---
title: Palo Alto Cortex XSIAM Reviews
meta_title: 'Palo Alto Cortex XSIAM Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter 73 reviews by the users' company size, role or industry to
  find out how Palo Alto Cortex XSIAM works for a business like yours.
aggregate_rating:
  rating_value: 4.4
  review_count: 73
  scale: '5'
date_modified: '2026-07-04'
parent_category:
  name: System Security
  url: https://www.g2.com/categories/system-security
---

# Palo Alto Cortex XSIAM Reviews
**Vendor:** Palo Alto Networks  
**Category:** [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem)  
**Average Rating:** 4.4/5.0  
**Total Reviews:** 73
## About Palo Alto Cortex XSIAM
Product Description: Palo Alto Networks&#39; Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture.



## Palo Alto Cortex XSIAM Pros & Cons
**What users like:**

- Users find Palo Alto Cortex XSIAM to be **easy to understand and user-friendly** , enhancing their security product integration experience. (50 reviews)
- Users value the **effective threat detection** capabilities of Palo Alto Cortex XSIAM, identifying both known and unknown risks. (37 reviews)
- Users value the **easy integrations** with multiple systems, enhancing the functionality and efficiency of Palo Alto Cortex XSIAM. (28 reviews)
- Users value the **rapid incident response capabilities** of Palo Alto Cortex XSIAM, enhancing overall cybersecurity effectiveness. (27 reviews)
- Users appreciate the **intuitive dashboard and easy threat detection** features of Cortex XSIAM, enhancing overall security management. (27 reviews)
- Monitoring (26 reviews)
- Users appreciate the **easy integrations** of Palo Alto Cortex XSIAM, enhancing their overall security management experience. (25 reviews)
- Detection Efficiency (18 reviews)
- Users value the **intuitive user interface** of Palo Alto Cortex XSIAM, enhancing their overall understanding and usability. (18 reviews)
- Customer Support (14 reviews)

**What users dislike:**

- Users find the **cost of Palo Alto Cortex XSIAM to be prohibitively expensive** , affecting its overall value and accessibility. (28 reviews)
- Users find the **difficult learning** curve of Palo Alto Cortex XSIAM challenging, especially for non-technical users. (17 reviews)
- Users find the **complexity** of Palo Alto Cortex XSIAM overwhelming, requiring significant time and expertise to effectively manage. (14 reviews)
- Users face significant **integration issues** with Palo Alto Cortex XSIAM, affecting overall usability and performance negatively. (14 reviews)
- Users face **significant UX challenges** with Palo Alto Cortex XSIAM, citing a less intuitive interface and limited customization. (12 reviews)
- Learning Curve (10 reviews)
- High Resource Usage (9 reviews)
- Poor Customer Support (9 reviews)
- Users find the **resource-intensive nature** of Palo Alto Cortex XSIAM burdensome, impacting costs and performance efficiency. (9 reviews)
- Slow Performance (9 reviews)

## Palo Alto Cortex XSIAM Reviews
  ### 1. Palo Alto Cortex XSIAM Streamlines SOC Work with Smart Noise Reduction and Automation

**Rating:** 5.0/5.0 stars

**Reviewed by:** Rohan K. | Senior Azure devops engineer , Enterprise (> 1000 emp.)

**Reviewed Date:** April 14, 2026

**What do you like best about Palo Alto Cortex XSIAM?**

I’ve been using Palo Alto Cortex XSIAM for a while now, and honestly it has made a big difference in how we handle security operations. The platform brings everything into one place, so I don’t have to jump between multiple tools anymore. What I like the most is how well it reduces alert noise and highlights only the important threats, which saves a lot of time. The automation is very helpful too—it speeds up investigation and response without much manual effort. Overall, it feels reliable, efficient, and makes daily SOC work much smoother.

**What do you dislike about Palo Alto Cortex XSIAM?**

While I’ve had a positive experience overall with Palo Alto Cortex XSIAM, there are a few areas that could be improved. The platform can feel a bit complex at first, especially during the initial setup and onboarding phase, which may require time and proper training to fully understand all its capabilities. Additionally, customization and fine-tuning certain workflows can sometimes be less intuitive than expected. In some cases, the resource usage and cost considerations can also be a concern for smaller teams. That said, once you get past the learning curve, it becomes much more manageable and effective in daily operations.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Using Palo Alto Cortex XSIAM has really helped solve the challenge of handling too many alerts and disconnected security tools in our environment. Earlier, it was difficult to correlate data and prioritize real threats, which slowed down our response time. With XSIAM, everything is centralized and powered by AI, so it automatically filters noise and highlights the most critical issues. This has significantly improved our efficiency, reduced manual effort, and allowed us to respond to incidents much faster. Overall, it has made our security operations more streamlined, proactive, and much easier to manage.

  ### 2. Data Automation, and AI Analytics for Faster Incident Response

**Rating:** 4.5/5.0 stars

**Reviewed by:** Ahmad O. | Security Design and Estimation Engineer, Mid-Market (51-1000 emp.)

**Reviewed Date:** April 23, 2026

**What do you like best about Palo Alto Cortex XSIAM?**

What stands out most about Palo Alto Cortex XSIAM is its ability to unify data, automation, and AI-driven analytics into a single platform. It significantly reduces manual effort by automating threat detection and response, while providing deep visibility across the entire security environment. This leads to faster incident resolution and stronger overall security posture.

**What do you dislike about Palo Alto Cortex XSIAM?**

complexity, especially during initial deployment and tuning. It often requires skilled resources to configure properly, and the learning curve can be steep for new users. Additionally, the cost can be high compared to other solutions, which may not be ideal for smaller organizations.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

It solves problems like too many security alerts, disconnected tools, and slow incident response.

