TrustRadius Insights
Palo Alto Networks Traps is a highly regarded cybersecurity software that offers robust protection against malware, zero-day exploits, and …
Palo Alto Networks Cortex XDRFormerly Traps
Overview
What is Palo Alto Networks Cortex XDR?
Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats.
Recent Reviews
Pricing
N/A
Unavailable
What is Palo Alto Networks Cortex XDR?
Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
98 people also want pricing
Alternatives Pricing
What is CrowdStrike Falcon?
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…
What is Kaspersky EDR Optimum?
Kaspersky Endpoint Detection and Response (EDR) Optimum helps identify, analyze and neutralize evasive threats by providing easy-to-use advanced detection, simplified investigation and automated response. It is a basic EDR tool for mid-market organizations who are just starting to build their…
Product Details
- About
- Tech Details
What is Palo Alto Networks Cortex XDR?
| Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats. |
Palo Alto Networks Cortex XDR Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(53)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Business Problems Solved
Palo Alto Networks Traps is a highly regarded cybersecurity software that offers robust protection against malware, zero-day exploits, and advanced persistent threats. Its seamless integration with the Palo Alto Suite has made it a popular choice among users. The software can be easily installed and used on various devices, including laptops and virtual desktops. Users have praised Traps for its ability to detect grayware, serious malware, and exploit attempts that may be missed by other antivirus solutions like Windows Defender. One of the standout features of Traps is its ability to prevent the execution of malware without requiring a file to be downloaded, providing enhanced protection for users. This next-gen capability, coupled with its ease of use and strong protection, has prompted many customers to replace their existing antivirus solutions with Palo Alto Networks Traps.
Traps has proven itself invaluable in identifying and quarantining threats, as well as isolating future malware and preventing its spread across the network. By integrating Wildfire and host AV, Traps adds additional layers of security to hosts and aids in detecting unknown and zero-day malware. The inclusion of Traps functionality in Palo Alto Networks Cortex XDR further enhances security controls and provides deep visibility into suspicious activities and behaviors exhibited by users. Cortex XDR serves as an Endpoint Response tool that enables organizations to quickly identify and respond to events and incidents across multiple devices.
Users have reported that Palo Alto Networks Traps offers advanced anti-malware detection and prevention with a low false-positive rate, minimizing user annoyance while effectively mitigating the risk of malware attacks, zero-day attacks, and APTs. Its organization-wide deployment ensures comprehensive protection for servers, desktops, and roaming users. With Traps seamlessly integrated into the Palo Alto Suite, manual whitelisting and server updates are no longer necessary. Overall, Palo Alto Networks Traps is widely recognized for its ease of installation, seamless integration capabilities, next-gen features, and robust protection against advanced threats.
Attribute Ratings
Reviews
(1-5 of 5)Companies can't remove reviews or game the system. Here's why
March 25, 2023
Traps/Cortex XDR Review
Score 1 out of 10
Vetted Review
Verified User
Traps/now Cortex XDR was being used to provide endpoint protection for our servers and desktops. Traps/Cortex XDR was being used organization wide.
- It does nothing well
- Traps/cortex XDR alerts on wide scale commercial apps that are clearly not malicious
- the Cortex XDR console interface is 5 steps worse than simply bad
- Frontline support reps are not fluent in spoken English although their written fluency is okay (at best)
- Integration with our firewalls. What a mistake otherwise
- Traps had an agent upgrade get "stuck" that required me to manually reboot servers into safe mode to remediate it. Traps/Cortex ROI is by far negative. I'm pretty well-paid. Requiring multiple hours of my time to remediate your [bad] product entirely destroys any benefit.
- Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)
traps/cortex xdr is inferior in every respect
- When nothing goes wrong with agents and there are no alerts, it's a breeze
- Agent updates hang which also kills the uninstall password. The only solution is to boot to safe mode to run an uninstall utility
- The number of steps it takes to drill into an alert is annoying
The trap was easy to install and worked well with the Palo Alto Suite overall. Upgrades are seamless because everything is in the cloud. We use traps on all of our devices, including laptops and virtual desktops. They did this to guard against malware, zero-day exploits, and APT attacks. This gives us the ability to triage/investigate right from the home page. It can disclose Gray ware and other serious malware and exploit attempts that Windows Defender misses. Palo Alto Networks Traps can also prevent the execution of malware that does not require a file to be downloaded. We’ll see in the CortexXDR product that Palo Alto Networks has added Traps functionality.
- Some zero-day exploits, malicious child processes, and maliciously hashed files have been successfully blocked by it.
- Analyzing and identifying unknown malicious software on workstations, servers, and mobile devices are made easier with the help of tracking file behavior.
- Panorama's integration helps us detect malicious files and traps more quickly and efficiently than other products we've tried, protecting us from zero-day attacks.
- Traps, like all advanced endpoint protection, need to grow in machine learning/baseline protection.
- Sometimes, exceptions were made because of legacy or custom software issues, and we encountered a bug in an older version of the agent.
- Traps are best for IT environments using COTS reports/dashboards. In environments where custom software and applications are used, Traps necessitate a great deal of tweaking.
- Tracking file behavior and the ability to prevent the use of zero-day exploits are two of its many strengths.
- Monitoring that is both cloud-based and has a low environmental impact.
- Convenient console operation, as well as quick and painless setup.
- It's less expensive than an onsite server, but it puts more work on the endpoint security teams.
- It adds an extra layer of security for our users and reduces malware outbreaks, which reduces downtime.
- Faster, and Traps give us a lot of information about what processes are running on our endpoints.
Traps provided us with a cloud-based platform that made our lives a lot simpler. Nothing like Traps exists in the market and I've never used anything like it. Others, on the other hand, were a lot slower to respond. Malwarebytes and other enterprise-level malware software are also available, but they do not fall under the same heading.
February 26, 2020
Traps will trap malware
Traps are used by all of the endpoints (notebook & VDI) in our organization. This is done to mitigate the risk from malware attack, zero day attack and APT. Previously we utilized a typical anti-virus agent for protection from known malware. However since Q1 last year and based on the threat trends, we discovered it's not enough just to rely on the known malware/traditional anti-virus solution.
- Able to block malicious child-process run on the endpoint
- Able to block executed files which hashes are malicious
- Able to block process that employs malicious behaviour
- Proven to be able to block zero-day exploits
- We encountered some glitch in a certain version of the agent. When we deployed newer version, the policy set on the previous version was white-listed/overwritten.
- Moving to encrypted based connection (communication between agent to server) is troublesome, coz we need to uninstall the agent first.
- Need to have a more flexible reports/dashboard where we can customize it
- We feed Traps log to our SIEM, however the information sent to the SIEM was not complete, but we need to investigate more probably some faults are on us
- No ransomware has sucessfully impact our endpoints, this has saved us hundreds if not millions of dollars lost
- Users are now more aware of what files/processes that are malicious are being run, this give a good education on to the users
- the cost of implementation is relatively average, compares to competitor
At that time, we could not find other solutions that could compete with Traps. Most of the solutions presented to us are traditional anti-virus. While traps do not rely on the signature of malware but more on the suspicious behaviour or method used. This gave Traps a lot of advantage that we fine could address our needs. Even now, we are reviewing to replace completely the traditional anti virus.
February 27, 2019
Trap that malware!
Traps was purchased as a response to a virus outbreak that kept cropping up due to still infected systems popping up days or weeks after we deemed the environment clean. It's being used across the entire organization currently and helped us identify that threat, quarantine it and also helps isolate future malware from spreading across the network.
- Traps does a fantastic job at stopping malware before it executes
- Traps defends against 0 day attacks better than other products we have tried
- Traps isolates malware to that particular host better than any A/V we've tried
- Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
- Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
- Traps falsely identifies things as malicious at times, this is not often though
- Traps has paid for itself in time saved re-imaging PCs to clean them
- Traps gives us a lot of good insight on what's being run on our endpoints
- Traps is a great extra layer of security for our end users and minimizes malware outbreaks, which in turn minimizes downtime
I have not used any other product in the same category as Traps, as it's kind of unique in this segment. I have used other malware enterprise software such as Malwarebytes, but I wouldn't categorize them as the same type of product.
March 14, 2018
Traps for Enterprise is now relity
Traps is being used with Palo Alto Wildfire and host AV to add layers of protection to hosts to assist in finding unknown and 0 day malware. Traps is also used on servers to help provide advanced malware protection. Traps is in pilot across the server infrastructure and production for user workstations. We have evaluated several advanced endpoint protection applications and because of Wildfire integration, it was the product chosen for deployment.
- Great tool to help analyze and identify unknown malicious software on workstations, servers, and mobile devices.
- Integration with Panorama help to quickly and efficiently identify potential malicious files.
- Integration with Wildfire helps to quickly deploy signatures not only to endpoints but to firewalls as well.
- Every advanced endpoint protection, including Traps, needs to grow in the machine learning/baseline of a machine portion of their protection.
- Palo Alto needs to work more with vendors and their updates to help reduce exclusion lists.
- Traps is best for IT environments where COTS is used. Where homegrown software and applications are used, Traps requires a lot of customization.
- Reduction of malware spreading
- Increased workload on endpoint protection teams
- Great log chain for event investigation
Traps and its integration with central management tools by Palo Alto and wildfire was a better fit for our environment. Others provided similar levels of protection but in some cases did not live up to expectations as traps did. Palo Alto also worked with us to better Traps, its management tool, and deployment issues. Other vendors were not as forthcoming with support.