We performed a comparison between Cortex XDR by Palo Alto Networks and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Overall, users of Cortex XDR by Palo Alto Networks give the product higher ratings because its deployment is easier, it has a great set of features, it is affordable, and the technical support is helpful.
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"It has great stability."
"Its most significant advantage lies in its affordability."
"The integration between all the Defender products is the most valuable feature."
"Microsoft 365 Defender is simple to upgrade."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR."
"Stability is one of the features we like the most."
"The product has an intuitive dashboard."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"The stability of this product is very good."
"The tool's use cases are relevant to security."
"The dashboard is customizable."
"We have found the pricing to be reasonable."
"The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring."
"The Managed Detection and Response service provided by Intercept X Endpoint is highly valuable. With a team of 600-700 individuals monitoring systems, they swiftly respond to attacks, either informing us to isolate or directly removing threats. This full MDR service is especially recommended for sectors like finance, where data security is critical. The deep learning technology within Intercept X Endpoint enhances our security posture by analyzing behaviors and algorithms to differentiate between legitimate users and threats, effectively preventing attacks on our network infrastructure."
"The stability on offer is fine."
"The solution's initial setup process was straightforward."
"It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users."
"This is really good because it's applicable to zero-day threats."
"Since it's cloud-managed, the solution is easy to administer, especially if the person using it is in a different geophysical location."
"The support team is not competent or responsive."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The web filtering solution needs to be improved because currently, it is very simple."
"There could be a way to proactively monitor unusual activity ."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."
"If they had pulse rate detection, it would be better."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"I would like to see some additional features related to email protection included."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee."
"This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it."
"Needs more flexible reporting, particularly for medium to large size companies."
"There is room for improvement in terms of stability and updates."
"Stability-wise, we had issues with some clients which had to be dealt with manually. The issue was with that installation part."
"The graphical interface could improve. Additionally, adding less expensive mobile device support would be helpful. Other solutions have this feature."
"There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device."
"It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Intercept X Endpoint is rated 8.4. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Bitdefender GravityZone EDR. See our Cortex XDR by Palo Alto Networks vs. Intercept X Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.