  ### 3. Great unified console, but too expensive compared to alternatives

**Rating:** 2.5/5.0 stars

**Reviewed by:** sagar p. | AVP, Enterprise (> 1000 emp.)

**Reviewed Date:** February 23, 2026

**What do you like best about Palo Alto Cortex XSIAM?**

One single console for all the solution for endpoints , network and cloud data.
Count of false positive is reduced with help of system learning
Integration is very easy with other tools

**What do you dislike about Palo Alto Cortex XSIAM?**

Very expensive as compared to other solution
Console is very complex and takes time to understand
There are to many various options due to which complexity is increased
Support is a major concern

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Protection agents real time threats which is much more beneficial than other vendors

  ### 4. A strong security platform for Advanced Automation

**Rating:** 4.5/5.0 stars

**Reviewed by:** Rakshitha T. | Technical engineer, Mid-Market (51-1000 emp.)

**Reviewed Date:** March 12, 2026

**What do you like best about Palo Alto Cortex XSIAM?**

What I like is how it combines multiple security tools into one platform and automates threat detection and response which saves a lot of time for security teams.

**What do you dislike about Palo Alto Cortex XSIAM?**

The main downside is its high cost and complexity.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

It solves the problem of siloed security tools and large volumes of alerts.

  ### 5. IBM Qradar review

**Rating:** 5.0/5.0 stars

**Reviewed by:** Sameer K. | Vice President Cyber Security &amp; Infrastructure Risk, Enterprise (> 1000 emp.)

**Reviewed Date:** September 14, 2024

**What do you like best about Palo Alto Cortex XSIAM?**

It helps into deep packet inspection to identify threat as well correlate the data for analysis and threat hunting.

**What do you dislike about Palo Alto Cortex XSIAM?**

Cannot handle large data sets requires and ELK for data injections, memory intensive which increases the chances of instability, the latest version doesn't have a gpt kind of functions which helps adminstrator run simple query to get output as not every one can learn the query language

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Qradar help provide a good siem function which strengthen our society team in deep packet analysis to identify threats and help mitigate via incident response.

  ### 6. Grandpa QRadar

**Rating:** 3.0/5.0 stars

**Reviewed by:** Flore v. | Mid-Market (51-1000 emp.)

**Reviewed Date:** April 11, 2024

**What do you like best about Palo Alto Cortex XSIAM?**

I like building use cases in QRadar. The logic is easy to understand, parsing has several options and a lot is possible to make custom use cases.

**What do you dislike about Palo Alto Cortex XSIAM?**

It's so slow (hence Grandpa QRadar). If you ask it to move too fast it will fall down. Adjusting use cases, especially multiple in a row, is so slow that I can read a book in the meantime. It makes me work slower.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Integrating a multitude of log sources from several customers and making custom use cases on that. It's nice that QRadar integrates different log sources and I can parse custom fields and make reference sets to improve/make use cases.

  ### 7. Qradar: Best SIEM tool for Monitoring Endpoints & Cloud

**Rating:** 5.0/5.0 stars

**Reviewed by:** Rohan G. | Mid-Market (51-1000 emp.)

**Reviewed Date:** July 06, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

Basically Qradar is a SIEM Tool which is made by IBM, by using Qradar we can monitor our endpoints as well as cloud.

Alerts from Endpoints will come under Events and activity related to networking will come under Flows.

If it find any suspicious activity then it will create Offense.

So if i want to investigate any incident for that you can go to offense it contains rich information.

So you can also integrate Qradar with Qradar SIEM for Automation purpose.

**What do you dislike about Palo Alto Cortex XSIAM?**

So if you are new to Qradar SIEM, first you need to understand the general architecture of Qradar then all features of Qradar.

Although it gives us variety of features Qradar is more costly than any other tool.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

So if your organisation needs a SIEM helps us monitor endpoints, network analysis and Cloud Monitoring then one can Qradar SIEM tool using this tool we can monitor our whole infrastructure.

  ### 8. A practical experience

**Rating:** 5.0/5.0 stars

**Reviewed by:** Renata C. | Mid-Market (51-1000 emp.)

**Reviewed Date:** November 30, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

I like the reliability of the tool and although a SIEM is not a simple tool to handle, IBM Qradar is quite intuitive.

**What do you dislike about Palo Alto Cortex XSIAM?**

The tool could be more customizable (offense screen, for example) and the reports could have a more user-friendly appearance.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Attend to multiple clients and bring vision to the events

  ### 9. QRadar Needs Improvement

**Rating:** 3.0/5.0 stars

**Reviewed by:** Verified User in Financial Services | Mid-Market (51-1000 emp.)

**Reviewed Date:** August 18, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

Central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as alerting and actual monitoring does not have all of the features and customizations required to be an actual SIEM.

**What do you dislike about Palo Alto Cortex XSIAM?**

Central log management is very effective, but the assimilation of the data and ability to make the data actionable is somewhat lacking as alerting and actual monitoring does not have all of the features and customizations required to be an actual SIEM.  Better alerting and monitoring with the ability to customize reporting and alerting specifically tailored to an organization is not implicitly available with QRadar.  The user interface is somewhat clunky and needs to have better enhancements to compete with other SIEM solutions.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Centralized log management for monitoring and alerting. While QRadar when it was independent prior to the acquisition by IBM was ahead of its competitors, it seems that the enhancements and features that were supposed to be implemented and developed got lost in the acquisition.  Rather than logs displaced in multiple data stores, QRadar does a great job of centrally maintaining all of the logs.

  ### 10. Good Cybersecurity Tool

**Rating:** 4.5/5.0 stars

**Reviewed by:** Rahul P. | Consultant, Enterprise (> 1000 emp.)

**Reviewed Date:** August 17, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

Once configured with appropriate rules and configuration as per our requirement then QRadar is one of the best tool which will give each and evry important information/incident/report from your whole environment.

**What do you dislike about Palo Alto Cortex XSIAM?**

I don't find much problem in QRadar, its one of the popular tool in SIEM technology. But if you have not configured it properly then it would give many false possitive which will make your life dificult.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

QRadar gives appropriate alerts and reports to monitor complete environment which will make Cybersecurity person life easy. You will get all view of information moving accross complete networks of all the applications along with the actions who/why/whom etc.

