Kaspersky Endpoint Security vs. Palo Alto Networks Cortex XDR

I think Kaspersky is well suited for large and small companies. Larger companies can take advantage of the KSC (Kaspersky Security Center) servers to help manage a large network. The KSC has many good features to help monitor the health of the organization. It does a good job with updating and deploying remotely. It has inventory features, and can even deploy non-Kaspersky software packages uploaded to the center. KSC can become a source of good information about [your] network that can be seen at a glance. IT departments are normally smaller than they need to be. KSC helps with larger and smaller companies because of this. A small company would appreciate the amount of information and management that can be done through KSC without needing extra help. If the company is small enough that they don't have servers on-site, there is a cloud version. I have not used that to know how it differs from the local KSC.

Incentivized

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

• The Security Center is laid out very well and makes it easy to install and manage the client endpoint protection on servers and workstations.
• The way security policies are defined and managed is very easy to understand.
• The client programs seem to be lighter and smaller on the client systems than others I have used in the past. Using fewer resources is always an advantage.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• The PC imaging tools are difficult to set up and use
• Device Encryption tools are getting better, but are difficult to manage.
• The policies are powerful, but could be broken up. More help can be provided in what the policy element does within the policy setup

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

The product is stable and accurate in detecting security threats. There are very few or no false positives in detecting security threats or unusual behavior and has very sharp heuristics. The product does the job very well including saving us money in getting 3rd party patch management tools as the business is already using Microsoft System Center Configuration Manager which is Microsoft product specific and the product patches these third party products e.g Adobe Flash Player

Incentivized

I will give Kaspersky a score of 9 out of 10 for scalability, as it allows businesses to easily expand their security infrastructure. This means it won't cost them a lot to add further protection and security. It won't also require them to purchase other hardware and services for their required protection.

Cortex XDR does a very good job of blocking suspicious and threatening items. However, as with all software of this nature, it will sometimes block known-good items. The difficulty is in manually whitelisting these known-good items. The interface to whitelist is confusing even for a seasoned IT professional and has been the single most frustrating experience of using Cortex XDR

Incentivized

I've used the on-premise server. I've only experienced one time that we couldn't open the console, and that was a server issue. It seems to be a dependable solution. It's there, and it's stable.

Incentivized

Users don't notice any slowdown with the antivirus running on their systems. There have been issues when the systems have missed a scheduled scan, and it was checked to run at [a] first available time, they will start a full scan at startup. This has caused some lag. Normally there are also some issues with the workstation, but it is something to note.

Incentivized

I give the maximum grade because we have no complaints; we never had any failure, serious error, and serious threat to the company. All of its features work very well. The great advantage of having a product supported by an industry-leading security company is that regularly updated security protocols will protect the system against all emerging threats.

Incentivized

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

Make sure to provide awareness campaigns on changes that will be implemented and WHY the business is doing it and the benefits reaped. Benefits reaped is very important for the justification of why things have to change and emphasizing the importance of security. This will reduce user disgruntlement and total bitterness on use of their workstation or laptop

Incentivized

Kaspersky is a leader in endpoint protection, but its ties to potential adversaries are unsettling. Kaspersky has a great threat research team and quickly identifies malicious software and its signature. Its web-based protection is also top notch. This is a great product but as with everything has its place.

Incentivized

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

You can create groups and create different policies for each group. You can customize many parts of the software before it is deployed. You can create different tasks and schedules based on the groups. It is customizable.

Incentivized

• It reduced the incidents of infections and so reduced the efforts needed by the IT department to mitigate problems.
• It made it difficult to manage the security of our growing mobile user base due to infrequent contact with our on-premise management server.

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized