Palo Alto Networks Cortex XDR vs. Webroot Endpoint Protection

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

The software tends to do a good job of basic protection but is not the best for larger clients and is not as powerful as some others offered on the market today. The support is not the best either, have had a hard time getting assistance in the past trying to resolve issues.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• It is very light weight and does not tax the computers resources
• Has a quick scan and does not take forevere when scanning
• It's central management on the web makes it easy to use and gives tons of control for Admins

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

• There are several configuration options for both end-point and DNS protection. Would like a more simple way to understand and validate settings.
• Support is heavily video or FAQ based although you can submit a Support Ticket. Would like more availability to an actual support engineer.
• Overtime you can forget how to change setting - a refresher course would be nice, especially as new features are added to the solution.

Incentivized

It has proven successful so far in our environment for controlling malware/virus outbreaks.

Incentivized

Cortex XDR does a very good job of blocking suspicious and threatening items. However, as with all software of this nature, it will sometimes block known-good items. The difficulty is in manually whitelisting these known-good items. The interface to whitelist is confusing even for a seasoned IT professional and has been the single most frustrating experience of using Cortex XDR

Incentivized

Webroot Endpoint Protection has been great for us, as its simple, cloud-based management console allows us to quickly deploy easily monitor all of our endpoints. However, it could improve by offering more customizable reporting options for deeper insights into security events and the interface could also use some updating, as it feels a bit dated.

Incentivized

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

Support has been reliable up to this point. A request can easily be generated via the console and support responding in a reasonable time. We have not had any major issues other than the basic agents not communicating with the console and the like.

Incentivized

I had some difficulties with remote users. I ended up needing to open a remote tech support session and finish the process. Other than a few speed bumps, I was impressed with the engineering of the install. Because of time differences, I was done installing in two days. The cost, per license, could be less.

Incentivized

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

Webroot is good in a way that it is an all encompassing solution one stop shop for protecting endpoints but it needs to be managed and licensed. Some users do not need constant protection or need to have it on their machines in where the combination of Field Effect and Malwarebytes is more effective.

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized

• The DNS filtering allows for a very granular configuration of endpoints
• The cost to benefit ratio is good. It is not a real EDR player yet, but the development looks promising
• Its best feature is integration with our MSP software, providing actionable tickets.

Incentivized