  ### 11. Good SIEM Soltuion with Great features and it keeps on updating.

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.)

**Reviewed Date:** May 13, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

QRadar is one of the best SIEM solution I have ever worked. First of all, The deployment of the solution is quite easy compared with other SIEM solutions. Integration of Flows in addition the events makes it unique from other SIEM solutions. Integration of log sources with the QRadar is really easy and the current versions have DSM editor feature, which makes us easy to write custom parser. Processing capabilities in QRadar really strong, CRE works without any issues. We can also integrate several third party apps which is also an addition advantage. The conventional dashboards are not attractive however, new Pusle Dashboard gives a great visibility. Also, the conventional user interface is nor really attractive, but there is an app called analyst workflow, with that it is also sorted. One important drawback of this product is the vendor support, some technicians doesn't actually check the issue in detail and ask us to upgrade the product simply and response time is also not that good."

**What do you dislike about Palo Alto Cortex XSIAM?**

Vendor support is bad, Often for issues, they ask us to upgrade the device without checking for actual solutions.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Threat Detection and Monitoring: QRadar SIEM collects and analyzes vast amounts of security event data from various sources, such as network devices, servers, applications, and endpoints. It uses advanced analytics and correlation techniques to identify security incidents and potential threats in real-time. By detecting and alerting on malicious activities promptly, it enables organizations to respond swiftly and prevent potential damage.

  ### 12. A powerful siem solution

**Rating:** 5.0/5.0 stars

**Reviewed by:** Gemini  D. | Mid-Market (51-1000 emp.)

**Reviewed Date:** August 01, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

IBM security qradar siem has great features like log ingestion.
Advanced threat detection capabilities.
Analytics monitor threat Intel, network and user behavior anomalies to prioritize where immediate attention and remediation is needed.

**What do you dislike about Palo Alto Cortex XSIAM?**

It could be a problem with my side but the platform becomes slow to respond when working on huge amounts of data.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

IBM security qradar siem provides real time visibility into our IT infrastructure which helps in threat detection and prioritization.

  ### 13. IBM Security QRadar SIEM:  Good Dashboard and presets

**Rating:** 3.5/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.)

**Reviewed Date:** November 30, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

The  Dashboard and presets were the best prebuilt factor of this software.   We did a lot of threat hunting and using the NDR.

**What do you dislike about Palo Alto Cortex XSIAM?**

Need Cloud which is coming soon.  Needs a SaSS product feature instead of just classic.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Visiblity into Network traffic and logging.

  ### 14. Excellent tool and user friendly

**Rating:** 4.5/5.0 stars

**Reviewed by:** PRASHANT KUMAR P. | Senior cybersecurity analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** May 17, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

Log ingestion and querying is the best feature in qardar. It has best user interface and anyone can make the query easily. Best tool keep your environment secure.

**What do you dislike about Palo Alto Cortex XSIAM?**

sometimes it is slow, when you ingest large amount of data or run a queury for longer time. they can increase the memory. support can be improved otherwise a best siem tool available in the market.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

It's helping to keep our environment secure. Analyst can do their analysis in details and can mitigate the issue based on the logs. IR and threat can be done on qradar.

  ### 15. QRadar Review

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.)

**Reviewed Date:** May 22, 2023

**What do you like best about Palo Alto Cortex XSIAM?**

The Rules building system now using QRadar Case Manager app is very useful!

**What do you dislike about Palo Alto Cortex XSIAM?**

The old GUI view and the heavy code that need heavy hardware.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

The data segregation for MSSP like rules, searches etc...

  ### 16. Qradar Siem is user friendly gui, and avail with multiple application.

**Rating:** 5.0/5.0 stars

**Reviewed by:** Gautam K. | Cyber Security Engineer (Soc Admin) , Enterprise (> 1000 emp.)

**Reviewed Date:** April 03, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

The application and monitoring tools also ucm is best for tool creation.pulse and use case manager is the best feature which ever i like in qradar, dashaboard is the tab which we can see all important things over here.

**What do you dislike about Palo Alto Cortex XSIAM?**

In qradar the building block,use case manager and Rule crieation is quite difficult for understanding, currently i am facing isse with threat Intelligence app, in that the download tab is note working properly.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Pls share error documention, because i have faved issue while installation it hits bug.Also i have worked with Thret feed document its casing error.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Threat Intelligence application download tab is note working, so i have continues working with IBM support team,apphost is another application we are facing isse.

  ### 17. Best security IBM service provider

**Rating:** 5.0/5.0 stars

**Reviewed by:** Faheem Ul Hasan A. | Security Professional, Enterprise (> 1000 emp.)

**Reviewed Date:** July 02, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Best security alert and safeguarding without a physical security guard. That is most important in the digital world of 25th-century security. Safe and secure IT security.

**What do you dislike about Palo Alto Cortex XSIAM?**

Sometimes the password is missing, or if you enter the password, it clicks another button on the reader. There must be a button with a light and slightly larger to touch and read easily.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Best IT secure reader system

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Change or provide an online solution immediately. Work very fast and secure. IBM Qsecurity reader is best for doors and sensitive places to cover. Easy to install and good to use.

  ### 18. IBM QRadar

**Rating:** 4.0/5.0 stars

**Reviewed by:** Mohit V. | Senior Information Technology Security Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** August 08, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Its a good SOC tool, and comes with a lot of handy features and functionalitied. 
Captures data from multiple resources over the network and auto generates red flags.
I feel its comparitively better than other tools like splunk and provides better working flexibility.

**What do you dislike about Palo Alto Cortex XSIAM?**

I feel lots of functionality in a tool makes it difficult to manage on the UI and a lot of unrequired features can be provided as an addon which could be installed whenever required.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

centralised tool to collect all infrastructure details, network details and security vulnerabilities as well and helps managing large chunks of data in an organised manner and which can be used in multiple ways.

