Palo Alto Cortex XSIAM Pros and Cons

Palo Alto Cortex XSIAM Pros and Cons: Top Advantages and Disadvantages

Quick AI Summary Based on G2 Reviews

Generated from real user reviews

Users appreciate the ease of use of Palo Alto Cortex XSIAM, facilitating effective system management and investigation. (49 mentions)

Users praise the advanced threat detection capabilities of Palo Alto Cortex XSIAM, enhancing security and real-time response. (38 mentions)

Users value the extensive integrations supported by Palo Alto Cortex XSIAM, enhancing compatibility with various software solutions. (28 mentions)

Users appreciate the advanced threat detection capabilities of Palo Alto Cortex XSIAM, ensuring robust protection against sophisticated attacks. (26 mentions)

Users value the advanced threat detection and centralized log management of Palo Alto Cortex XSIAM for efficient security management. (26 mentions)

Users appreciate the easy integrations of Palo Alto Cortex XSIAM, enhancing their overall security management experience. (24 mentions)

Users value the intuitive user interface of Palo Alto Cortex XSIAM, enhancing their overall understanding and usability. (17 mentions)

Users find the product expensive compared to other SIEM solutions, which may deter smaller companies from adopting it. (27 mentions)

Users find the difficult learning curve of Palo Alto Cortex XSIAM overwhelming without proper training and programming knowledge. (17 mentions)

Users are frustrated with the limited integrations available in Palo Alto Cortex XSIAM, affecting usability and support. (15 mentions)

Users find the complexity of Palo Alto Cortex XSIAM challenging, requiring substantial training to navigate effectively. (13 mentions)

Users find the dated interface and complexity of Palo Alto Cortex XSIAM challenging, requiring significant hardware and training. (12 mentions)

Top Pros or Advantages of Palo Alto Cortex XSIAM

1. Ease of Use

Users appreciate the ease of use of Palo Alto Cortex XSIAM, facilitating effective system management and investigation.

See 49 mentions

See Related User Reviews

Flore v.

Mid-Market (51-1000 emp.)

3.0/5

"Grandpa QRadar"

What do you like about Palo Alto Cortex XSIAM?

I like building use cases in QRadar. The logic is easy to understand, parsing has several options and a lot is possible to make custom use cases.

Muhammad B.

Mid-Market (51-1000 emp.)

4.0/5

"IBM Security ReaQta (QRadar now) recommended TDR/EDR solution for all level of organizations."

What do you like about Palo Alto Cortex XSIAM?

Real-time monitoring and behavioral analysis are not new in any EDR solution. Still, QRadar is pretty user-friendly and makes it easier for soc to inv

2. Threat Detection

Users praise the advanced threat detection capabilities of Palo Alto Cortex XSIAM, enhancing security and real-time response.

See 38 mentions

See Related User Reviews

Verified User

Small-Business (50 or fewer emp.)

4.5/5

"Is it really protecting our organization?"

What do you like about Palo Alto Cortex XSIAM?

In addition to its advanced threat detection capabilities, IBM Security QRadar SIEM offers a range of features that make it a popular choice among org

Vanitha S.

Enterprise (> 1000 emp.)

5.0/5

"A must have SIEM tool - IBM Qradar"

What do you like about Palo Alto Cortex XSIAM?

Qradar acts as a one stop solution to manage, correlate and investigate all the network, application events. The product makes it easy to remediate th

3. Integrations

Users value the extensive integrations supported by Palo Alto Cortex XSIAM, enhancing compatibility with various software solutions.

See 28 mentions

See Related User Reviews

Skye D.

Small-Business (50 or fewer emp.)

4.0/5

"QRadar is complex, but extremely capable."

What do you like about Palo Alto Cortex XSIAM?

The most helpful and important parts of QRadar has to be the integrations it supports. Most major software solutions and log sources are easy to inte

Andrea S.

Mid-Market (51-1000 emp.)

4.0/5

"QRadar's Strengths: Impact of Intuitive Interface and Easy Integration"

What do you like about Palo Alto Cortex XSIAM?

One of Qradar's strenghts is certainly the intuitive user interface, which can help less experienced users move more easily within SIEM pages. One oth

4. Cybersecurity

Users appreciate the advanced threat detection capabilities of Palo Alto Cortex XSIAM, ensuring robust protection against sophisticated attacks.

