Palo Alto Networks Cortex XDR vs. Qualys VMDR

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

Qualys VMDR is best suited for larger companies with a very large IT asset footprint. Qualys VMDR is not suited for businesses that are small and upcoming as the price for the tool is very expensive and could be a budget sink if not used properly. In our organization we use the Qualys VMDR dashboard and reporting in order to collect any vulnerabilities we miss during our routine audits to ensure that our environment is stable and protected for attacks.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• Seamless reporting across the different widgets (i.e. TruRisk)
• DEEP-DIVE into an asset's info/vulns
• Baked-in PCI ASV scans that a Qualys QSA can approve

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

• Qualys VMDR can definitely improve on its reporting of assets as we have caught devices not captured in the Qualys VMDR scans.
• We would like to see an improvement on the dashboard interface as it is faulty sometimes.
• Qualys VMDR should focus on more competitive pricing as it is very expensive.

Incentivized

Next to Veeam (which is a tremendous product for backup/DR) this is the best service/software I have used in the past three decades. Should be called the Swiss Army Knife of security.

Incentivized

Cortex XDR does a very good job of blocking suspicious and threatening items. However, as with all software of this nature, it will sometimes block known-good items. The difficulty is in manually whitelisting these known-good items. The interface to whitelist is confusing even for a seasoned IT professional and has been the single most frustrating experience of using Cortex XDR

Incentivized

infrastructure to identify vulnerabilities

Always available with the exception on maint windows

Incentivized

Once in a while it would be slow -

Incentivized

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

This is iron but I am giving it 5 star and I can give more If I can do because they are best in support. So once you own this product they will assign a dedicated support for you and when you are under the weather with anything just connect them with anything call, ping or ticket they will come like Genie.

Not really - the integrations via connectors is not heavy lifting. Any complexity has to do with a service that requires more steps (i.e. AWS/GCP)

Incentivized

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

It is a very similar tool but Qualys VMDR is much better when it comes to reporting and solutions provided. Asset management is really good in Qualys VMDR. Qualys VMDR support is really quick , you can get a TPM if you run into any issues. Qualys VMDR has wide variety of scanning options which lacks in tenable.

Incentivized

MOSTLY good - but as noted having all features purchased on portal only - nothing that is not purchased.

Incentivized

Outside some pretty arcane apps or OS this is painless. The problem - and self-inflicted - is that older stuff is not supported.

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized

• Cut down on manual efforts to investigate or remediate vulnerabilities, which can be a big driver of ROI
• Avoidance of potential incidents with upfront risk mitigation
• Patching efficiency gains

Incentivized