We performed a comparison between Cortex XDR by Palo Alto Networks and CylancePROTECT based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This is stable and scalable."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Impressive detection capabilities"
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"I get alerts when scripts are detected in the environment."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The price is low and quite competitive with others."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The solution doesn't need a high level of technical training."
"The initial setup is pretty easy."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"The behavior-based detection feature is valuable."
"The stability of this product is very good."
"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"The integrations are out-of-the-box, as are the playbooks."
"It'll not slow down your system when compared to others."
"CylancePROTECT is very stable - we've had no issues with performance and no errors or bugs."
"I find the actual overall endpoint malware protection the most valuable feature of CylancePROTECT."
"Endpoints are protected in real-time without the need of a centralized server."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"Blackberry Protect offers endpoint protection. It's easy to deploy. It's scalable and stable."
"Has good RAM capacity for the power I need"
"Does malware analysis. Blocks WannaCry and other attacks that have come out."
"The deployment of updates is easy."
"The SIEM could be improved."
"FortiEDR can be improved by providing more detailed reporting."
"The solution is not user-friendly."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Detections could be improved."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"I would like to see them include NDR (Network Detection Response)."
"A little bit more automation would be nice."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"The management console needs a little maturity in how it presents data and allows the administrator to drill down or search across systems."
"The company that sells us the licenses sometimes doesn't know how to do certain things."
"Work on the math model. We are catching a lot of false positives, which gets to be a pain at the start of a deployment."
"The stability could be improved."
"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"I'd like them to do software distribution too, but they said that that's architecturally not at the product line."
"CylancePROTECT's dashboard could be more user-friendly."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while CylancePROTECT is ranked 23rd in Endpoint Protection Platform (EPP) with 41 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while CylancePROTECT is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security, whereas CylancePROTECT is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete, Trellix Endpoint Security and Symantec Endpoint Security. See our Cortex XDR by Palo Alto Networks vs. CylancePROTECT report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.