Cortex XDR 2026: Benefits, Features & Pricing

On this page

Overview
Pricing and Plans
Features
Integrations
User Reviews

Overview

Cortex XDR

4.4

(18)

Pricing

Pricing available upon request

About Cortex XDR

Cortex XDR (formerly Traps) is cloud-based and on-premise endpoint security solution, which assists security teams with threat detection and response management. Key features include malware protection, incident tracking, root cause analysis and records management.

The platform uses artificial intelligence and machine learning technology to collect data on endpoints, network and cloud, providing visibility to teams within the organization. It analyzes attack techniques and behaviours, prevents the launch of malicious executable files and blocks malware, exploits and ransomware. Additionally, it helps network administrators determine root cause of various threats to optimize triage and incident response, adapting defenses in real-time.

Cortex XDR integrates with various security applications such as WildFire, AlienVault USM, Cortex XDR and more. Its management service console enables administrators to review security events and analyze associated logs.

Support is provided via phone, email and other online measures.

Cortex XDR Screenshots

Cortex XDR Pricing and Plans

Starting price: Pricing available upon request

Free Trial

Free Version

Cortex XDR Features

Popular features found in Threat Intelligence
Activity Dashboard
API
Data Visualization
Monitoring
Prioritization
Real-time Alerts
Real-Time Reporting
Threat Response
Vulnerability Scanning
More features of Cortex XDR
Activity Tracking
AI/Machine Learning
Anti Virus
Application Security
Behavioral Analytics
Data Security
Device Management
Encryption
Endpoint Protection
Firewalls
Incident Management
Network Security
Real-Time Monitoring
Root Cause Analysis
Threat Intelligence
Web Threat Management

Cortex XDR Integrations

Cortex XSOAR

Cortex XDR User Reviews

Overall Rating

4.4

Ratings Breakdown

56%

33%

11%

Secondary Ratings

Ease of Use

4.1

Value for money

4.0

Customer support

4.6

Functionality

4.4

Verified

Reviewer

Computer & Network Security

51-200 employees

Used daily for less than 2 years

Review source

Reviewed January 2025

XDR for endpoint security is a game changer.

It has brought a security posture enhancement. Important audit related demands were fulfilled by querying on XDR dataset. It is accurate with work/policy assigned.

Ratings Breakdown

Ease of use

Value for money

Customer support

Functionality

Pros:

I am an administrator off this tool and it is a powerful tool with good capabilities. Seamless integration with other sensors, log ingestion and log stitching gives a brief story of an incident. It has remediation suggestions based on AI. XDR analytics and Behavioral detection feels promising to foil up ZERO day attack. We can also configure Co-relation rules. XQL provided by palo alto can be used to query the whole dataset and covers data that are not covered in UI.

Cons:

Costing is on heavy side, each feature has add-on license cost. UI takes time to understand. Policy structure is a bit rigid.

Jai P.

Verified reviewer

Computer & Network Security

51-200 employees

Used daily for less than 12 months

Review source

Reviewed November 2024

A double defense for threat: Cortex XDR

Cortex Xdr is a comprehensive security solutions which help in improving the security posture of the organizations. It comes with advanced threat detection which help security team to focus on high priority incidents rather than wasting time on low severity incidents. Its friendly interface and customizable dashboard provides the clear visualization of incidents and easy to recognize the incidents. It can be integrated with soar as well as siem which allow security team to investigate. It has automated response which help in taking the action on incidents before the attack happen.

Ratings Breakdown

Ease of use

Value for money

Customer support

Functionality

Pros:

Cortex XDR is an extended version of XDR. The best thing in Cortex XDr is it has integrated threat detection which help in combining the endpoint, network, and even cloud data. It allow the comprehensive visibility and also provide the threat detection across the environment. It comes with automated response capabilities which make easier for security team to responds to threats quickly and efficiency. It has customizations dashboard as per the need of organizations and user. The best thing is it can be integrated with other security solutions like SIEM, SOAR. The best thing is support of Cortex, they provide the imidate reponse on High ticket and for medium they take 1-2 hr.

Cons:

We face some challenges while configuring it, but with a proper security team we can achieve it. Its hard for the non technical guy or fresher to use it but with a proper training they can achieve it. Sometimes we face issues like false positive alerts, which can be decrease by proper investigation of incidents by security teams. It has limited integrations with third party tools. Sometimes it block the external devices even adding in excepptional but it can be solved by support team.

Reasons for choosing Cortex XDR

Cortex Xdr support is best than trend micro and other tool. It comes with integration of SIEM and SOAR tool. Its threat intelligence help to identify threat faster than other,

Davesh M.

Verified reviewer

Computer Software

501-1000 employees

Used daily for less than 6 months

Review source

Reviewed April 2019

Difficult to get setup

Ratings Breakdown

Ease of use

Functionality

Pros:

Quick intrusion/threat detection, silent background running

Cons:

Extremely difficult to roll out to company, was blocking company wide software such as 7-zip, was blocking Skype for Business messages, took forever to troubleshoot and properly roll out and install. In addition, the software does not have a great UI, it appears very serious and unnecessarily serious when detecting small threats

Shawn O.

Verified reviewer

Primary/ Secondary Education

501-1000 employees

Used daily for more than 2 years

Review source

Reviewed October 2023

Cortext XDR - Great Endpoint Protection and so much more.

