Da 17 anni aiutiamo le aziende
a scegliere i migliori software
Cortex XDR
Cos'è Cortex XDR?
La protezione avanzata degli endpoint di Traps blocca le minacce agli endpoint e coordina l'applicazione con la sicurezza del cloud e della rete per prevenire gli attacchi informatici.
Chi utilizza Cortex XDR?
Piattaforma di rilevamento e risposta degli endpoint basata sul cloud che consente ai team di sicurezza di proteggere, rispondere e rilevare gli attacchi sfruttando l'intelligenza artificiale e le tecniche di machine learning.
Hai dubbi su Cortex XDR?
Confrontalo con un'alternativa popolare
Cortex XDR
Recensioni su Cortex XDR
Good Endpoint Security Solution
Commenti: Traps is good software to have. It did stop some malicious software that was downloaded.
Aspetti positivi:
This product doesn't do the old-fashioned signature based detection, but works by observing attack technique and behaviors. One of our workers had an Excel document which tried to reference some command line software to manipulate data. Of course this is very much how a virus could work, so Traps blocked it. Although this was a false positive, the solution using that Excel was not approved so Traps did a good thing. Management through the admin portal is visually pleasing and intuitive for most if the options.
Aspetti negativi:
We moved from on-prem installation to Cloud version of Traps. In the beginning the training options for the cloud version were almost non-existent. Even now, our training option was cancelled because of no other applicants for it. There is a free on-demand version of the training which I now will settle for. Managing the "Agent Installations" is not really intuitive.
Alternative considerate:
A double defense for threat: Cortex XDR
Commenti: Cortex Xdr is a comprehensive security solutions which help in improving the security posture of the organizations. It comes with advanced threat detection which help security team to focus on high priority incidents rather than wasting time on low severity incidents. Its friendly interface and customizable dashboard provides the clear visualization of incidents and easy to recognize the incidents. It can be integrated with soar as well as siem which allow security team to investigate. It has automated response which help in taking the action on incidents before the attack happen.
Aspetti positivi:
Cortex XDR is an extended version of XDR. The best thing in Cortex XDr is it has integrated threat detection which help in combining the endpoint, network, and even cloud data. It allow the comprehensive visibility and also provide the threat detection across the environment. It comes with automated response capabilities which make easier for security team to responds to threats quickly and efficiency. It has customizations dashboard as per the need of organizations and user. The best thing is it can be integrated with other security solutions like SIEM, SOAR. The best thing is support of Cortex, they provide the imidate reponse on High ticket and for medium they take 1-2 hr.
Aspetti negativi:
We face some challenges while configuring it, but with a proper security team we can achieve it. Its hard for the non technical guy or fresher to use it but with a proper training they can achieve it. Sometimes we face issues like false positive alerts, which can be decrease by proper investigation of incidents by security teams. It has limited integrations with third party tools. Sometimes it block the external devices even adding in excepptional but it can be solved by support team.
Difficult to get setup
Aspetti positivi:
Quick intrusion/threat detection, silent background running
Aspetti negativi:
Extremely difficult to roll out to company, was blocking company wide software such as 7-zip, was blocking Skype for Business messages, took forever to troubleshoot and properly roll out and install. In addition, the software does not have a great UI, it appears very serious and unnecessarily serious when detecting small threats
Alternative considerate:
Cortext XDR - Great Endpoint Protection and so much more.
Aspetti positivi:
Cortex made our network more secure. When we swapped from our previous anti-virus platform to Cortex XDR we started seeing things that had slipped past our old AV platform and was causing issues in our network. Cortex made it easy to locate and clean these machines and if needed it made it easy to isolate them until they were cleaned and approved to be put back on our network.
Aspetti negativi:
The biggest con for our team, being part of a public school system, is the cost. The cost of this platform compared to traditional anti-virus/endpoint protection platforms such as Avast, Symantec, etc. is very significant and we had to get a trial of this setup and running as a proof of concept to justify the cost difference to our board and county commission in order to get the money to purchase this product but it has definatley been worth it.
Alternative considerate:
Cortex XDR Review
Commenti: Cortex is a solid product. We haven't had any major complaints from the user community. We haven't had to unblock any major products that were perceived as spam at this point. Many other products tended to block updates to products due to the executable file not being recognized by their database. We haven' had that issue with Cortex.
Aspetti positivi:
Our team is responsible for the deployment of Cortex into our Mac and PC environment. The agent was very easy to distribute utilizing our Deployment Software tool. The dashboards provide an excellent view into what is active and reporting back to the tool. We haven't had any major whitelist issues between the tool and endpoints.
Aspetti negativi:
I would like to see the scan on demand option as an easy one-click process for end users so they can be pro-active.
Excellent product with great flexibility in terms of outcomes
Commenti: I evaluated this technology and compared it to other SOAR and NDR platforms in the space. We did choose Cortex XDR due to the use case coverage and close knit relationships with Palo's executive teams. Overall, very happy with the acquisition of this product line in our IT environment and the security program has benefited directly because of the day-to-day use of this product across a wide variety of business and technical use cases in our environment.