See 26 mentions

See Related User Reviews

Omar A.

Small-Business (50 or fewer emp.)

4.5/5

"IBM Security ReaQta"

What do you like about Palo Alto Cortex XSIAM?

IBM Security ReaQta is an advanced threat detection and response platform designed to detect and respond to advanced persistent threats (APTs) and mal

Maybelle J.

Mid-Market (51-1000 emp.)

5.0/5

"IBM Qradar is an Efficient but costly Endpoint Protection system"

What do you like about Palo Alto Cortex XSIAM?

Qradar is a proactive threat-hunting and threat-response system that meets all the industry standards for a solution. It integrates well with other se

5. Features

Users value the advanced threat detection and centralized log management of Palo Alto Cortex XSIAM for efficient security management.

See 26 mentions

See Related User Reviews

Verified User

Small-Business (50 or fewer emp.)

4.5/5

"Is it really protecting our organization?"

What do you like about Palo Alto Cortex XSIAM?

In addition to its advanced threat detection capabilities, IBM Security QRadar SIEM offers a range of features that make it a popular choice among org

Vanitha S.

Enterprise (> 1000 emp.)

5.0/5

"A must have SIEM tool - IBM Qradar"

What do you like about Palo Alto Cortex XSIAM?

Qradar acts as a one stop solution to manage, correlate and investigate all the network, application events. The product makes it easy to remediate th

6. Easy Integrations

Users appreciate the easy integrations of Palo Alto Cortex XSIAM, enhancing their overall security management experience.

See 24 mentions

See Related User Reviews

Skye D.

Small-Business (50 or fewer emp.)

4.0/5

"QRadar is complex, but extremely capable."

What do you like about Palo Alto Cortex XSIAM?

The most helpful and important parts of QRadar has to be the integrations it supports. Most major software solutions and log sources are easy to inte

Eron M.

Mid-Market (51-1000 emp.)

3.5/5

"Has a lot of potential, but needs some improvements."

What do you like about Palo Alto Cortex XSIAM?

Alert analysis is nice, showing the process tree and information about each block. It's really easy to setup and integrate with QRadar SIEM and SOAR.

7. User Interface

Users value the intuitive user interface of Palo Alto Cortex XSIAM, enhancing their overall understanding and usability.

See 17 mentions

See Related User Reviews

Prashant M.

Small-Business (50 or fewer emp.)

5.0/5

"Best SIEM"

What do you like about Palo Alto Cortex XSIAM?

IBM QRadar is very easy to use, we will easily manage our dashboard according to us. Easy to create rules and building blocks.

Abdul M.

Enterprise (> 1000 emp.)

4.5/5

"Very user friendly tool interface with Ease in Administration"

What do you like about Palo Alto Cortex XSIAM?

Seamless interface with Log sources. Out of the box support to many log sources. Good dashboard creation tools.

Top Cons or Disadvantages of Palo Alto Cortex XSIAM

1. Expensive

Users find the product expensive compared to other SIEM solutions, which may deter smaller companies from adopting it.

See 27 mentions

See Related User Reviews

Rohan G.

Mid-Market (51-1000 emp.)

5.0/5

"Qradar: Best SIEM tool for Monitoring Endpoints & Cloud"

What do you dislike about Palo Alto Cortex XSIAM?

So if you are new to Qradar SIEM, first you need to understand the general architecture of Qradar then all features of Qradar. Although it gives us

Mudit K.

Enterprise (> 1000 emp.)

4.5/5

"Experience with IBM Security QRadar SIEM"

What do you dislike about Palo Alto Cortex XSIAM?

The tool's reporting and cost could be better for small or mid size companies

2. Difficult Learning

Users find the difficult learning curve of Palo Alto Cortex XSIAM overwhelming without proper training and programming knowledge.

See 17 mentions

See Related User Reviews

Robert J. L.

Enterprise (> 1000 emp.)

5.0/5

"Deep dive into what's happening in your network!"

What do you dislike about Palo Alto Cortex XSIAM?

Can be overwhelming if you have no training. Realy requires training or you will get lost.

Shanmugasundaram P.

Enterprise (> 1000 emp.)