Ratings Breakdown

Ease of use

Value for money

Customer support

Functionality

Pros:

Cortex made our network more secure. When we swapped from our previous anti-virus platform to Cortex XDR we started seeing things that had slipped past our old AV platform and was causing issues in our network. Cortex made it easy to locate and clean these machines and if needed it made it easy to isolate them until they were cleaned and approved to be put back on our network.

Cons:

The biggest con for our team, being part of a public school system, is the cost. The cost of this platform compared to traditional anti-virus/endpoint protection platforms such as Avast, Symantec, etc. is very significant and we had to get a trial of this setup and running as a proof of concept to justify the cost difference to our board and county commission in order to get the money to purchase this product but it has definatley been worth it.

Reasons for choosing Cortex XDR

Multiple reasons to be honest and different reasons for each of the competitors. For some of the competitors they got ruled out because of a lack of features or analytics that we wanted to see. Others was ruled out because they did not offer a large enough of an educational discount to get the price down within the budget that we had to work with.

Reasons for switching to Cortex XDR

Cortex XDR was more secure and provided more valuable information and analytics than our previous product.

Jerome J.

Verified reviewer

Health, Wellness and Fitness

201-500 employees

Used daily for less than 2 years

Review source

Reviewed October 2021

Cortex XDR Review

Cortex is a solid product. We haven't had any major complaints from the user community. We haven't had to unblock any major products that were perceived as spam at this point. Many other products tended to block updates to products due to the executable file not being recognized by their database. We haven' had that issue with Cortex.

Ratings Breakdown

Ease of use

Functionality

Pros:

Our team is responsible for the deployment of Cortex into our Mac and PC environment. The agent was very easy to distribute utilizing our Deployment Software tool. The dashboards provide an excellent view into what is active and reporting back to the tool. We haven't had any major whitelist issues between the tool and endpoints.

Cons:

I would like to see the scan on demand option as an easy one-click process for end users so they can be pro-active.

Reasons for choosing Cortex XDR

Cortex is a lighter client than the alternatives. The agents are less chatty between the endpoints and the server. And the overall cost was significantly better.

Reasons for switching to Cortex XDR

Cortex is a lighter client and is less chatty between endpoints and the server.

Shitij S.

Verified reviewer

Information Services

10000+ employees

Used monthly for less than 2 years

Review source

Reviewed June 2021

Excellent product with great flexibility in terms of outcomes

I evaluated this technology and compared it to other SOAR and NDR platforms in the space. We did choose Cortex XDR due to the use case coverage and close knit relationships with Palo's executive teams. Overall, very happy with the acquisition of this product line in our IT environment and the security program has benefited directly because of the day-to-day use of this product across a wide variety of business and technical use cases in our environment.

Ratings Breakdown

Ease of use

Value for money

Customer support

Functionality

Pros:

The ability to create custom playbooks and integrate APIs from disparate vendors was the highlight of our use of this product.

Cons:

Customer support can be patchy. Also, depending on the use case being implemented, documentation and systems engineering support from Palo can vary. We were able to work through these issues being an Enterprise user for PANW, however, small to mid size companies may find the time to value to drag a fair bit.

Reasons for choosing Cortex XDR

Ease of use, existing use of their product lines in our environment, and degree of coverage in terms of our key use cases.

Reasons for switching to Cortex XDR

We were not happy with the use case coverage and were spending a lot of money on a wide set of security vendors. Our portfolio teams undertook an applications rationalization effort, which is what prompted our evaluation and move to Cortex.

Karl M.

Verified reviewer

Banking

201-500 employees

Used daily for less than 12 months

Review source

Reviewed January 2025

Rock solid EDR product with high accuracy

The product is rock solid and gets latest threat intel feed from around the world so that it stays current against 0-day threats amongst other new intrusion techniques.

Ratings Breakdown

Ease of use

Value for money

Customer support

Functionality

Pros:

We were thoroughly impressed by the speed of detection and accuracy of detection from their EDR component.

Cons:

As of right now, there isn't any. Perhaps the UI can be more modernized.

Verified

Reviewer

Fund-Raising

501-1000 employees

Used weekly for less than 2 years

Review source

Reviewed September 2019

Good Endpoint Security Solution

Traps is good software to have. It did stop some malicious software that was downloaded.

Ratings Breakdown

Ease of use

Value for money

Customer support

Functionality

Pros:

This product doesn't do the old-fashioned signature based detection, but works by observing attack technique and behaviors. One of our workers had an Excel document which tried to reference some command line software to manipulate data. Of course this is very much how a virus could work, so Traps blocked it. Although this was a false positive, the solution using that Excel was not approved so Traps did a good thing. Management through the admin portal is visually pleasing and intuitive for most if the options.

Cons:

We moved from on-prem installation to Cloud version of Traps. In the beginning the training options for the cloud version were almost non-existent. Even now, our training option was cancelled because of no other applicants for it. There is a free on-demand version of the training which I now will settle for. Managing the "Agent Installations" is not really intuitive.

Reasons for choosing Cortex XDR

Part of a big package of Palo Alto offerings, so price was interesting but also tests we did were good.

Verified

Reviewer

Computer & Network Security

501-1000 employees

Used other for less than 12 months

Review source

Reviewed December 2018

Its a trap