  ### 19. One of the best SIEM tools we at Ebryx have ever used.

**Rating:** 5.0/5.0 stars

**Reviewed by:** Syed Muhammad Hussain M. | Cyber Security Engineer, Mid-Market (51-1000 emp.)

**Reviewed Date:** June 07, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

The ability to engineer custom Log Collectors as well as use HTTP Receivers to utilize integrations with other third-party tools like Cloudflare and the availability of tool specific certifications.

**What do you dislike about Palo Alto Cortex XSIAM?**

The overall graphical user interface of this Security Information and Event Management tool is not up to mark when compared with other tools. The pricing is also well above average.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Learn how to utilize Custom Data Connectors for third-party app integrations.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

The Security team at Ebryx has integrated IBM Security QRadar on all of our Financial Technology-based clients and so far we have not discovered any mishaps of any kind.

  ### 20. IBM Security QRadar

**Rating:** 5.0/5.0 stars

**Reviewed by:** Tristan Ray L. | Ethical Hacker, Small-Business (50 or fewer emp.)

**Reviewed Date:** March 26, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

The most helpful about IBM Security QRadar as it provides a non-technical overview of endpoint and user activity as well as monitoring in a graphical user interfac.

**What do you dislike about Palo Alto Cortex XSIAM?**

There's nothing I dislike about the product as the security control provided by the product is what is currently essential on the threat landscape. As a security practitioner, detection and response as part of the layer of defense in depth is crucial for mitigating the risks that organizations are constantly facing daily as attacks have been more vivid about detection and response

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

IBM Security QRadar would solve the detection and response layer of defense an organization needs as it is the most critical security control an organization can have to be able to address the security policies that it requires. The benefits in regards to IBM Security Qradar is that it is a multipurpose security control combined into one platform that makes it easier to manage than having multiple GUIs that doesn't provide a analytical comparison between different sources of data or logs.

  ### 21. I love Qradar for its reliability

**Rating:** 4.5/5.0 stars

**Reviewed by:** Alex S. | Senior Infrastructure Engineer, Mid-Market (51-1000 emp.)

**Reviewed Date:** August 17, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

We feel safer everyday. Qradar protects our IT infrastructure and in case of any threats it send alerts with reports and the likely possible outcome plus ways to mitigate the risk

**What do you dislike about Palo Alto Cortex XSIAM?**

Qradar is a great and advanced solution that require documentation for beginners to use to learn the software

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

What Qradar gives us everyday is complete protection from outside threats, protection from data leaks, and remote management of devices that are connected to the company

  ### 22. An extremely powerful tool that makes system administration simpler and easier

**Rating:** 5.0/5.0 stars

**Reviewed by:** Hà T. | Cyber Security Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** June 26, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

IBM Security Qradar helps administrators monitor system details, processes as well as the activities of agents in their system, making it easier for administrators to analyze logs. From there, administrators can detect attacks on the system early.

**What do you dislike about Palo Alto Cortex XSIAM?**

The initial installation cost and license fee are quite large, so it is not suitable for agencies and organizations with network systems.
small and medium scale with limited resources

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

SIEM helps to manage, collect and analyze logs easily and efficiently to help detect possible cyber attacks against the system early, reducing the damage and risks that the organization may face. right if attacked.

  ### 23. A Great SIEM Solution

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 31, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

QRadar offers alot of different applications that enriches the alerts receieved from the rules defined. It allows integrations with threat intelligence sources such as X-Force.

**What do you dislike about Palo Alto Cortex XSIAM?**

I think that the deployment and maintenance of qradar is sometime abit demanding.
This translates to quite intensive support from integrators (even though we have a very good understanding in QRadar's system administration.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

I really recommend the product. just keep in mind that it is not SaaS and have infrastructure cost implications.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Allows log collection, parsing and eventually monitoring (based on rules we define).
There are also alot of out-of-the-box rules and parsing mechanisms existing for many

  ### 24. IBM QRadar, Advanced Security

**Rating:** 4.5/5.0 stars

**Reviewed by:** Meherzad J. | SOC Analyst, Mid-Market (51-1000 emp.)

**Reviewed Date:** July 25, 2020

**What do you like best about Palo Alto Cortex XSIAM?**

Available Templates for rules and building blocks, categorisation of domain and tenants and DSM Editor. Auto integration of large no of devices. UBA, its AI models are phenomenal

**What do you dislike about Palo Alto Cortex XSIAM?**

GUI needs few user friendly moves like navigating back to original page and not the home page of offences, no support for huawei devices, overall complexity of the tool.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

QRadar has been instrumental in our fight against cyber threats. It helps identify and mitigate the threats effectively in a short time.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Better insider view
Great ROI
Improved loopholes in security, overall resulting in increadd uptime of services.
Identifying vulnerabilities

  ### 25. IBM Security QRadar one of the best SIEM Solution

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.)

**Reviewed Date:** July 22, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

What I like about IBM Security QRadar is that it can be managed in cloud that helps us detect any cyber security attacks and network breaches. Also, the detailed logging data that we collect usung this.

**What do you dislike about Palo Alto Cortex XSIAM?**

What I really dislike about IBM Security QRadar is that, you need to invest on it and spend money to have this. Because, IBM Security QRadar is really an expensive one.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

The common issues and troubleshooting that we always encounter is the auto patching or auto update problem of the versions. We experienced update download errors but the work around is that we always check for au-cert and that so much benefiting us.

  ### 26. A Great  SIEM Solution for your SOC

**Rating:** 4.5/5.0 stars

**Reviewed by:** Pradeep G. | Security Engineer II, Enterprise (> 1000 emp.)

**Reviewed Date:** May 04, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Easy filtering of logs, Reporting, Alerting, User-friendly interface, Quick filtering and sorting, User and Entity Behavior Analytics,

**What do you dislike about Palo Alto Cortex XSIAM?**

The administration is not easy, there is documentation provided but, one can still face issues in the administration because of its complexity.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Incident Handling, Reporting, Log Collection, Alerting etc.
It is easy to handle incidents using this tool, one can easily fetch reports with filters, easy monitoring of logs from different devices.

