We performed a comparison between Palo Alto Networks Cortex XSOAR and Tanium based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The machine learning and artificial intelligence on offer are great."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The product can integrate with any device."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"I have no complaints about Cortex's stability."
"Palo Alto is easy to use."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"The product can automate security tasks."
"Cortex XSOAR's most valuable features are the playbooks, custom integration, the machine-learning model, and the layout, classifier, and mapper."
"The solution is user-friendly and easy to configure."
"We use the solution to automate our SIEM tools and incidents."
"The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking...It is a scalable solution."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"Tanium has made the process of detecting threats more proactive with its detection. So, the process is easier and more efficient."
"Tanium's most valuable feature is its instant discovery aspect."
"I would say Tanium is the best tool for vulnerability management."
"The security features are very valuable."
"The interrogation piece was the most valuable feature because it was very detailed."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"Tanium’s linear-chain architecture is valuable."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The only thing is sometimes you can have a false positive."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"There should be an on-premise version available for customers to have different choices."
"The dashboard could be better."
"It is not a very scalable solution."
"The configuration of the solution could improve it is difficult."
"XSOAR could have more integration options."
"The formats are not compatible, are readily not available, and are not readable."
"The user interface could be a bit better."
"Palo Alto needs to develop more AI-centric products."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"The solution lacks mobility."
"The reporting could be improved."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"Tanium’s scalability could be improved."
"We had some issues with the solution's OS upgrade."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews while Tanium is ranked 37th in Endpoint Protection Platform (EPP) with 15 reviews. Palo Alto Networks Cortex XSOAR is rated 8.4, while Tanium is rated 7.4. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of Tanium writes "Useful tool for vulnerability management and deploying applications, needing improvement in its OS upgrade". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and ServiceNow Security Operations, whereas Tanium is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Configuration Manager, Qualys VMDR and ServiceNow Discovery.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.