


But the onboarding process is not the issue. In two days we were able to deploy it to our whole organization. The onboarding process with Defender is much easier. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex.

It has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. I have experience with both of them.Ĭortex has quite good management capabilities that give IT organizations quite a good picture of attempted cyber attacks. We gave Palo Alto Cortex XDR a try and we are now in the process of removing it and going to Microsoft Defender for Endpoint.
