TrustRadius: an HG Insights company

Palo Alto Networks Cortex XDR

Score8.3 out of 10

59 Reviews and Ratings

Get a Demo

What is Palo Alto Networks Cortex XDR?

Cortex XDR (formerly Traps) replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats.

Categories & Use Cases

Media

Screenshot of a Cortex XDR overview
Screenshot of a view of the Cortex XDR dashboard
Screenshot of a view of the Cortex XDR dashboard
Screenshot of a view of the Cortex XDR dashboard

1 / 4

Screenshot of a Cortex XDR overview

Reviews

What users are saying about Palo Alto Networks Cortex XDR.
View all reviews

Palo Alto Networks Cortex XDR a Winner (if you can overcome the management interface)

Incentivized
Verified User
Manager in Information Technology (201-500 employees employees)

Use Cases and Deployment Scope

Palo Alto Networks Cortex XDR is one of several layers we use to secure our endpoint devices. Harnessing the power of AI and machine learning, Palo Alto Networks Cortex XDR quickly recognizes and stops threats that may have otherwise gone unnoticed. It also offers the ability to remotely take systems offline while still giving you some level of access to perform forensics or repairs.

Pros

  • Endpoint Protection
  • Detect and Response
  • Antivirus

Cons

  • Interface can be confusing
  • An "Admin Bypass" feature to proceed with a false detection would be nice
  • Better out-of-the-box reporting

Return on Investment

  • Saves IT time by blocking the installation of many apps that would have otherwise gone unnoticed
  • Multi-year contracts allow for more consistent budgeting

Usability

Alternatives Considered

Bitdefender Managed Detection and Response (MDR) and SentinelOne Singularity

Other Software Used

SolarWinds Service Desk (SSD), N-able N-central, KnowBe4 PhishER/PhishER Plus, KnowBe4 Security Awareness Training, Wasp Inventory

Traps/Cortex XDR Review

Jeff NicholsView profile
Information Security Manager in Information Technology at Port Authority of Allegheny County (1001-5000 employees employees)

Use Cases and Deployment Scope

Traps/now Cortex XDR was being used to provide endpoint protection for our servers and desktops. Traps/Cortex XDR was being used organization wide.

Pros

  • It does nothing well

Cons

  • Traps/cortex XDR alerts on wide scale commercial apps that are clearly not malicious
  • the Cortex XDR console interface is 5 steps worse than simply bad
  • Frontline support reps are not fluent in spoken English although their written fluency is okay (at best)

Most Important Features

  • Integration with our firewalls. What a mistake otherwise

Return on Investment

  • Traps had an agent upgrade get "stuck" that required me to manually reboot servers into safe mode to remediate it. Traps/Cortex ROI is by far negative. I'm pretty well-paid. Requiring multiple hours of my time to remediate your [bad] product entirely destroys any benefit.

Alternatives Considered

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)

Other Software Used

Microsoft Defender for Endpoint

Usability

Excellent Threat Hunting Capabilities And Endpoint Security Products For Next Gen

Incentivized
Mst Rahima KhatunView profile
Marketing Product Management in Information Technology at Clopsmith (11-50 employees employees)

Pros

  • Some zero-day exploits, malicious child processes, and maliciously hashed files have been successfully blocked by it.
  • Analyzing and identifying unknown malicious software on workstations, servers, and mobile devices are made easier with the help of tracking file behavior.
  • Panorama's integration helps us detect malicious files and traps more quickly and efficiently than other products we've tried, protecting us from zero-day attacks.

Cons

  • Traps, like all advanced endpoint protection, need to grow in machine learning/baseline protection.
  • Sometimes, exceptions were made because of legacy or custom software issues, and we encountered a bug in an older version of the agent.
  • Traps are best for IT environments using COTS reports/dashboards. In environments where custom software and applications are used, Traps necessitate a great deal of tweaking.

Most Important Features

  • Tracking file behavior and the ability to prevent the use of zero-day exploits are two of its many strengths.
  • Monitoring that is both cloud-based and has a low environmental impact.
  • Convenient console operation, as well as quick and painless setup.

Return on Investment

  • It's less expensive than an onsite server, but it puts more work on the endpoint security teams.
  • It adds an extra layer of security for our users and reduces malware outbreaks, which reduces downtime.
  • Faster, and Traps give us a lot of information about what processes are running on our endpoints.

Alternatives Considered

CrowdStrike Falcon Endpoint Protection, Kaspersky Endpoint Security and Symantec Advanced Threat Protection

Other Software Used

Kaspersky Endpoint Security, Cisco ASA, MS SharePoint, N-able N-central (formerly Solarwinds N-Central)

Palo Alto Networks Cortex XDR--best fit as an endpoint protection suite

Incentivized
Darshil Sanghvi
Presales in Information Technology at Network Techlab (501-1000 employees employees)

Use Cases and Deployment Scope

Palo Alto Networks Cortex XDR is used for our in-house as well as roaming users, and we have procured around 200 licenses. With Palo Alto Networks Cortex XDR, we are enabling security controls and also getting insights and deep visibility on our users' suspicious activities and behaviors and securing them from advanced attacks like file-less malware, ransomware, etc.

Pros

  • Malware prevention
  • Exploit prevention
  • EDR and XDR
  • Ransomware protection
  • Disk encryption (with Bit Locker and File Vault)
  • Device control features
  • Analytics
  • Investigation
  • Incident management
  • Forensics
  • NTA--network traffic analysis
  • UBA/UEBA--user entity behavior analysis

Cons

  • Inventory management
  • Web controls
  • DLP features

Return on Investment

  • After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
  • We are able to track and control granular suspicious and malicious activities.
  • Web controls are missing, which if they would have been there would have been very helpful.

Alternatives Considered

CrowdStrike Falcon Endpoint Protection, Trend Micro Apex One (formerly OfficeScan), SonicWall Capture Advanced Threat Protection (ATP) and Sophos Intercept X

Other Software Used

CrowdStrike Falcon Endpoint Protection, Sophos Intercept X, Trend Micro Apex One (formerly OfficeScan)

Palo Alto Cortex XDR is market leader

Raj Kumar JhaView profile
Sr. Technical Lead in Information Technology at Incedo Inc. (1001-5000 employees employees)

Use Cases and Deployment Scope

Palo Alto Cortex XDR has excellent features which strengthen Security for Endpoint, Cloud and Firewall that can be integrated into a single solution. It has the capability for Digital Forensics and Ransomware Protection as well.

Pros

  • Antivirus Protection
  • Ransomware Protection
  • Digital Forensics
  • Endpoint Protection
  • Cloud Protection

Cons

  • Device Control
  • Drive Encryption

Most Important Features

  • Endpoint Protection
  • Cloud Protection
  • Digital Forensics
  • Ransomware Protection

Return on Investment

  • User Friendly
  • Digital Forensics
  • Threat Intelligence
  • Cloud Protection
  • Endpoint Protection
  • Easy to Deployment

Alternatives Considered

Trend Micro Apex One (formerly OfficeScan)

Other Software Used

Zscaler Internet Access, McAfee Endpoint Security

Related Products

Products similar to Palo Alto Networks Cortex XDR that may also meet your needs.
All comparisons
CrowdStrike Falcon
CompareLearn more
Trend Vision One XDR and ASM
CompareLearn more
Microsoft Defender XDR
CompareLearn more