  ### 27. Qradar user since 2015

**Rating:** 4.0/5.0 stars

**Reviewed by:** Khaled S. | IT Security Officer, Mid-Market (51-1000 emp.)

**Reviewed Date:** May 27, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

IBM X Force is by far the most valuable addition to the already complete SOC solution that Qradar is, AI to be added to the product is very exciting

**What do you dislike about Palo Alto Cortex XSIAM?**

need probably better integration with third-party products and faster development of the product to meet evolving security threats

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

centralized view of the threat landscape and automated response makes my life as IT Security officer much easier, reporting function is also very useful

  ### 28. IBM security QRadar

**Rating:** 5.0/5.0 stars

**Reviewed by:** Tabarak  K. | Moderator, Small-Business (50 or fewer emp.)

**Reviewed Date:** June 24, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Its is really fast So it detects threats faster than any other.

Its automated with AI

**What do you dislike about Palo Alto Cortex XSIAM?**

I guess according to me its not that much user-friendly if a News user in the feild uses this project it will be a little challenging

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Anti money laundering
Audit managementEthics and compliance learning 
Policy management
Risk management

  ### 29. Admin

**Rating:** 4.0/5.0 stars

**Reviewed by:** Avi L. | Security Administrator, Mid-Market (51-1000 emp.)

**Reviewed Date:** April 10, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Integration to a lot of applications.
Can be connected directly to the FW, 

Very easy the search for any logs, easy filters

**What do you dislike about Palo Alto Cortex XSIAM?**

The search is a little bit slow, but it can be upgraded to big data, and it can help.


A bit accepted in the creation of "playbooks"

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

One central place in which we consolidate all the logos of information security systems and also systems that are related to the user's activity, and the creation of rules over all the logs

  ### 30. SOC Review

**Rating:** 4.0/5.0 stars

**Reviewed by:** Pankaj R. | Senior Security Analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** July 01, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

LOG Correlation is up to the mark as use case.

**What do you dislike about Palo Alto Cortex XSIAM?**

Integration of devices and logs mechanism is difficult.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Yes

  ### 31. Best in class

**Rating:** 5.0/5.0 stars

**Reviewed by:** Manish K. | Technical Lead, Enterprise (> 1000 emp.)

**Reviewed Date:** July 01, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Ease of use, Clean USER INTERFACE, Fast export, many reporting criteria.

**What do you dislike about Palo Alto Cortex XSIAM?**

Some queries takes time to pull the intended result / report.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Day to day incident reporting and investigative huge logs made life easy with QRADAR.

  ### 32. Best XDR in the market!!

**Rating:** 5.0/5.0 stars

**Reviewed by:** Emmanuel D. | IT Security Solution Support , Mid-Market (51-1000 emp.)

**Reviewed Date:** May 28, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

IBM Security QRadar has always been helpful to us in terms of monitoring any suspicious or malicious activity within our clients premise.

**What do you dislike about Palo Alto Cortex XSIAM?**

So far i don't have anything to dislike about the product.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

It helps our SOC to monitor a huge number of events and lets them correlate it for better reporting

  ### 33. IBM security QRadar one of best enterprise wide solution for SIEM

**Rating:** 3.0/5.0 stars

**Reviewed by:** Verified User in Accounting | Small-Business (50 or fewer emp.)

**Reviewed Date:** August 08, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Time to valuon on-primises qradar achived full operational status less then three month and it collect more logs  , maintain controls and and qradar on cloud.

**What do you dislike about Palo Alto Cortex XSIAM?**

Product is very slow .data proccing is very slow

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Security innovation event managment system is excellent

  ### 34. Experience many SIEM Tool but QRadar is quit simple and easy to use understand the. GUI.

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.)

**Reviewed Date:** May 14, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

It's Convenient and ease of use and anybody easily use this tool within couple of days

**What do you dislike about Palo Alto Cortex XSIAM?**

Nothing such till now as  per my use .Good to use .

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Yes Please if your Organization requires the best SIEM tool to Integrate your Application server &other devices and monitor and gets the most true Positive alert and protect your org .
QRadar is the best one.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

IOC ALERT ,day to day Malicious at attack to over org system servers and endpoints.

  ### 35. IBM QRqdar review

**Rating:** 4.0/5.0 stars

**Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.)

**Reviewed Date:** June 26, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Best to stop the threats incoming or outgoing

**What do you dislike about Palo Alto Cortex XSIAM?**

Need to look up on the zero day vulnerability

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

The /var/log partition continues to operate when disk usage reaches 100%. However, log data might not be written to the disk, which might affect IBM QRadar startup processes and components.

  ### 36. Intelligent security analytics for actionable insight into the most critical threats.

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.)

**Reviewed Date:** July 17, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Provides a most comprehensive view of IT infrastructure with Security Intelligence and a holistic approach to detect and respond to sophisticated threats.

**What do you dislike about Palo Alto Cortex XSIAM?**

Nothing was encountered that gave a bad experience.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Enables to unfold the unknown threats.

  ### 37. Excellent XDR

**Rating:** 3.5/5.0 stars

**Reviewed by:** Verified User in Management Consulting | Mid-Market (51-1000 emp.)

**Reviewed Date:** June 24, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Most of the tools needed are in one platform. Which simplify the operations overall

**What do you dislike about Palo Alto Cortex XSIAM?**

Our personnel must be familiar with networking to operate it

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Should consider an on-premise architecture

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

They provide alerts to threats which helpful in our security posture

  ### 38. IBM Qradar best for threat hunting

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Security and Investigations | Small-Business (50 or fewer emp.)

