Reviews and Testimonials
Find out what third-party testers, analysts and customers have to say.
Recently, we experienced an attempt to download Cobalt Strike on one of our IT SolarWinds servers. Cortex XDR instantly blocked the attempt with our Behavioral Threat Protection capability...it became clear that the incident we prevented was an attempted SolarStorm attack.
- Nikesh Arora, CEO
01
Extended Visibility Across Data Sources
To minimize the chances of a successful attack, you need a holistic approach to detection and response that consolidates all datas sources, eliminates blind spots and ensures full visibility for analytics and investigations.
Cortex XDR is the industry’s first extended detection and response platform that natively integrates endpoint, network and cloud data to stop sophisticated threats like the SolarWinds attack.
Best-in-Class Attack Prevention
The first line of defense against any attack is the ability to shield your endpoints with a multi-layered prevention approach that blocks known and unknown malware, fileless attacks and exploits.
Cortex XDR integrates threat prevention, detection and response in a single, cloud-native agent. Critical pieces of its prevention toolbox are AI-driven local analysis and behavior-based protection that examine independent behaviours in the endpoint to spot the stealthiest endpoint threats. When Palo Alto Networks experienced an attempt to download Cobalt Strike on one of our IT SolarWinds servers, Cortex XDR was able to block the attempt with our Behavioral Threat Protection capability.
03
Lightning-fast Investigations
Today’s siloed security tools generate endless alerts with limited context. To reduce response times, security tools must provide a complete picture of incidents with rich investigative details.
Cortex XDR simplifies investigations significantly by automatically grouping hundreds of alerts into incidents, revealing the root cause, timeline of events and threat intelligence details from any alert source.
88%
faster investigations
with Cortex XDR by revealing the root cause and rich context of network, endpoint and cloud alerts.
98%
alert reduction
due to intelligent alert grouping and deduplication using Cortex XDR.
04
Analytics and Machine Learning
To evade today’s adversaries, security teams need not one but multiple layers of analytics capabilities deployed across all data sets. This comprehensive approach will allow security teams to leverage the power of machine learning in a number of defense stages.
Cortex XDR provides
- AI-driven local analysis to block malware
- Behavioral analytics to detect intrusions and active attacks
- Global analytics to improve detection accuracy and coverage
Coordinated Response
When you uncover a threat, you must stop it quickly. To root out adversaries and prevent their return, you need integrated and flexible response options.
Cortex XDR lets your security team instantly eliminate network, endpoint, and cloud threats from one console.
A Flexible Suite of Endpoint
Protection Features
You need an easy way to identify and prioritize endpoint risks, reduce your attack surface, and stop data loss.
Vulnerability Assessment
more info
Host Firewall
more info
Disk Encryption
more info
Device Control
more info
Cortex XDR provides comprehensive endpoint protection. It can be deployed with GlobalProtect network security for endpoints for threat prevention, URL filtering, and VPN.
07
Independent Testing and Industry Validation
When choosing a detection and response solution, you should always review third-party testing, analyst validation and customer testimonials.
Cortex XDR, the industry’s first extended detection and response platform, has achieved exceptional test results and garnered praise from analysts and customers. With unsurpassed attack technique coverage in the MITRE ATT&CK evaluation, and a “Strategic Leader” rating from AV-Comparatives, customers can trust Cortex XDR.
Autonomous Security Operations
Manual processes slow down incident response and increase the cost of security operations. Modern security teams should strive to automate as much work as possible through easy, playbook driven automation and leave room to focus on the real challenges.
Cortex XDR tightly integrates with Cortex™ XSOAR for orchestration and automation, allowing you to collaborate effectively across teams, streamline investigations with playbook-driven analysis, and automate response.
Rapid Pace of Innovation
To outpace fast-moving adversaries, you should look for vendors that continuously strengthen or expand their products’ capabilities.
Palo Alto Networks is committed to delivering the world’s best detection and response platform both today and in the future. As a result, Cortex XDR operates on a continuous release cycle with new features being delivered to customers to enhance security efficacy and coverage. As a proof point of our commitment, we promptly updated Cortex XDR to stop the SolarWinds supply-chain attack at every stage and to block variants and imitators.
10
Unparalleled Value and Return on Investment
When selecting a key element of your security infrastructure, you want to make sure it will provide demonstrable value. Cortex XDR does just this by.
- Leveraging your existing security tools as sensors for detection and response.
- Eliminating on-premises log servers with cloud deployment.
- Simplifying operations with data stitching, alert grouping and root cause analysis.
XDR lowers total cost of ownership 44%, on average, compared to traditional siloed tools.
