We performed a comparison between Trellix Endpoint Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The integration, visibility, vulnerability management, and device identification are valuable."
"Microsoft 365 Defender is simple to upgrade."
"Trellix Security Endpoint can promptly isolate any host machines directly from the console. If alerts are received and isolation is necessary, it can be accomplished through the console. The console itself holds significant value, accessible through a browser and allowing remote actions via cloud login."
"The solution is stable."
"The most valuable features are reporting from the ePO console and the advanced threat protection (ATP)."
"It can be deployed quickly, and it's scalable. Those are the two advantages of it."
"The detection is great and the solution is constantly improving."
"Tech support is responsive. They're good, the very best."
"The solution provides dashboard control, so we can centrally monitor the entire status of our organization."
"It has been protecting us for many years, and we hope it will continue to do so for many years to come."
"I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
"The proactive approach is the best feature."
"I like Vision One's workbench. It provides helpful logs that I can search, and the telemetry is excellent because I can see what's happening during an attack or potential attack."
"The search features help us try to correlate information and identify any suspicious activity."
"One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well."
"We've found the pricing to be reasonable."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it."
"The interface is complex."
"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it."
"I've encountered minor challenges related to encryption."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
"It would be nice if the solution was a bit more stable."
"The initial setup isn't so easy. You need to know what you are doing."
"McAfee Endpoint Protection could improve the word control feature."
"The zero trust is a bit complicated compared to other parts of the solution."
"I would like to have the capability to export the information we receive from the XDR into Microsoft Excel."
"The automation capabilities on-premises could be improved, as we currently have to manually activate servers and push policies."
"In new versions I would like to see better implementation of the reporting features, especially in regards to EDR visibility."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
"The support documentation could be more comprehensive."
"It would be ideal if they could improve the control of connectivity between sensors."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 96 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews. Trellix Endpoint Security is rated 8.0, while Trend Vision One is rated 8.6. The top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete and Microsoft Defender for Endpoint. See our Trellix Endpoint Security vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.