Cisco SecureX vs. Palo Alto Networks Cortex XDR

This is perfect for organisations with small or limited security teams who want to get more from their Cisco and third-party investments. With Secure Endpoint makes detecting and responding to threats much easier. Any organisation looking to overhaul its security infrastructure or even wrap around its cloud-first strategy with solutions such as Intune should seriously look at Cisco’s suite of products. I’ve implemented Secure Endpoint, Umbrella, and Duo for customers primarily using Intune for device management, and the cool new insight features in Cisco SecureX really help with visibility over their estate.

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

• So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security.
• Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex.
• Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way.
• Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats.

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

Day to day, Cortex is easy to use when you have no alerts and when an agent upgrade doesn't go south. Alerts are far too "clicky", there's too many steps to drilling down to what actually happened to trigger an alert. Investigating alerts in Cortex takes about 5x longer than it should.

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.

Incentivized

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

• It helps us easily Id the full extent of a threat
• It saves time searching for data.
• It only gives basic info I wish there was greater integration between all security offerings
• It allows other techs to pick up where you left off.

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized