1. Home
  2. Security Orchestration, Automation and Response (SOAR) Tools
  3. Palo Alto Networks Cortex XSOAR Reviews
  4. User Review of Palo Alto Networks Cortex XSOAR
Customized automation when time matters
Updated February 25, 2022

Customized automation when time matters

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with Palo Alto Networks Cortex XSOAR (formerly Demisto)

It is currently used by our IT Security department only. We use it primarily for its automation but also to a smaller extent for secops, and logging and compliance. We also use it for HiTrust certification in that we can report what we have seen.
  • Automated work flows
  • Customization
  • Reporting
  • Creating custom workflows can be unintuitive at a small scale. Processes inside of a process.
  • Security of data
  • Reporting of incidents for HiTrust certification
  • Automation of most basic functions.
  • MTTR has decreased dramatically saving us time, money and resources
  • Another piece of software and hardware to maintain. Thankfully, its very hardy.

Do you think Palo Alto Networks Cortex XSOAR delivers good value for the price?

Yes

Are you happy with Palo Alto Networks Cortex XSOAR's feature set?

Yes

Did Palo Alto Networks Cortex XSOAR live up to sales and marketing promises?

Yes

Did implementation of Palo Alto Networks Cortex XSOAR go as expected?

Yes

Would you buy Palo Alto Networks Cortex XSOAR again?

Yes

Our runbooks for a phishing email have been almost completely automated. In a manual process from reporting to resolution it would have take several hours to complete. Now, we can do a phishing email resolution with decision points in 10-15 minutes. Having this run book hooked into our other platforms and be able to manipulate that data has greatly increased the effectiveness of our small team.

Using Palo Alto Networks Cortex XSOAR (formerly Demisto)

7 - It is only used by our IT Security team, manager and Director at the moment.
5 - Ours is hosted onsite so basic server administration running Linux is a must. It is very robust and we have not had any trouble out of it.
  • Automation of basic runbooks to speed resolution
  • Reporting of incidents
  • Secure method of tracking threats and keeping work up to date.
  • We did not expect it to act as a historical depot that would be excellent for at reporting .
  • We now base alot of purchase decision around whether it can integrate and be automated through xsoar.
It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack.

Evaluating Palo Alto Networks Cortex XSOAR (formerly Demisto) and Competitors

  • Price
  • Product Usability
While the price was pretty low the use cases we had was our top priority with ability to automate several of our run books.
I would not change my method as the software spoke for itself and its operation.

Palo Alto Networks Cortex XSOAR (formerly Demisto) Implementation

It was much easier than we all anticipated.
  • Implemented in-house
Change management was a minor issue with the implementation - Our change management was fairly developed already so it was a straight forward process for us.
  • None encountered.