• HOME
  • CATEGORIES

    • CATEGORIES

    • Browse All Categories
  • FOR VENDORS

    • FOR VENDORS

    • Log In to Vendor Portal
    • Get Started
  • REVIEWS

    • REVIEWS

    • Write a Review
    • Product Reviews
    • Vendor Directory
    • Product Comparisons
  • GARTNER PEER COMMUNITY™
  • GARTNER.COM
  • Community GuidelinesListing GuidelinesBrowse VendorsRules of EngagementFAQPrivacyTerms of Service
    ©2026 Gartner, Inc. and/or its affiliates.
    All rights reserved.
  • Categories

    • No categories available

      Browse All Categories

      Select a category to view markets

  • For Vendors

    • Log In to Vendor Portal 

    • Get Started 

  • Write a Review

Join / Sign In

Overview

Product Information on Cortex XDR

Updated 13th October 2025

What is Cortex XDR?

Cortex XDR is a software developed by Palo Alto Networks that integrates data from network, endpoint, and cloud sources to detect, investigate, and respond to cyber threats. The software enables security teams to identify suspicious behavior, conduct root cause analysis, and respond to incidents through automated response capabilities. It provides analytics-driven threat prevention and leverages behavioral analytics to correlate alerts across different environments, helping organizations reduce risks from advanced attacks. Cortex XDR addresses challenges of fragmented security data and manual threat investigations by consolidating security operations into a single platform, allowing for more efficient detection and response workflows.

Cortex XDR Pricing

Cortex XDR software utilizes a subscription-based pricing model, where charges are typically determined by factors such as number of endpoints, data ingestion volume, or user count. Pricing varies according to the chosen features, deployment scale, and support options, with additional costs for advanced capabilities and integrations. Licenses are available in different tiers to address varying organizational needs for threat detection and incident response.

Overall experience with Cortex XDR

It Security & Risk Management Associate
500M - 1B USD, IT Services
FAVORABLE

“Cortex XDR Streamlines Investigations but Requires Significant Initial Tuning Effort”

5.0
Feb 23, 2026
This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions.
It Security & Risk Management Associate
30B + USD, Energy and Utilities
CRITICAL

“Console Installation and Administration Noted for Simplicity and Low Monitoring Needs”

3.0
Mar 12, 2026
This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions.

Badges

Gartner Peer Insights recognizes vendors who meet or exceed both the market average Overall Experience and the market average User Interest and Adoption score through a Customers’ Choice distinction.
2025
For Market:
Mobile Threat Defense (Transitioning to Workspace Security Platforms)

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Peer Discussions

Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.

This site is protected by hCaptcha and its Privacy Policy and Terms of Use apply.


Software reviews and ratings for EMMS, BI, CRM, MDM, analytics, security and other platforms - Peer Insights by Gartner
Community GuidelinesListing GuidelinesBrowse VendorsRules of EngagementFAQsPrivacyTerms of Use

©2026 Gartner, Inc. and/or its affiliates.

All rights reserved.

  1. Home
  2. /
  3. Cortex XDR
Logo of Cortex XDR

Cortex XDR

byPalo Alto Networks
in
4.6
2025
Market Presence: Endpoint Protection Platforms, Extended Detection and Response

About Company

Company Description

Updated 7th December 2023

Palo Alto Networks is a global cybersecurity organization shaping the future of cloud-centric technology. The main business objective is to provide effective cybersecurity solutions, maintaining and valuing the digital way of life. It addresses the significant issue of maintaining digital security in an increasingly online-centric world. The company utilizes innovative approaches leveraging advancements in artificial intelligence, analytics, automation, and orchestration. Offering an integrated platform and bolstering a burgeoning ecosystem of collaborators, it assures protection across various platforms including clouds, networks, and mobile devices. The organization envisions a progressively safe and secure digital world each day.

Company Details

Updated 1st July 2025
Company type
Public
Year Founded
2005
Head office location
SANTA CLARA, United States
Number of employees
10001+
Website
http://www.paloaltonetworks.com

Do You Manage Peer Insights at Palo Alto Networks?

Access Vendor Portal to update and manage your profile.

User Sentiment About Cortex XDR
Reviewer Insights for: Cortex XDR
Deciding Factors: Cortex XDR Vs. Market Average
Performance of Cortex XDR Across Market Features

Cortex XDR Likes & Dislikes

Like

The best part is the investigation workflow and the way endpoints, processes, and alerts context is tied together. It's much easier to go from something looks off to a clear storyline of what happened, what ran, and what it touched. Response actions are also practical when you need to move fast (isolate, kill process, collect artifacts), and the platform generally feels built for analysts who have to close tickets all day

Like

The best part is the investigation workflow and the way endpoints, processes, and alerts context is tied together. It's much easier to go from something looks off to a clear storyline of what happened, what ran, and what it touched. Response actions are also practical when you need to move fast (isolate, kill process, collect artifacts), and the platform generally feels built for analysts who have to close tickets all day

Like

The best part is the investigation workflow and the way endpoints, processes, and alerts context is tied together. It's much easier to go from something looks off to a clear storyline of what happened, what ran, and what it touched. Response actions are also practical when you need to move fast (isolate, kill process, collect artifacts), and the platform generally feels built for analysts who have to close tickets all day

Dislike

It hard to uninstall the client.

Dislike

It hard to uninstall the client.

Dislike

It hard to uninstall the client.

Cortex XDR Reviews and Ratings

4.6

(755 Ratings)

Rating Distribution

5 Star
61%
4 Star
36%
3 Star
3%
2 Star
0%
1 Star
0%
Why ratings and reviews count differ?
  • It Security & Risk Management Associate
    50M-1B USD
    IT Services
    Review Source

    Cortex XDR Streamlines Investigations but Requires Significant Initial Tuning Effort

    5.0
    Feb 23, 2026
    I have solid experience with Cortex XDR in day-to-day operations. Once it's tuned, it becomes a dependable "always-on" layer that catches a lot of the noise you'd otherwise miss and gives you enough context to act without jumping between ten tools. The learning curve is real, but after the initial setup and a few weeks of adjustments, it's been stable and predictable in production.
  • It Security & Risk Management Associate
    50M-1B USD
    IT Services
    Review Source

    Cortex XDR Streamlines Investigations but Requires Significant Initial Tuning Effort

    5.0
    Feb 23, 2026
    I have solid experience with Cortex XDR in day-to-day operations. Once it's tuned, it becomes a dependable "always-on" layer that catches a lot of the noise you'd otherwise miss and gives you enough context to act without jumping between ten tools. The learning curve is real, but after the initial setup and a few weeks of adjustments, it's been stable and predictable in production.
  • Read All 810 Reviews

    Get unlimited access to verified peer reviews and insights

    Read unlimited Gartner-vetted product reviews
    View and share valuable product insights
    Download full product profiles
    Review products you use today

Recommended Gartner Insights

  • Critical Capabilities for Endpoint Protection Platforms
  • Magic Quadrant for Endpoint Protection Platforms

Top Cortex XDR Alternatives

Logo of CrowdStrike Falcon
1. CrowdStrike Falcon
4.7
(3261 Ratings)
Logo of SentinelOne Singularity Endpoint
2. SentinelOne Singularity Endpoint
4.7
(3097 Ratings)
Logo of Sophos Endpoint
3. Sophos Endpoint
4.8
(2411 Ratings)
View All Alternatives