We performed a comparison between Trellix Endpoint Security and CrowdStrike Falcon based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say CrowdStrike Falcon would benefit from adding a sandbox feature and more detailed firewall management options.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. CrowdStrike Falcon's customer service is considered prompt and helpful.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive.
ROI: Users reported saving time by implementing Trellix Endpoint Security. CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers.
Comparison Results: Trellix Endpoint Security is preferred over CrowdStrike Falcon. Users appreciate Trellix for its unified management capabilities, including a robust central console that enables simplified administration of all programs. They also value its stability, reliability, and resource efficiency. Users faulted CrowdStrike Falcon for its lack of specific features like sandboxing and granular firewall controls.
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The product integrates security into one tool instead of having third-party security tools."
"The comprehensiveness of Microsoft's threat detection is good."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon."
"The detection and response console is the most valuable feature."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
"It provides a lot of information and great visibility, with really great options for managing the environment."
"I think the costing is fine compared to other products. Cost-wise you definitely get value for your money."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"I feel McAfee Endpoint Security to be a good, mature product."
"It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts."
"When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee."
"It's easy to use and it's very powerful. It offers nice endpoint protection."
"The product is easy to use."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"We should be able to use the product on devices like Apple, Linux, etc."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The web filtering solution needs to be improved because currently, it is very simple."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The solution does not offer a unified response and standard data."
"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."
"In a future release, I would like to see more integrations for data breaches and security features."
"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool."
"It can be expensive depending on the features you select."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"I would like to see the machine learning feature enhanced."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"McAfee Endpoint Protection could improve the word control feature."
"The interface is complex."
"We experienced some bad behavior when we first installed the product. The system also starts slowly in some instances. If for some reason this solution crashes, we could lose all our data."
"I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting."
"Patch management is unavailable"
"Support-wise they need to be better."
"The solution consumes a lot of end user memory and CPU. Trellix doesn't really focus much on the anti-malware side."
"We don't like the solution since it requires much memory consumption and consumes much CPU resources."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 95 reviews. CrowdStrike Falcon is rated 8.8, while Trellix Endpoint Security is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Trend Vision One, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our CrowdStrike Falcon vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.