**Reviewed Date:** June 04, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Qradar is pack of security tools , provide strong security to its vendor and stakeholders

**What do you dislike about Palo Alto Cortex XSIAM?**

Cost + package + harder to implement in terms of inhouse team

**Recommendations to others considering Palo Alto Cortex XSIAM:**

For threat hunting + threat intelligence i prefer qradar

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Threat hunting + threat intelligence + VAPt

  ### 39. It's an advanced siem tool for security operations

**Rating:** 4.5/5.0 stars

**Reviewed by:** Munigala R. | Cyber Security Specialist, Mid-Market (51-1000 emp.)

**Reviewed Date:** June 03, 2021

**What do you like best about Palo Alto Cortex XSIAM?**

More automated in creating rules reduces manual effort in it.

**What do you dislike about Palo Alto Cortex XSIAM?**

Maintenance errors which interrupt operations.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Good platform as siem compared to splunk and arcsight with respect to performance

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Monitoring the log sources of the customer unit and analysing the traffic.Faster in response with respect to analysis.

  ### 40. IBM QRadar

**Rating:** 3.5/5.0 stars

**Reviewed by:** Arun K. | Cyber Security Manager, Enterprise (> 1000 emp.)

**Reviewed Date:** March 21, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Look and feel, user friendly interface, easy to build queries and report

**What do you dislike about Palo Alto Cortex XSIAM?**

Limited functionalities while creating correlation rules, minimum support to export outside content

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Helping customers to monitor, optimize and coreelate their traffic

  ### 41. Highly recommended

**Rating:** 5.0/5.0 stars

**Reviewed by:** Aniket K. | Cyber Security Consultant, Enterprise (> 1000 emp.)

**Reviewed Date:** March 14, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Threat hunting and analysing of threats and many more features

**What do you dislike about Palo Alto Cortex XSIAM?**

I do not dislike anything. It is perfect

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Highly recommended

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Threat Hunting and threat analysis. Cloud security monitoring

  ### 42. True SIEM Solution in the market

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Financial Services | Small-Business (50 or fewer emp.)

**Reviewed Date:** March 15, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Log correlation and use case creation are one of the best SIEM Tool in the industry.

**What do you dislike about Palo Alto Cortex XSIAM?**

Supporting person is very difficult to get in IBM

**Recommendations to others considering Palo Alto Cortex XSIAM:**

If the team has a malware analyst and SOC Analyst, we can create a SOC operation

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Log correlation and system events are stored in SIEM, upon creation of usecase, we can able to manage the offensive on Threat hunting.

  ### 43. IBM Security QRadar Review

**Rating:** 5.0/5.0 stars

**Reviewed by:** Mohammad K. | Team Leader, Small-Business (50 or fewer emp.)

**Reviewed Date:** March 15, 2022

**What do you like best about Palo Alto Cortex XSIAM?**

Threat detection and response built to adapt

**What do you dislike about Palo Alto Cortex XSIAM?**

Integration Process was a little bit complicated

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Threat detection and response built to adapt

  ### 44. IBM Security QRadar is a decent solution for your security needs

**Rating:** 4.5/5.0 stars

**Reviewed by:** Bhavsheel K. | Research Specialist, Small-Business (50 or fewer emp.)

**Reviewed Date:** June 08, 2021

**What do you like best about Palo Alto Cortex XSIAM?**

IBM Security QRadar is among the leading solutions to automate your security practice and detect vulnerabilities for your digital assets. It's among the top platforms for Security Information and Event Management (SIEM). It helps me eliminate and reduce manual workload for my team by detecting threats and prioritizing them for further investigation.

**What do you dislike about Palo Alto Cortex XSIAM?**

IBM Security QRadar needs a better user experience for the team and additional resources for training team members will be great.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Need for functionalities and ability to use or see reports regarding security threats from smartphones. Also, the solution provides a lot of false positives that lead to overwork for my team. Integration with Wattson AI helps reduce and score threats based on IBM Security QRadar existing algorithms.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

With IBM Security QRadar, my team has been able to detect threats, view insider threats, meet local and national regulatory compliance, and automate workflows. Further, I'm able to see which threats have been addressed and what else needs to be done. The cloud security capability helps my team to address issues related to our cloud platforms and applications.

  ### 45. IBM QRadar Enterprise  v7.4.1

**Rating:** 5.0/5.0 stars

**Reviewed by:** Tapan J. | Information Security Analyst, Enterprise (> 1000 emp.)

**Reviewed Date:** September 13, 2019

**What do you like best about Palo Alto Cortex XSIAM?**

Integration with quite a lot of other tools, software, and portals. Integration with Xforce Threat Intelligence as well we can integrate plugins from App Exchange platform too.

**What do you dislike about Palo Alto Cortex XSIAM?**

Nothing up till now. QRadar has nothing to dislike as compared to other SIEMS. But consumes a lot of memory, which in a way is quite beneficial for very good hardware that requires to protect critical infrastructure. But more memory usage turns out to be laggy a few times.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

IBM SIEM QRadar is definitely a good ROI on any organization's Security Posture but at the same time it is quite expensive as well as any Administrator needs to have a good level of understanding as well as experience regarding EPS and Logs integration in QRadar. IBM also provides Threat Intelligence via its XForce Threat Intelligence platform which can be subscribed to by purchasing its Premium and is Worth Resourceful even-though it is Expensive with only a limited number of Queries in a month. The App Exchange provides Addons/Integrations for almost every popular Security Tool across the globe across every Security Infra and Network Infra domain such as EDR-XDR, IDS-IPS, Firewall, Cloud Security and Governance, Threat Intelligence, and likewise. Every Analyst, Admin, Engineer working on QRadar is inherently Technically Competent but sometimes lack the proficiency of visualizing the Logs and other elements inside the Logs, and has to submit one's record of work done within a specific time-frame to the Management; where QRadar is a perfect choice of SIEM solution which leverages the Analysts' Technical Proficiency and transforming that into Statistical Charts-Graphs which helps the Management understand better regarding the ROI on the solution.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Helps me detect Threats and Intrusions in my network as well as Visualize the Technical expectations of the Management in a Statistical approach. QRadar is simply superb.!