5.0/5

"IBM Security QRadar EDR"

What do you dislike about Palo Alto Cortex XSIAM?

Not feasible to understand all the features in short duration.

3. Integration Issues

Users are frustrated with the limited integrations available in Palo Alto Cortex XSIAM, affecting usability and support.

See 15 mentions

See Related User Reviews

Verified User

Enterprise (> 1000 emp.)

4.5/5

"IBM Resilient SOAR Review"

What do you dislike about Palo Alto Cortex XSIAM?

Right now it is getting replaced by CP4S. Hence very less integrations out of box.

Raja Gowtham R.

Enterprise (> 1000 emp.)

4.0/5

"Best for Log Management"

What do you dislike about Palo Alto Cortex XSIAM?

Cost of increasing an EPS is higer and there is a need of manual maintainance such as log clearance.Event drops becaus of the over flow is one of the

4. Complexity

Users find the complexity of Palo Alto Cortex XSIAM challenging, requiring substantial training to navigate effectively.

See 13 mentions

See Related User Reviews

MAHESH D.

Small-Business (50 or fewer emp.)

4.5/5

"System/Security Engineer"

What do you dislike about Palo Alto Cortex XSIAM?

Its Complexity Customixation difficulty Limited feature

Muhammad B.

Enterprise (> 1000 emp.)

4.5/5

"IBM SIEM (QRadar)"

What do you dislike about Palo Alto Cortex XSIAM?

Being professional I am not liking the User Behavior Analytics app in QRadar because it's very difficult to understand for a layman. Network flows mon

5. UX Improvement

Users find the dated interface and complexity of Palo Alto Cortex XSIAM challenging, requiring significant hardware and training.

See 12 mentions

See Related User Reviews

Verified User

Small-Business (50 or fewer emp.)

4.0/5

"QRadar Review"

What do you dislike about Palo Alto Cortex XSIAM?

The old GUI view and the heavy code that need heavy hardware.

Skye D.

Small-Business (50 or fewer emp.)

4.0/5

"QRadar is complex, but extremely capable."

What do you dislike about Palo Alto Cortex XSIAM?

The interface was very aged, but was being actively developed. QRadar has been around for longer than other SIEMs, and it shows in both good ways and

Top-Rated Alternatives

View All Alternatives

G2 reviews are authentic and verified.

Here's how.

Verified User in Information Technology and Services

Enterprise (> 1000 emp.)

6/2/2021

"It’s very good tool for monitoring the alerts"

5/5

What do you like best about Palo Alto Cortex XSIAM?

Dashboard is very good and offense writing is easy compare to other SIEM products and ease of use when checked with other products Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

Nothing much but UI can be modifies a little bit more Review collected by and hosted on G2.com.

Simeone C.

Cybersecurity Engineer

Mid-Market (51-1000 emp.)

11/18/2024

"QRadar the best SIEM"

4.5/5

What do you like best about Palo Alto Cortex XSIAM?

The scalability of the platform allows seamless integration with different products, enabling efficient correlation of events from different log sources. Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

Initial implementation and customisation can be challenging and require significant time and expertise to adapt the system to the specific needs of the organisation. Review collected by and hosted on G2.com.

Andrea S.

Cyber Security Engineer

Mid-Market (51-1000 emp.)

10/7/2024

"QRadar's Strengths: Impact of Intuitive Interface and Easy Integration"

4/5

What do you like best about Palo Alto Cortex XSIAM?

One of Qradar's strenghts is certainly the intuitive user interface, which can help less experienced users move more easily within SIEM pages. One other good thing is the scalability and easy integration with most of the products on the market, which is critical for correlating events from different log source types. Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

The main problem encountered in 5 years of product is the the technical support received from IBM in case of major problems. Working in cyber security, I believe that response times are a fundamental point, in a world where even a few minutes can make the difference Review collected by and hosted on G2.com.

Filipe C.

Mid-Market (51-1000 emp.)

4/22/2024

"Best SIEM tool I've worked with for complex environments"

4.5/5

What do you like best about Palo Alto Cortex XSIAM?

