We are looking to replace our current aging AV system (Trend Micro) next year as we are up for renewal. We're a relatively small shop. ~475 employees.
We are looking at jumping on the Palo Alto Cortex XDR bandwagon (We currently utilize their firewalls as well) and we are curious if anyone here actually uses this system and has any feedback. We don't have anyone locally that uses it yet so we aren't able to get any real world feedback.
We are also looking to utilize on of Palo's partners Critical Start for their Managed Detection, Response, and Containment services as well. Does anyone have any experience with Critical Start as well?
We're mainly looking to increase security posture on our workstations. We just completed our Windows 7 to Windows 10 migration and removed local admin rights in the process, so this is the next logical step for us.
I don't have any experience with Critical Start but we use Cortex XDR as our primary AV platform (we were a Symantec shop previously). We're a 10,000+ device organization and have been pretty pleased with it so far. It does couple with Windows Defender (since you upgraded to Win10). Pair the two if you can and you've got a pretty solid layer of defense. We've had some memory usage increase on our machines but it has had no performance impact. Follow the compatibility and system requirements docs well.
Policies are pretty easy to implement and the forensics are night/day difference for us at least. We've been happy with this part of XDR. It's caught things that SEP left untouched. We also have very few security exceptions and a small whitelist which is a huge win for any security posture.
Hope this helps a little. Good luck!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!