  ### 46. Easy to operate, less complex, good for log analysis and integration.

**Rating:** 4.5/5.0 stars

**Reviewed by:** Tejas S. | Cyber Security Analyst, Small-Business (50 or fewer emp.)

**Reviewed Date:** July 22, 2020

**What do you like best about Palo Alto Cortex XSIAM?**

The first noticeable thing is the GUI of the tool easy to operate.  Dashboard configuration is good, where it easy to monitor traffic in the single frame in the visual format. Can add multiple different parameters for log searching. ability to integrate with other solutions. Good Technical Support and Documentation. You can add multiple log sources easily. A large number of users in the market so easy to find a solution to the query. Can Integrate with different security devices for logs monitoring. User Analytics Behaviour feature is available. Useful in monitoring email trace logs after trace log source integration. Able to monitor large size organization due to the log source integration. Rule creation is easy to do and Building Block feature is good.

**What do you dislike about Palo Alto Cortex XSIAM?**

A mobile app can be useful. Can add sound or POP UP Notifications for the offense.Use too many resources. Default QRadar rules generate more False Positive offenses, can work on it.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

A good tool for all level of users starting from freshers to SME. Can use multiple features available in  QRadar to secure your organization. Easy to operate and integrate.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

The primary job is to identify the security risks of the organization. QRadar is useful while threat hunting, log analysis, and reporting. Scheduled Daily, weekly and monthly reports which are useful while identifying anomaly.  Integration with HIDS logs helped in monitoring host-level logs and security. Monitoring email trace logs of the user which helps to identify phishing campaign against the organization.

  ### 47. Unwieldly and Mostly Effective SIEM

**Rating:** 3.0/5.0 stars

**Reviewed by:** Kevin H. | CISO, Enterprise (> 1000 emp.)

**Reviewed Date:** September 02, 2020

**What do you like best about Palo Alto Cortex XSIAM?**

The ability to quickly pull up, manipulate, drill down, and examine log data, even if it is months old.  Additionally, being able to look at both the normalized log data as well as the raw log output allows me to confirm exactly what the system is doing and brings a level of comfort to the entire process.  It was an invaluable tool in quickly showing other IT administrators exactly where problems existed or where there were potential connectivity issues.

**What do you dislike about Palo Alto Cortex XSIAM?**

There is a LOT of tuning that you need to perform in order for the product to be proactive.  There are numerous system rules, groups, and building blocks that will require not only tuning, but great documentation on YOUR part so that you and your team can properly understand the components of your systems that are being watched, analyzed, and alerted on.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Make sure that you really understand your infrastructure and are willing to deploy significant staffing resources at this product.  For an organization with over 2000 employees and 45,000 endpoints, we had to dedicated pretty much a single person full-time in order to fully realize the usefulness of this product.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Centralized logging management is solved very nicely, with the system able to ingest data from most of our products.  For those that QRadar was not able to support, writing a parser manually was relatively painless and allowed us to integrate our homegrown applications very nicely with all the other normalized log sources.

  ### 48. QRadar is still a Leader in SIEM Technology

**Rating:** 5.0/5.0 stars

**Reviewed by:** Mohd D. | Engineer - GSOC, Enterprise (> 1000 emp.)

**Reviewed Date:** August 08, 2020

**What do you like best about Palo Alto Cortex XSIAM?**

It's scalability and advanced correlation capabilities to detect cyber threats. User Interface is prety easy to use for user level analysts and for SIEM Administrators as well. I worked as an Analyst and you can easily drill down on an alert and investigate thoroughly with available logs and search for more related logs and create your investigation with searching related artifacts and create watchlists , alerts.
Easily integrate with most of industry standard tools, which is the most important to get full fledged benefits of compete security posture.
Integrated QRadar with our automation tool and it worked very well with automation of incident response and Threat intelligence feeds.

**What do you dislike about Palo Alto Cortex XSIAM?**

A bit lack of automation capabilities for quick  Incident Response

**Recommendations to others considering Palo Alto Cortex XSIAM:**

Go for it , it;s the market leader in SIEM technology improving day by day with latest features to comply with sophisticated methods of detecting cyber attacks. I would highly recommend QRadar for a Big size Organization, it can handle thousands of devices to be integrated with it and there is no challenges in scalability. Overall good product to invest and get your organization secure with market's best on the top technology.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

Incident Response, Threat Hunting, Cyber security incident monitoring , Audit compliance

  ### 49. It is really beneficial for real time visibility to detect threat detection

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Banking | Small-Business (50 or fewer emp.)

**Reviewed Date:** June 03, 2021

**What do you like best about Palo Alto Cortex XSIAM?**

Priority of Alerts good for large network and find for particular subnet range

**What do you dislike about Palo Alto Cortex XSIAM?**

in offence tab should have right click filter for offence description

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

AqL advance search queries are easy to understand. Graphical representation is pretty nice

  ### 50. Qradar Security information and event management - SIEM

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Import and Export | Mid-Market (51-1000 emp.)

**Reviewed Date:** September 03, 2020

**What do you like best about Palo Alto Cortex XSIAM?**

The flexibility and ease of deployment
 Ability to quickly detect and prioritize potential threats. Mainly the ability to address internal dangers. Whether originating from a malicious or careless employee. This allows us to fix / Plug the hole / problem

**What do you dislike about Palo Alto Cortex XSIAM?**

Licence renewal Grace period. You do not get a view only access once license has expired.

**Recommendations to others considering Palo Alto Cortex XSIAM:**

It is very helpful, When you can spend time to customise your reports and your dashboard. System Monitoring, Compliance Overview, Application overview, Network overview, Risk monitoring, System monitoring and Threat and security Monitoring as applicable.

