We performed a comparison between Cortex XDR by Palo Alto Networks and Cisco SecureX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions.
Service and Support: Some customers were impressed with Palo Alto’s support, while others reported mixed experiences. Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering.
Comparison Results: Our users prefer Cortex XDR over Cisco SecureX. Cortex XDR stands out for its comprehensive platform and valuable features. Users praised its ease of use, threat identification capabilities, and minimal hardware resource consumption.
"I have found the ability to delete unwanted threats beneficial."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"The integration with other Microsoft solutions is the most valuable feature."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"The automation and orchestration tools are the most valuable features."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"They have a new GUI which is just fantastic."
"The solution allows control over the user and his machine through Cortex XDR security policies."
"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"From a single pane of glass, you can easily manage all of your endpoints."
"Provides behavior-based detection which offers many benefits over signature-based detection."
"Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place."
"The management capabilities, allow an IT organization to get quite a good picture of attempted cyber attacks."
"The product has an intuitive dashboard."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"Intrusion detection and prevention would be great to have with 365 Defender."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"The price should be adjustable by region."
"The web filtering solution needs to be improved because currently, it is very simple."
"Enhancing automation capabilities could further improve the product."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"what's missing right now is the multi-tenant capability."
"Remediation stuff could be integrated into the product's automation."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"The solution lacks real-time, on-demand antivirus."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco SecureX is ranked 14th in Extended Detection and Response (XDR) with 13 reviews while Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews. Cisco SecureX is rated 9.0, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". Cisco SecureX is most compared with Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics, Fortinet FortiSOAR and Wazuh, whereas Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security. See our Cisco SecureX vs. Cortex XDR by Palo Alto Networks report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
