We performed a comparison between AWS GuardDuty and Trellix Cloud Workload Security based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"The ease of use of the platform is very nice."
"The visibility is the best part of the solution."
"The real-time detection and response capabilities overall are great."
"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."
"They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away."
"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."
"It is scalable, stable, and can detect any threat on a machine. It uses artificial intelligence and can lock down any virus."
"The correlation back end is the solution's most valuable feature."
"The solution is easy to use."
"The most valuable features are the single system for data collection and the alert mechanisms."
"We use the tool for threat detection. AWS includes AI features as well. AWS GuardDuty gives us reports."
"The out-of-band malware detection from the EBS volumes. It's really cool. No agents or anything needed, it automatically finds and correlates based on malware."
"What I like most about Amazon GuardDuty is that you can monitor your AWS accounts across, but you don't have to pay the additional cost. You can get all your CloudTrail VPC flow logs and DNS logs all in one, and then you get the monitoring with that. A lot of times, if you had a separate tool on-premise, you would have to set up your DNS logs, so usually, Amazon GuardDuty helps with all your additional networking requirements, so I utilize it for continuous monitoring because you can't detect anything if you're not monitoring, and the solution fills that gap. If you don't do anything else first, you can deploy your firewall, and then you've got your Route 53 DNS and DNSSEC, but then Amazon GuardDuty fills that, and then you have audit requirements in AU that says, "Hey, what are your additional logs?", so you can just say, "Hey, we utilize Amazon GuardDuty." You're getting your CloudTrail, your VPC flow logs, and all your DNS logs, and those are your additional logs right there, so the solution meets a lot of requirements. Now, everything comes with a cost, but I also like that the solution also provides threat response and remediation. It's a pretty good product. I've just used it more for log analysis and that's where the value is at, the niche value. Once you do threat detection, it goes into a lot of other integrations you need to implement, so threat detection is only good as the integration, as the user that knows the tools itself, and the architecture and how it's all set up and the rules that you set within that."
"It helps us detect brute-force attacks based on machine learning."
"The way it monitors accounts is definitely a very important feature."
"The most valuable feature is the application control."
"The discovery feature is the most valuable. After you integrate your cloud environment, maybe an Azure or AWS, or a private environment hosted on VMware, it automatically starts discovering the number of servers that are running on that cloud and the number of services that you have done. It is a beautiful feature because, from a security standpoint, it is difficult to identify which VM is compliant or not when you keep on provisioning a number of VMs in the cloud. It also checks for compliance. It checks whether a system is compliant and whether antivirus is installed on a VM. If an antivirus is installed, it checks whether the antivirus is updated to the latest signature package or not. All these things are beautifully done by McAfee Cloud Workload Security. For communicating with the McAfee server, you need to install an agent on the VM. McAfee Cloud Workload Security gives you a direct opportunity to install an agent on a Windows machine. If you have a Windows cloud, you can directly push that agent onto the VM through your McAfee portal. It provides you a single dashboard view of all servers present in the cloud. It shows the servers on which the antivirus is already installed as well as the servers for which the antivirus installation is still pending. This dashboard view is a much-needed thing. It also has a centralized management, which makes it easy to use."
"Sometimes the Storyline ID is a bit wacky."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"We've found a lot of false positives."
"Bugs need to be disclosed quickly."
"PingSafe can be improved by developing a comprehensive set of features that allow for automated workflows."
"I would like PingSafe's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool."
"There is a bit of a learning curve for new users."
"There is room for improvement in the current active licensing model for PingSafe."
"An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"For me, I would say just the presentation of findings, like the dashboards and other stuff, could be improved a bit."
"AWS GuardDuty sometimes shows false positives and should have better detection accuracy."
"The solution's user interface could be improved because it will help users to understand multiple options."
"Amazon GuardDuty could be better enriched in threat intelligence data."
"Improvement-wise, Amazon GuardDuty should have an overall dashboard analytics function so we could see what's in the current environment, and then in addition to that, provide best practices and recommendations, particularly to provide some type of observability, and then figure out the login side of it, based on our current environment, in terms of what we're not monitoring and what we should monitor. The solution should also give us a sample code configuration to implement that added feature or feature request. What I'd like to see in the next release of Amazon GuardDuty are more security analytics, reporting, and monitoring. They should provide recommendations and additional options that answer questions such as "Hey, what can we see in our environment?", "What should we implement within the environment?", What's recommended?" We know that cost will always be associated with that, but Amazon GuardDuty should show us the increased costs or decreased costs if we implement it or don't implement it, and that would be a good feature request, particularly with all products within AWS, just for cloud products in general because there are times features are implemented, but once they're deployed, they don't tell you about costs that would be generated along with those features. After features are deployed, there should a summary of the costs that would be generated, and projected based on current usage, so they would give us the option to figure out how long we're going to use those features and the option to keep those on or turn those off. If more services were like that, a lot more people would use those on the cloud."
"It would be great if the solution had some automation capabilities."
"There is room for improvement in the pricing model."
"Its vulnerability assessment is not the best. We cannot identify the vulnerabilities that are related to the operating system by using McAfee Cloud Workload Security. I wish McAfee would add a vulnerability assessment tool that will not only identify the vulnerability but will also be able to generate a report so that the required patching can be done for the servers. Currently, McAfee Cloud Workload Security only integrates with AWS and Azure. If it can also integrate with GCP, Alibaba, and other cloud services available in the market, it would be good because not all people are using Azure and AWS."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Trellix Cloud Workload Security Pricing and Cost Advice →
AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 20 reviews while Trellix Cloud Workload Security is ranked 18th in Cloud Workload Protection Platforms (CWPP) with 2 reviews. AWS GuardDuty is rated 8.2, while Trellix Cloud Workload Security is rated 9.0. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Trellix Cloud Workload Security writes "Easy policy designing and highly scalable solution". AWS GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Wiz and Akamai Guardicore Segmentation, whereas Trellix Cloud Workload Security is most compared with Trend Vision One - Cloud Security and Prisma Cloud by Palo Alto Networks. See our AWS GuardDuty vs. Trellix Cloud Workload Security report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.