- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- 5G
- IoT Security
- Prisma SD-WAN
Network Security
- Prisma Access
- Prisma SaaS
- Prisma Cloud
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
- LIVEcommunity
- ›
- Collaboration
- ›
- Discussions
- ›
- Endpoint (Traps) Discussions
- ›
- Who rated this post
Who rated this post
Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.
Who rated this post
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
Hi @AhmedSallam
There are quite a few differences between ESM and Cortex XDR. You get significantly more features in Cortex XDR. Some differences include:
1. Management server location (Cloud vs on-Prem)
2. Cortex XDR has more prevention features (Behavior Threat Protection, etc)
3. Agent communication (Cortex XDR - communicates over internet / ESM - communicates while on network, VPN, or DMZ exposed Core)
4. EDR capabilities available in Cortex XDR
5. Cortex XDR has device control features (USB Device control, Host-based firewall, bitlocker support)
6. Cortex XDR allows response capabilities
WildFire is used in both solutions. WildFire is cloud-based.
David Falcon
Solutions Architect, Cortex
Palo Alto Networks®
