networks Cortex XSOAR	Proofpoint Threat Response Auto-Pull
Likelihood to Recommend	8.2 (0 ratings)	9.0 (0 ratings)
Likelihood to Renew	10.0 (0 ratings)	- (0 ratings)
Usability	- (0 ratings)	9.0 (0 ratings)
Support Rating	- (0 ratings)	9.0 (0 ratings)
Implementation Rating	10.0 (0 ratings)	- (0 ratings)

User Testimonials
	Palo Alto Networks Cortex XSOAR	Proofpoint Threat Response Auto-Pull
Likelihood to Recommend	XSOAR is well suited for phishing detection and response. Phishing alerts are as much of a problem today as they were decades ago. This is because: ●Attackers Can leverage automation to launch high-quantity phishing attacks with the click of a button. ●Spear Phishing attacks are sophisticated and sometimes indistinguishable from real emails, resulting in compromise through human error. ●Security Teams aren’t able to follow set processes while responding to phishing alerts. They must coordinate across email inboxes, threat intel, NGFW, ticketing, and other tools. Each tool has different consoles, data conventions, and contexts, making it difficult for security teams to fill in the gaps while minimizing errors. XSOAR is less suited for analyzing traffic. Incentivized Verified User Anonymous Read full review	It is very well suited for any organization, though the pricing is more for larger organizations. Having auto pull available means you have fewer worries that phishing emails end up in users' mailboxes. Incentivized Verified User Anonymous Read full review
Pros	Automation with immediate security responses. Comprehensive phishing protection and increased email protection. Analysis and reporting feature. Intuitive and easy-to-view panels. Alerts by email and sms of incidents for the administration. Centralized monitoring. Incentivized Verified User Anonymous Read full review	Finds malicious messages in users mailboxes that were not previously detected. Gives good data about messages post-detection. Integrates with AD. Incentivized Verified User Anonymous Read full review
Cons	SAML is not stable, it gives a lot of issues. Pre-defined playbooks need a lot of fine tuning Lacks proper documentation Incentivized DS Darshil Sanghvi Presales Read full review	Would like an Azure virtual machine version of it. Currently, it's only supported on VMware and AWS. Configuring authentication certificates on it is not easy. It does not work with RSASSA-PSS signed certificates. Incentivized Chris Bash IS Systems Analyst Read full review
Likelihood to Renew	It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack. Incentivized Verified User Anonymous Read full review	No answers on this topic
Usability	No answers on this topic	It's easy to use and requires very little administrator hands on. Incentivized Chris Bash IS Systems Analyst Read full review
Support Rating	No answers on this topic	They are quick to respond and have talented support personnel. Incentivized Chris Bash IS Systems Analyst Read full review
Implementation Rating	It was much easier than we all anticipated. Incentivized Verified User Anonymous Read full review	No answers on this topic
Alternatives Considered	The quantity of integrations with security solutions is highest in Palo Alto Solution. The capacity to identify anomalous events is much better in Palo Alto Networks Cortex XSOAR. The flexibility of increased storage area is better as well. The dashboard is very intuitive about showing the most important incidents and how to resolve them. Incentivized RS Raphael Soares CTO (Chief Technical Officer) Read full review	TRAP had fewer false positives and caught more malicious emails. With the host of companion products, it was more complete package. It gives us the ability to pull emails using an admin-submitted CVS file of emails to pull. EOP does not have this capability. Incentivized Chris Bash IS Systems Analyst Read full review
Return on Investment	Reduces man-hours spent on handling false-positive repetitive alerts, daily 40% of analysts' time saved during a 24 hour period. In the initial stage, it was 75% of analysts' time saved due to the new environment, less maturity, and a lot of un-finetuned alerts. Single pane for notification, collaboration, and action (to some extent) which is a major time saver compared to the conventional method of meeting invites and emails back-and-forth. Secure documentation of business-critical incidents with a need-to-know basis of access according to each role. SC Sarthak Chand Information Security Manager Read full review	Helped mitigate the email portion of our penetration test entirely. Made us aware of the amount of suspicious emails being delivered. Prevented malware spreading through mail. Incentivized Fraser Clark Network Engineer Read full review
ScreenShots