Cortex XSOAR - Comprehensive incident management solution
February 17, 2022

Cortex XSOAR - Comprehensive incident management solution

Darshil Sanghvi | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Overall Satisfaction with Palo Alto Networks Cortex XSOAR (formerly Demisto)

With Palo Alto Networks Cortex XSOAR (formerly Demisto) in our organization, our SOC team is seamlessly able to triage and investigate malicious traffic in our network. This is hence enhancing our network security posture. We have also created playbooks and integrated our firewalls to automate policy creation at time of any attacks are being identified.

Pros

  • Triage and investigation of malicious traffic
  • Automate firewall policy modifications and actions in playbooks using Panorama
  • Automate malware sample analysis

Cons

  • SAML is not stable, it gives a lot of issues.
  • Pre-defined playbooks need a lot of fine tuning
  • Lacks proper documentation
  • Integration with Panorama for automating policies on firewall
  • Simplicity and ease of integration with applications and devices
  • Marketplace has a lot of apps supported
  • Demisto has Eased malware analysis and threat hunting
  • With Demisto, it is simple to create playbooks and scripts
  • This is helped automate policy configurations on our PA firewalls through Panorama

Do you think Palo Alto Networks Cortex XSOAR delivers good value for the price?

Not sure

Are you happy with Palo Alto Networks Cortex XSOAR's feature set?

Yes

Did Palo Alto Networks Cortex XSOAR live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Palo Alto Networks Cortex XSOAR go as expected?

Yes

Would you buy Palo Alto Networks Cortex XSOAR again?

Yes

Palo Alto Networks Cortex XSOAR (formerly Demisto) is well suited in scenarios where there is a dedicated threat hunting team working continuously for analyzing logs and alerts. This even has a lot of out-of-the-box and ready-to-use features, that makes life easy for your malware hunting team. In cases where there is no such team, or SOC deployed, it will not b much useful.

Comments

More Reviews of Palo Alto Networks Cortex XSOAR