Palo Alto Networks Cortex XDRFormerly Traps
Overview
What is Palo Alto Networks Cortex XDR?
Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats.
TrustRadius Insights
Traps/Cortex XDR Review
Palo Alto Networks Cortex XDR--best fit as an endpoint protection suite
Palo Alto Cortex XDR is market leader
Excellent Threat Hunting Capabilities And Endpoint Security Products For Next Gen
Endpoint Response Where It Matters
Review of Palo Alto Networks Traps
Traps is advanced malware protection without the hassle.
Traps will trap malware
Palo Alto Network Traps make endpoint security simple
Trap that malware!
Traps is best
Traps for Enterprise is now relity
Reviewer Pros & Cons
Pricing
What is Palo Alto Networks Cortex XDR?
Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
111 people also want pricing
Alternatives Pricing
What is CrowdStrike Falcon?
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…
What is Kaspersky EDR Optimum?
Kaspersky Endpoint Detection and Response (EDR) Optimum helps identify, analyze and neutralize evasive threats by providing easy-to-use advanced detection, simplified investigation and automated response. It is a basic EDR tool for mid-market organizations who are just starting to build their…
Product Details
- About
- Tech Details
What is Palo Alto Networks Cortex XDR?
Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of malware and exploit prevention methods that protect users and endpoints from known and unknown threats. |
Palo Alto Networks Cortex XDR Technical Details
Operating Systems | Unspecified |
---|---|
Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(53)Community Insights
- Business Problems Solved
Palo Alto Networks Traps is a highly regarded cybersecurity software that offers robust protection against malware, zero-day exploits, and advanced persistent threats. Its seamless integration with the Palo Alto Suite has made it a popular choice among users. The software can be easily installed and used on various devices, including laptops and virtual desktops. Users have praised Traps for its ability to detect grayware, serious malware, and exploit attempts that may be missed by other antivirus solutions like Windows Defender. One of the standout features of Traps is its ability to prevent the execution of malware without requiring a file to be downloaded, providing enhanced protection for users. This next-gen capability, coupled with its ease of use and strong protection, has prompted many customers to replace their existing antivirus solutions with Palo Alto Networks Traps.
Traps has proven itself invaluable in identifying and quarantining threats, as well as isolating future malware and preventing its spread across the network. By integrating Wildfire and host AV, Traps adds additional layers of security to hosts and aids in detecting unknown and zero-day malware. The inclusion of Traps functionality in Palo Alto Networks Cortex XDR further enhances security controls and provides deep visibility into suspicious activities and behaviors exhibited by users. Cortex XDR serves as an Endpoint Response tool that enables organizations to quickly identify and respond to events and incidents across multiple devices.
Users have reported that Palo Alto Networks Traps offers advanced anti-malware detection and prevention with a low false-positive rate, minimizing user annoyance while effectively mitigating the risk of malware attacks, zero-day attacks, and APTs. Its organization-wide deployment ensures comprehensive protection for servers, desktops, and roaming users. With Traps seamlessly integrated into the Palo Alto Suite, manual whitelisting and server updates are no longer necessary. Overall, Palo Alto Networks Traps is widely recognized for its ease of installation, seamless integration capabilities, next-gen features, and robust protection against advanced threats.
Attribute Ratings
Reviews
(1-13 of 13)- Endpoint Protection
- Detect and Response
- Antivirus
- Interface can be confusing
- An "Admin Bypass" feature to proceed with a false detection would be nice
- Better out-of-the-box reporting
Traps/Cortex XDR Review
- It does nothing well
- Traps/cortex XDR alerts on wide scale commercial apps that are clearly not malicious
- the Cortex XDR console interface is 5 steps worse than simply bad
- Frontline support reps are not fluent in spoken English although their written fluency is okay (at best)
- Malware prevention
- Exploit prevention
- EDR and XDR
- Ransomware protection
- Disk encryption (with Bit Locker and File Vault)
- Device control features
- Analytics
- Investigation
- Incident management
- Forensics
- NTA--network traffic analysis
- UBA/UEBA--user entity behavior analysis
- Inventory management
- Web controls
- DLP features
Palo Alto Cortex XDR is market leader
- Antivirus Protection
- Ransomware Protection
- Digital Forensics
- Endpoint Protection
- Cloud Protection
- Device Control
- Drive Encryption
- Some zero-day exploits, malicious child processes, and maliciously hashed files have been successfully blocked by it.