Aspetti positivi:
The ability to create custom playbooks and integrate APIs from disparate vendors was the highlight of our use of this product.
Aspetti negativi:
Customer support can be patchy. Also, depending on the use case being implemented, documentation and systems engineering support from Palo can vary. We were able to work through these issues being an Enterprise user for PANW, however, small to mid size companies may find the time to value to drag a fair bit.
Best AV I’ve Used
Commenti: It’s the most effective endpoint protection software I’ve used to date.
Aspetti positivi:
I’ve never seen it miss blocking actual malware. The hueristic analysis is also very accurate.
Aspetti negativi:
It often mistakes IT admin tools as malware. Which is understandable, albeit annoying.
Much better than signature based AV
Commenti: We needed a malware protection system that really worked. We had tried other AV programs but they would all fail at some point. We have had zero problems with workstations getting infected since using Traps.
Aspetti positivi:
Traps does not rely on AV signatures. It relies on detecting the programmatic exploits that virus writers use to infect PCs. It also uses the behavior of programs to detect malicious activity. And it really works. It has caught malicious infected documents, spyware, adware, and grayware trying to infect our systems. And it stops the programs cold. Also, the new version is cloud based so we can protect remote users.
Aspetti negativi:
The endpoint agent updating process is still not as automatic as I think it should be. But it has been vastly improved in the latest version.
Its a trap
Aspetti positivi:
The product works well. Its not a full solution although it can help hit compliance with legacy servers
Aspetti negativi:
it can be resource intensive and requires that some exploits run partially before being caught.
This is awesome
Aspetti positivi:
I like that this was a well designed product that pushed my org's concept of IT security
Aspetti negativi:
It's expensive. We had to work to find budget for this
Cortex XDR - verhaltensbasierte Thread Detection
Commenti:
Wir haben bisher nur gute Erfahrungen gemacht was die Erkennungsrate angeht.
Relativ wenige false positives und solide Erkennung schadhafter Prozesse.
Aspetti positivi:
Die verhaltensbasierte Echtzeiterkennung, die auch schadhafte laufende Prozesse beendet.
Aspetti negativi:
Relativ hungrig was Arbeitsspeicher angeht.
Cortex XDR
Commenti: Sehr ausgereiftes Produkt welches mit einer guten Darstellung überzeugt.Sehr gute Thread Erkennung.auch mit der lokalen Analyse (KI)
Aspetti positivi:
Gute Darstellung aller Clients und BedrohungenKlare Strukturen innerhalb des ProgrammsEinfache InstallationGute und einfache Update-Prozesse
Aspetti negativi:
Aktuell kann ich da nichts zu sagen. Wir sind aktuell sehr zufrieden mit dem Produkt
As a User I Don't Notice It, Which is Good
Aspetti positivi:
This software seems to have a light footprint on performance when running on computers. I have it running all the time on mine and I don't notice any performance hit as a result, which is good. It seems to work well on lower-end performing computers (i5 processor, 8GB RAM) as well as higher-end performing ones (e.g. i7 processor, 16GB+ RAM, etc).
Aspetti negativi:
No cons I can think of; however, I am only a user (not an admin), so I only see one side of this software, which looks good from my perspective. I don't notice it's running, which is the best you can hope for in a security product that's always running on your computer.
Good solution for Endpoint... but with comments
Commenti: The general experience is very positive. There have been hardly any incidents after almost 2000 deployments and, on the other hand, the level of protection and information on the endpoints has improved enormously.
Aspetti positivi:
In standard endpoints it works perfectly. Protects equipment easily and efficiently. It has support for most of the operating systems updated in a company and the false positive rate is acceptable
Aspetti negativi:
The need to be connected to the internet is a limitation of the product. Proxy-based architectures are not supported, which makes it impossible to use them for systems in network segments without internet access
Decent Anti-Virus
Commenti: It has been a pretty decent product overall. We used a management system to deploy it to out desktops and laptops. Wish they had a way to deploy it from the portal.
Aspetti positivi:
It was easy to deploy to the end users computers. Easy to manage from one location. Installing and activating the license was pretty easy and straight forward. It was a good solution to interface with our firewall.
Aspetti negativi:
I had it installed on a few desktops and servers during the testing period. The vendor had a page setup for us. But once we bought the software I had to un-install the trial verison and install it again with out license. You could do any type of upgrade.
Alternative considerate:
Next gen endpoint protection with some caveats
Commenti:
Overall, the product is promising offering next gen protection against 0 day attacks.
We found management interface needing improvement and features need to be added to cater for very big deployments.
Aspetti positivi:
We liked most the capability and detection rate of detecting malware and malicious behavior, even without internet.
Aspetti negativi:
Some software from known vendors were detected as false positive. Management interface lacks some nice to have features, specially for large deployment.