Overview
Product Information on Cortex XSOAR
What is Cortex XSOAR?
Cortex XSOAR Pricing
Overall experience with Cortex XSOAR
“Extensive Automation Tools and Metrics Visualization Simplify SIEM Alert Management”
“XSOAR Platform Offers Strong Automation Despite Average Support and Occasional Slowdowns”
About Company
Company Description
Palo Alto Networks is a global cybersecurity organization shaping the future of cloud-centric technology. The main business objective is to provide effective cybersecurity solutions, maintaining and valuing the digital way of life. It addresses the significant issue of maintaining digital security in an increasingly online-centric world. The company utilizes innovative approaches leveraging advancements in artificial intelligence, analytics, automation, and orchestration. Offering an integrated platform and bolstering a burgeoning ecosystem of collaborators, it assures protection across various platforms including clouds, networks, and mobile devices. The organization envisions a progressively safe and secure digital world each day.
Company Details
Do You Manage Peer Insights at Palo Alto Networks?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: Cortex XSOAR
Deciding Factors: Cortex XSOAR Vs. Market Average
Performance of Cortex XSOAR Across Market Features
Cortex XSOAR Likes & Dislikes
The product allows you to build out automation flows and create these playbooks to trigger your automated flows in an easy fashion. The tool allows you to use it for ticketing, so it helps to track alerts that are created in your SIEM. Finally, if you need to create a dashboard to see your metrics, Xsoar makes it very easy to create views that help to convey the data that is in Xsoar.
Logs ingested from the XDR agent do not count towards your license The XSOAR platform is truly very impressive as it gives you the ability to automate and/or orchestrate anything. There's nothing we haven't been able to do so far. During our comparison with other solutions, we found that in terms of detection capabilities, the XDR is truly superior.
1. Flexibility/Customization. 2. Default Integrations. 3. Clean and simple UI.
I can't say I have any dislikes about this tool besides that sometimes there are many options to perform one action that could cause confusion.
The fact that sometimes it's very slow or even unresponsive.
1. On-premise hosted option consistently leads to performance bottlenecks and resource issues. 2. RBAC-type settings are not the best in terms of queue separation and playbooks. 3. Profile integrations with AD is lacking (Collecting profile image, job role, etc.)
Top Cortex XSOAR Alternatives
Peer Discussions
Cortex XSOAR Reviews and Ratings
- Manager, IT Security and Risk Management1B-10B USDBankingReview Source
XSOAR Platform Offers Strong Automation Despite Average Support and Occasional Slowdowns
I selected Average because while there was support during the migration from our previous SIEM and EDR solution, I would not say it was far better than other vendors and certainly not outstanding. We had enough support and periodic catch up meetings, but there were a few cases where the support team told us that our ideas were not feasible but in the end we managed to find ways to implement them on our own. Also, I am not particularly satisfied from the quality of customer support, but in my experience it is the same as any other vendor I've had the chance to cooperate with. Therefore, I believe Average best describes the overall experience with the vendor. This does not related to the quality or experience with the product however. - INSIDER RISK DETECTION ENGINEER1B-10B USDHealthcare and BiotechReview Source
Extensive Automation Tools and Metrics Visualization Simplify SIEM Alert Management
Overall, a great platform with some extensive tools for automation and ticket management. - Incident Response Analyst1B-10B USDMiscellaneousReview Source
Outstanding product with great flexibility and customization options
The product has great integrations available by default, and offers easy integration with custom products and feeds. The product's playbooking features and functionality are incredible and offer easy customization and improved user/analyst experience. - IT Security & Risk Management Associate50M-1B USDHealthcare and BiotechReview Source
Powerful tool, but high learning curve
XSOAR provides the necessary environment to develop your own playbooks. - SENIOR CYBERSECURITY ENGINEER50M-1B USDTelecommunicationReview Source
XSOAR Integration and Customization: Centralizing your cyber security
XSOAR is a great and comprehensive product for managing alerts which come from different sources (splunk, XDR etc). We can define custom layouts for managing and handling incidents and based on that user don't need to login to other tools so managing every action from one screen/tool. Also, we integrated XSOAR with many tools(Azure AD, Virustotal, AbusdeIP etc).