Overview
Product Information on Cortex XSOAR
What is Cortex XSOAR?
Cortex XSOAR Pricing
Overall experience with Cortex XSOAR
“Robust Orchestration and Playbooks Deliver Value”
“XSOAR Platform Offers Strong Automation Despite Average Support and Occasional Slowdowns”
About Company
Company Description
Palo Alto Networks is a global cybersecurity organization shaping the future of cloud-centric technology. The main business objective is to provide effective cybersecurity solutions, maintaining and valuing the digital way of life. It addresses the significant issue of maintaining digital security in an increasingly online-centric world. The company utilizes innovative approaches leveraging advancements in artificial intelligence, analytics, automation, and orchestration. Offering an integrated platform and bolstering a burgeoning ecosystem of collaborators, it assures protection across various platforms including clouds, networks, and mobile devices. The organization envisions a progressively safe and secure digital world each day.
Company Details
Do You Manage Peer Insights at Palo Alto Networks?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: Cortex XSOAR
Deciding Factors: Cortex XSOAR Vs. Market Average
Performance of Cortex XSOAR Across Market Features
Cortex XSOAR Likes & Dislikes
- xsoar's flexibility : The playbook engine allows both quick development of simple automations and complex,multi-stage workflows that interact with dozens of third parts systems ,the automation editor,the rest api integrations,and the ability to use python scripts directly inside the platform give a lot of freedom to build custom logic tailored to our environment - the marketplace and content packs : many integrations work out of the box and drastically reduce onboarding time when adding new security tools. Also documentation and community support are generally good, especially for common use cases -The user interface is intuitive for analysts and the platform provides clear visibility over incident lifecycles,enabling faster triage and standardized responses
Logs ingested from the XDR agent do not count towards your license The XSOAR platform is truly very impressive as it gives you the ability to automate and/or orchestrate anything. There's nothing we haven't been able to do so far. During our comparison with other solutions, we found that in terms of detection capabilities, the XDR is truly superior.
The product allows you to build out automation flows and create these playbooks to trigger your automated flows in an easy fashion. The tool allows you to use it for ticketing, so it helps to track alerts that are created in your SIEM. Finally, if you need to create a dashboard to see your metrics, Xsoar makes it very easy to create views that help to convey the data that is in Xsoar.
- Support : Response time can be slow and sometimes the guidance is not fully aligned with the specific issue -Bugs : Some integrations or automations occasionally present bugs or unexpected behaviors, requiring extra troubleshooting or manual fixes - Debbugging Tools : error messages and debugging visibility can be limited
The fact that sometimes it's very slow or even unresponsive.
I can't say I have any dislikes about this tool besides that sometimes there are many options to perform one action that could cause confusion.
Top Cortex XSOAR Alternatives
Peer Discussions
Cortex XSOAR Reviews and Ratings
- It Security & Risk Management Associate1B-10B USDRetailReview Source
Robust Orchestration and Playbooks Deliver Value
My overall experience with xsoar has been very positive, The platform is mature,reliable and extremely powerful for automatig SOC workflows . It helped us a lot reduce manual effort integrating different security tools under a single orchestrted framework. - Manager, IT Security and Risk Management1B-10B USDBankingReview Source
XSOAR Platform Offers Strong Automation Despite Average Support and Occasional Slowdowns
I selected Average because while there was support during the migration from our previous SIEM and EDR solution, I would not say it was far better than other vendors and certainly not outstanding. We had enough support and periodic catch up meetings, but there were a few cases where the support team told us that our ideas were not feasible but in the end we managed to find ways to implement them on our own. Also, I am not particularly satisfied from the quality of customer support, but in my experience it is the same as any other vendor I've had the chance to cooperate with. Therefore, I believe Average best describes the overall experience with the vendor. This does not related to the quality or experience with the product however. - INSIDER RISK DETECTION ENGINEER1B-10B USDHealthcare and BiotechReview Source
Extensive Automation Tools and Metrics Visualization Simplify SIEM Alert Management
Overall, a great platform with some extensive tools for automation and ticket management. - Incident Response Analyst1B-10B USDMiscellaneousReview Source
Outstanding product with great flexibility and customization options
The product has great integrations available by default, and offers easy integration with custom products and feeds. The product's playbooking features and functionality are incredible and offer easy customization and improved user/analyst experience. - IT Security & Risk Management Associate50M-1B USDHealthcare and BiotechReview Source
Powerful tool, but high learning curve
XSOAR provides the necessary environment to develop your own playbooks.