- AQL language have the same syntax as SQL, making it easy and fast to create fine grained searches;

- AQL also makes it easy to create Dashboards, really helpful to our clients;

- Rule creation is easy enough to understand and implement;

- Integration with IBM X-Force is fundamental to our operation;

- New UI's visual builder makes it super easy to search for events and flows;

- Easy to setup multiple domains for everyday use in multiple environments;

- IBM's employees provide great support; Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

- New UI (QRadar UI (v2.32.0)) have less features than the old one, we can't search for offenses as easily: we can't search for offenses that started in an specific date, only predefined timeranges (hour, 12h, 7d, 30d etc);

- Pulse only allows to edit a dashboard if you're the one who created it. All admins should be allowed to edit them;

- We can't create notes on an offense from the new UI, notes are really helpful;

- Report building is terrible, clumsy and slow, and not a lot of customization; Review collected by and hosted on G2.com.

What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?

QRadar was our SIEM choice for it's leading position in the industry, it's easy to setup new Log Sources and it's documentation is a great resourse, although sometimes difficult to find (like API and AQL docs). We're using it to sell our SOC as a Service solution and all clients are satisfied with the tool. Review collected by and hosted on G2.com.

Siddharth Ranjan S.

Senior System Engineer

Enterprise (> 1000 emp.)

9/20/2024

"QRadar- an ideal SIEM solution"

5/5

What do you like best about Palo Alto Cortex XSIAM?

The features like advanced threat detection, user friendly UI, scalability, AI powered automation etc. are good offerings from QRadar. And I like these features. Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

I found some difficulties in the initial setup , customization limitation, delayed response time when load is high. If the organization size is small, then cost to acquire QRadar license can be high which makes it inaccesible. Review collected by and hosted on G2.com.

Guido I.

Senior Security Consultant

Mid-Market (51-1000 emp.)

11/19/2024

"Collect and parsing log"

4.5/5

What do you like best about Palo Alto Cortex XSIAM?

We use IBM Qradar to collect log for our customer, log have different server, computer , switch, firewall ecc and in this way we have one Siem that help us to collect and extend data retention of customer log, create different use case and generate offense for malicious activity Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

the cost of this solution is more expensive compare with competitor Review collected by and hosted on G2.com.

Yugandhar S.

Enterprise (> 1000 emp.)

5/16/2024

"Qradar - A Complete SIEM Platform"

5/5

What do you like best about Palo Alto Cortex XSIAM?

Qradar is easy to handle tool. Qradar provides a good log or flow search experience. It is easy to handle the offenses as correlation works great and we are able to see any previous offense from the same attacker. Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

There is only one thing which I dislike about Qradar is its dashboard experience. Qradar has very old fashioned dashboard. They added pulse for better dashboards but they discontinued it. Review collected by and hosted on G2.com.

What problems is Palo Alto Cortex XSIAM solving and how is that benefiting you?

Qradar is a complete SIEM tool platform which provides great correlation of the events so that we can get concrete offenses rather than false positives. Multiple search filters allow us to get data more accurately and precisely. Using its UEBA we can generate offenses related to user or behaviour anomalies. Review collected by and hosted on G2.com.

Vanitha S.

Enterprise (> 1000 emp.)

4/6/2024

"A must have SIEM tool - IBM Qradar"

5/5

What do you like best about Palo Alto Cortex XSIAM?

Qradar acts as a one stop solution to manage, correlate and investigate all the network, application events. The product makes it easy to remediate threats while maintaining the bottom line. IBM Qradar offers a vast insights of all the activities happening across our network. The tool also enables to identify the abnormalities in the user behaviour analytics. The eas of implementation and integration with other platforms is a feather in one's cap for Qradar. Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

As a ardent customer of IBM Qradar for past five years, there is nothing to dislike about the product. Review collected by and hosted on G2.com.

Sameer K.

Vice President Cyber Security & Infrastructure Risk

Enterprise (> 1000 emp.)

9/14/2024

"IBM Qradar review"

5/5

What do you like best about Palo Alto Cortex XSIAM?

It helps into deep packet inspection to identify threat as well correlate the data for analysis and threat hunting. Review collected by and hosted on G2.com.

What do you dislike about Palo Alto Cortex XSIAM?

Cannot handle large data sets requires and ELK for data injections, memory intensive which increases the chances of instability, the latest version doesn't have a gpt kind of functions which helps adminstrator run simple query to get output as not every one can learn the query language Review collected by and hosted on G2.com.