We performed a comparison between D3 Security and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The features that stand out are the detection engine and its integration with multiple data sources."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"The solution's valuable feature is its GUI. It has more than 450 connectors, which are excellent for connecting devices and automating integration. The solution has all the features we need. We deployed it in our environment, and it's fully integrated. Thanks to their open APIs, the seamless integration makes everything work well together."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
"What I like most about Palo Alto Networks Cortex XSOAR is how user-friendly it is for development. It is much simpler to work with compared to similar tools I've used."
"The solution is user-friendly and easy to configure."
"They have a portal where you can find any kind of integration that you need."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"The solution provides threat intelligence with EDR."
"We use the solution to automate our SIEM tools and incidents."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"The AI capabilities must be improved."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"I would like to see more AI used in processes."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"The reporting, especially custom reporting, needs to be improved. Additionally, it would be better if it could be hosted on Linux."
"The solution is very expensive."
"The solution’s price and technical support could be improved."
"The user interface could be a bit better."
"The formats are not compatible, are readily not available, and are not readable."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The dashboard performance could be improved."
"We need a little hands-on experience to install the solution."
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
D3 Security is ranked 20th in Security Orchestration Automation and Response (SOAR) with 2 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. D3 Security is rated 9.0, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of D3 Security writes "Offers open API for integrating any available tools without any recurring costs". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". D3 Security is most compared with Fortinet FortiSOAR and Splunk SOAR, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and IBM Resilient.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.