- Analyzing and identifying unknown malicious software on workstations, servers, and mobile devices are made easier with the help of tracking file behavior.
- Panorama's integration helps us detect malicious files and traps more quickly and efficiently than other products we've tried, protecting us from zero-day attacks.
- Traps, like all advanced endpoint protection, need to grow in machine learning/baseline protection.
- Sometimes, exceptions were made because of legacy or custom software issues, and we encountered a bug in an older version of the agent.
- Traps are best for IT environments using COTS reports/dashboards. In environments where custom software and applications are used, Traps necessitate a great deal of tweaking.
Endpoint Response Where It Matters
- Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
- Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
- Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.
- The UI loads a large amount of data from each windows pane requiring users to scroll or modify queries for smaller list of results. The data being presented can be overwhelming and alerting does not always indicate IOCs.
- Performance on XDR tends to fluctuate when running queries and features available don't make the process of hunting any faster.
- Support for the product needs improvement as the product is newer more items are revealed that require attention or resolution.
Review of Palo Alto Networks Traps
- Enforce endpoint security
- Anti-malware protection
- Anti-virus protection
- Automation and orchestration of Palo Alto Networks Traps agents either via the Endpoint Security Manager or via any automation platforms like Ansible, Python, etc.
- Support of Palo Alto Networks Traps agents via REST APIs
Traps is advanced malware protection without the hassle.
- Malware detection without existing signatures
- Test detonation of unknown files in the cloud and locally
- Prevention of threats that traditional AV can't block
- Deployment of the agent via SCCM can have downstream consequences.
- The agent installer occasionally has issues, especially if it is being used for a manual upgrade.
- Kernel permissions issues on Mac may require user interaction (true for most AV).
Traps will trap malware
- Able to block malicious child-process run on the endpoint
- Able to block executed files which hashes are malicious
- Able to block process that employs malicious behaviour
- Proven to be able to block zero-day exploits
- We encountered some glitch in a certain version of the agent. When we deployed newer version, the policy set on the previous version was white-listed/overwritten.
- Moving to encrypted based connection (communication between agent to server) is troublesome, coz we need to uninstall the agent first.
- Need to have a more flexible reports/dashboard where we can customize it
- We feed Traps log to our SIEM, however the information sent to the SIEM was not complete, but we need to investigate more probably some faults are on us
Palo Alto Network Traps make endpoint security simple
- Cloud-based.
- Simple to install.
- Email alerts when issues are found not just a daily summary report.
Trap that malware!
- Traps does a fantastic job at stopping malware before it executes
- Traps defends against 0 day attacks better than other products we have tried
- Traps isolates malware to that particular host better than any A/V we've tried
- Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
- Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
- Traps falsely identifies things as malicious at times, this is not often though
Traps is best
- Tracking file behavior
- low impact monitoring
- easy to use console
- To be honest, at this time I don't have any suggestions for you guys. Sales team was great, tech team is great, product has been great. I like the interface.. so no complaints or suggestions yet!
Traps for Enterprise is now relity
- Great tool to help analyze and identify unknown malicious software on workstations, servers, and mobile devices.
- Integration with Panorama help to quickly and efficiently identify potential malicious files.
- Integration with Wildfire helps to quickly deploy signatures not only to endpoints but to firewalls as well.
- Every advanced endpoint protection, including Traps, needs to grow in the machine learning/baseline of a machine portion of their protection.
- Palo Alto needs to work more with vendors and their updates to help reduce exclusion lists.
- Traps is best for IT environments where COTS is used. Where homegrown software and applications are used, Traps requires a lot of customization.