Name: Cortex XSOAR
Rating: 4.5 (69 reviews)

Overview

Product Information on Cortex XSOAR

Updated 13th October 2025

What is Cortex XSOAR?

Cortex XSOAR is a software designed for security orchestration, automation, and response. It centralizes security operations by integrating with multiple security tools and data sources to automate repetitive tasks, coordinate incident response workflows, and manage security alerts. The software provides playbooks to streamline processes such as threat intelligence management, case management, and alert triage. It supports custom integrations and workflows to accommodate a variety of security operations center use cases. By consolidating incident data and automating responses, Cortex XSOAR addresses the challenge of improving efficiency and consistency in security operations.

Overall experience with Cortex XSOAR

It Security & Risk Management Associate

3B - 10B USD, Retail

FAVORABLE

“Robust Orchestration and Playbooks Deliver Value”

5.0

Feb 28, 2026

My overall experience with xsoar has been very positive, The platform is mature,reliable and extremely powerful for automatig SOC workflows . It helped us a lot reduce manual effort integrating different security tools under a single orchestrted framework.

Manager, IT Security and Risk Management

3B - 10B USD, Banking

CRITICAL

“XSOAR Platform Offers Strong Automation Despite Average Support and Occasional Slowdowns”

3.0

Jan 15, 2026

I selected Average because while there was support during the migration from our previous SIEM and EDR solution, I would not say it was far better than other vendors and certainly not outstanding. We had enough support and periodic catch up meetings, but there were a few cases where the support team told us that our ideas were not feasible but in the end we managed to find ways to implement them on our own. Also, I am not particularly satisfied from the quality of customer support, but in my experience it is the same as any other vendor I've had the chance to cooperate with. Therefore, I believe Average best describes the overall experience with the vendor. This does not related to the quality or experience with the product however.

About Company

Company Description

Palo Alto Networks is a global cybersecurity organization shaping the future of cloud-centric technology. The main business objective is to provide effective cybersecurity solutions, maintaining and valuing the digital way of life. It addresses the significant issue of maintaining digital security in an increasingly online-centric world. The company utilizes innovative approaches leveraging advancements in artificial intelligence, analytics, automation, and orchestration. Offering an integrated platform and bolstering a burgeoning ecosystem of collaborators, it assures protection across various platforms including clouds, networks, and mobile devices. The organization envisions a progressively safe and secure digital world each day.

Company Details

Company type

Public

Year Founded

2005

Head office location

SANTA CLARA, United States

Number of employees

10001+

Website

http://www.paloaltonetworks.com

Do You Manage Peer Insights at Palo Alto Networks?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Reviewer Insights for: Cortex XSOAR

Deciding Factors: Cortex XSOAR Vs. Market Average

Performance of Cortex XSOAR Across Market Features

Cortex XSOAR Likes & Dislikes

- xsoar's flexibility : The playbook engine allows both quick development of simple automations and complex,multi-stage workflows that interact with dozens of third parts systems ,the automation editor,the rest api integrations,and the ability to use python scripts directly inside the platform give a lot of freedom to build custom logic tailored to our environment - the marketplace and content packs : many integrations work out of the box and drastically reduce onboarding time when adding new security tools. Also documentation and community support are generally good, especially for common use cases -The user interface is intuitive for analysts and the platform provides clear visibility over incident lifecycles,enabling faster triage and standardized responses

Logs ingested from the XDR agent do not count towards your license The XSOAR platform is truly very impressive as it gives you the ability to automate and/or orchestrate anything. There's nothing we haven't been able to do so far. During our comparison with other solutions, we found that in terms of detection capabilities, the XDR is truly superior.

The product allows you to build out automation flows and create these playbooks to trigger your automated flows in an easy fashion. The tool allows you to use it for ticketing, so it helps to track alerts that are created in your SIEM. Finally, if you need to create a dashboard to see your metrics, Xsoar makes it very easy to create views that help to convey the data that is in Xsoar.

- Support : Response time can be slow and sometimes the guidance is not fully aligned with the specific issue -Bugs : Some integrations or automations occasionally present bugs or unexpected behaviors, requiring extra troubleshooting or manual fixes - Debbugging Tools : error messages and debugging visibility can be limited

The fact that sometimes it's very slow or even unresponsive.

I can't say I have any dislikes about this tool besides that sometimes there are many options to perform one action that could cause confusion.

Top Cortex XSOAR Alternatives

Peer Discussions

Cortex XSOAR Reviews and Ratings

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

It Security & Risk Management Associate
1B-10B USD
Retail
Review Source
Robust Orchestration and Playbooks Deliver Value
5.0
Feb 28, 2026
My overall experience with xsoar has been very positive, The platform is mature,reliable and extremely powerful for automatig SOC workflows . It helped us a lot reduce manual effort integrating different security tools under a single orchestrted framework.
Manager, IT Security and Risk Management
1B-10B USD
Banking
Review Source
XSOAR Platform Offers Strong Automation Despite Average Support and Occasional Slowdowns
3.0
Jan 15, 2026
I selected Average because while there was support during the migration from our previous SIEM and EDR solution, I would not say it was far better than other vendors and certainly not outstanding. We had enough support and periodic catch up meetings, but there were a few cases where the support team told us that our ideas were not feasible but in the end we managed to find ways to implement them on our own. Also, I am not particularly satisfied from the quality of customer support, but in my experience it is the same as any other vendor I've had the chance to cooperate with. Therefore, I believe Average best describes the overall experience with the vendor. This does not related to the quality or experience with the product however.
INSIDER RISK DETECTION ENGINEER
1B-10B USD
Healthcare and Biotech
Review Source
Extensive Automation Tools and Metrics Visualization Simplify SIEM Alert Management
5.0
Sep 23, 2025
Overall, a great platform with some extensive tools for automation and ticket management.
Incident Response Analyst
1B-10B USD
Miscellaneous
Review Source
Outstanding product with great flexibility and customization options
4.0
Jun 23, 2025
The product has great integrations available by default, and offers easy integration with custom products and feeds. The product's playbooking features and functionality are incredible and offer easy customization and improved user/analyst experience.
IT Security & Risk Management Associate
50M-1B USD
Healthcare and Biotech
Review Source
Powerful tool, but high learning curve
4.0
Apr 14, 2025
XSOAR provides the necessary environment to develop your own playbooks.

...

Showing Result 1-5 of 91

Recommended Gartner Insights

Market Guide for Security Orchestration, Automation and Response Solutions (Transitioning to Security Information and Event Management)