**What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?**

information and event management from multiple sources - Unix Servers, Routers and firewalls


## Palo Alto Cortex XSIAM Discussions
  - [What does QRadar stand for?](https://www.g2.com/discussions/what-does-qradar-stand-for) - 1 comment, 1 upvote
  - [How can I study more on IBM Security QRadar?](https://www.g2.com/discussions/how-can-i-study-more-on-ibm-security-qradar) - 1 comment, 1 upvote
  - [How to build visualization with standard deviations?](https://www.g2.com/discussions/how-to-build-visualization-with-standard-deviations) - 1 comment, 1 upvote
  - [Can IBM Qradar be integrated with our own software? apart from software from major vendors](https://www.g2.com/discussions/32099-can-ibm-qradar-be-integrated-with-our-own-software-apart-from-software-from-major-vendors) - 1 comment, 1 upvote
  - [How do I monitor app resource usage on the app host](https://www.g2.com/discussions/16208-how-do-i-monitor-app-resource-usage-on-the-app-host) - 1 comment, 1 upvote

- [View Palo Alto Cortex XSIAM pricing details and edition comparison](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews?section=pricing&secure%5Bexpires_at%5D=2026-07-04+05%3A47%3A39+-0500&secure%5Bsession_id%5D=47a40275-e3cc-41c9-983a-ac1a0a1ff7b4&secure%5Btoken%5D=0cecf643e77c233957216d625266f8940a8828e55c0bbed663eeb4132c354409&format=llm_user)
## Palo Alto Cortex XSIAM Integrations
  - [Azure Pipelines](https://www.g2.com/products/azure-pipelines/reviews)
  - [IBM Security QRadar NDR](https://www.g2.com/products/ibm-security-qradar-ndr/reviews)
  - [Microsoft 365](https://www.g2.com/products/microsoft365/reviews)

## Palo Alto Cortex XSIAM Features
**Automation**
- Metadata Management
- Artificial Intelligence & Machine Learning
- Response Automation
- Continuous Analysis

**Analysis**
- File Analysis
- Memory Analysis
- Registry Analysis
- Email Analysis
- Linux Analysis

**Risk Analysis**
- Risk Scoring
- Reporting
- Risk-Prioritization

**Activity Monitoring**
- Usage Monitoring
- Database Monitoring
- API Monitoring
- Activity Monitoring

**Detection & Response**
- Response Automation
- Threat Hunting
- Rule-Based Detection
- Real-Time Detection

**Agentic AI - User and Entity Behavior Analytics (UEBA)**
- Autonomous Task Execution
- Multi-step Planning
- Proactive Assistance
- Decision Making

**Services - Endpoint Detection & Response (EDR) **
- Managed Services

**Response**
- Resolution Automation
- Resolution Guidance
- System Isolation
- Threat Intelligence
- Incident Investigation

**Cloud Visibility**
- Data Discovery
- Cloud Registry
- Cloud Gap Analytics

**Network Management**
- Activity Monitoring
- Asset Management
- Log Management

**System Control**
- Device Control
- Web Control
- Application Control
- Asset Management
- System Isolation

**Functionality**
- Multi-Network Capability
- Anomaly Detection
- Network Visibility
- Scalability

**Functionality**
- Incident Alerts
- Anomaly Detection
- Continuous Analysis
- Decryption

**Analysis**
- Continuous Analysis
- Behavioral Analysis
- Data Context
- Activity Logging

**Automation**
- Workflow Mapping
- Workflow Automation
- Automated Remediation
- Log Monitoring

**Functionality**
- Centralized platform
- Automated response
- Breach notification law compliance
- Workflow
- Reporting

**Vulnerability Assesment**
- Vulnerability Scanning
- Vulnerability Intelligence
- Contextual Data
- Dashboards

**Security**
- Compliance Monitoring
- Risk Analysis
- Reporting

**Management**
- Extensibility
- Workflow Automation
- Unified Visibility

**Records**
- Incident Logs
- Incident Reports

**Security**
- Data Security
- Data loss Prevention
- Security Auditing

**Incident Management**
- Event Management
- Automated Response
- Incident Reporting

**Vulnerability Prevention**
- Endpoint Intelligence
- Firewall
- Malware Detection

**Incident Management**
- Incident Logs
- Incident Alerts
- Incident Reporting

**Remediation**
- Incident Reports
- Remediation Suggestions
- Response Automation

**Detection**
- Anomaly Detection
- Incident Alerts
- Activity Monitoring

**Orchestration**
- Security Orchestration
- Data Collection
- Threat Intelligence
- Data Visualization

**Automation**
- Automated Remediation
- Workflow Automation
- Security Testing
- Test Automation

**Administration**
- Security Automation
- Security Integration
- Multicloud Visibility

**Analytics**
- Threat Intelligence
- Artificial Intelligence & Machine Learning
- Data Collection

**Management**
- Incident Alerts
- Incident Case Management
- Workflow Management

**Identity**
- SSO
- Governance
- User Analytics

**Security Intelligence**
- Threat Intelligence
- Vulnerability Assessment
- Advanced Analytics
- Data Examination

**Security Management**
- Incident Reports
- Security Validation
- Compliance 

**Response**
- Alerting
- Performance Baselin
- High Availability/Disaster Recovery

**Generative AI**
- AI Text Generation
- AI Text Summarization

**Agentic AI - Security Information and Event Management (SIEM)**
- Autonomous Task Execution
- Multi-step Planning
- Proactive Assistance
- Decision Making

**Agentic AI - Cloud Security Monitoring and Analytics**
- Autonomous Task Execution
- Proactive Assistance
- Decision Making

**Agentic AI - Extended Detection and Response (XDR) Platforms**
- Autonomous Task Execution
- Proactive Assistance
- Decision Making

**Generative AI**
- AI Text Generation
- AI Text Summarization

**Services - Extended Detection and Response (XDR)**
- Managed Services

## Top Palo Alto Cortex XSIAM Alternatives
  - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - 4.6/5.0 (412 reviews)
  - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (817 reviews)
  - [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews) - 4.3/5.0 (414 reviews)

