We performed a comparison between Cortex XDR By Palo Alto Networks and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two solutions is that Cortex XDR users say the solution is expensive while Microsoft Defender for Cloud users consider the solution to be fairly priced.
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The price is low and quite competitive with others."
"NGAV and EDR features are outstanding."
"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"This software helps us understand any issues that may arise when someone is not at work."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"The product has an intuitive dashboard."
"Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."
"Has great threat detection capabilities."
"The product has given us more insight into potential avenues for attack paths."
"It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"DSPM is the most valuable feature."
"The solution is very easy to deploy."
"Technical support is helpful."
"The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"It takes about two business days for initial support, which is too slow in urgent situations."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I haven't seen the use of AI in the solution."
"Cannot be used on mobile devices with a secure connection."
"ZTNA can improve latency."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"A little bit more automation would be nice."
"It is an enterprise-level solution. Its price could be less expensive."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."
"It'll help if customization was easier."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"The encryption is not up to the mark."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"I would suggest building a single product that addresses endpoint server protection, attack surface, and everything else in one solution. That is the main disadvantage with the product. If we are incorporating some features, we end up in a situation where this solution is for the server, and that one is for the client, or this is for identity, and that is for our application. They're not bundling it. Commercially, we can charge for different licenses, but on the implementation side, it's tough to help our end-customer understand which product they're getting."
"You cannot create custom use cases."
"Pricing could be improved. There are limited options based on pricing for the government."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and ESET Endpoint Protection Platform, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Check Point CloudGuard CNAPP. See our Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Cloud report.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.