We compared Cortex XDR by Palo Alto Networks and Darktrace based on our users’ reviews in four categories. After reading the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, Cortex XDR by Palo Alto Networks seems to be the superior solution. Our reviewers feel that because Darktrace is lacking where security is concerned, Cortex XDR is a better investment.
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The most valuable feature is the analysis, because of the beta structure."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Impressive detection capabilities"
"Forensics is a valuable feature of Fortinet FortiEDR."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"The solution allows control over the user and his machine through Cortex XDR security policies."
"The integrations are out-of-the-box, as are the playbooks."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"It integrates well into the environment."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"I find the complete portfolio to be excellent."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"The platform has many modules, and each module examines a different situation in the behavior."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"It is a stable solution without downtime."
"We find the solution to be a bit expensive."
"Cannot be used on mobile devices with a secure connection."
"The SIEM could be improved."
"Detections could be improved."
"FortiEDR can be improved by providing more detailed reporting."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Intelligence aspects need improvement"
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."
"Cortex XDR could be improved with more GUI features."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"The solution should offer more dashboards and they should be better customized."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"We would also like to have advanced tech protection and email scanning."
"The price could be a little lower."
"It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"The solution would benefit from automation. Currently, you have to know what you are searching for."
"Upper management wasn't sold on the value proposition."
"The initial setup is more complex and time-consuming than some solutions."
"The program is quite expensive."
"It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time."
"There is a high ratio of false positive information."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Darktrace is ranked 11th in Email Security with 66 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Darktrace is rated 8.2. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Symantec Endpoint Security, Trellix Endpoint Security and Wazuh, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, ExtraHop Reveal(x) and Cisco Secure Network Analytics.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.