Cortex XDR Vs Symantec PDF
Cortex XDR Vs Symantec PDF
SYMANTEC
Protection Customers need protection from more than Multi-method prevention Signature-dependent
just known and unknown malware
ML-based malware prevention; stops exploits, Heavy reliance on static signatures that are
ransomware, scripts, fileless attacks, and resource-intensive and require constant
malicious behaviors; coordinates defenses updating
across the enterprise
Detection You can’t detect what you can’t see Market-leading visibility More alerts
No. 1 coverage in MITRE ATT&CK™ Additional product requirements; threat
evaluations; ensures accurate detection of intelligence and managed services;
sophisticated attacks with behavioral analytics inconsistent across operating systems
Investigation & Threat Hunting Security teams need productivity gains for all Speeds all investigations Needs experts
security operations
Simplify triage with alert reduction across Reliant on multiple products with separate
products; speed investigations with automated interfaces; requires trained personnel to use,
root cause analysis; see everything with fast along with managed services
and powerful queries
Response Fast response is crucial to risk mitigation Stops threats quickly Quarantine-only
Contain a threat immediately with isolation; Additional EDR product or subscription
kill and block actions even on Next-Gen required to perform anything more than just
Firewalls while the Live Terminal allows a quarantine or isolation
remote access to any endpoint
Network Traffic Analysis (NTA) & Customers need detection and response for XDR Unavailable
User and Entity Behavior Analytics (UEBA) unmanaged devices as well
Expand detection and response from the
endpoint; stop attacks even when you can’t
deploy an agent; leverage data from the net-
work, users, unmanaged devices, and IoT
© 2019 Palo Alto Networks, Inc. | Cortex XDR vs. Symantec | Confidential and Proprietary Information: For internal use and authorized partners under NDA with Palo Alto Networks only. 1