No more typing reviews! Try our Samantha, our new voice AI agent.

AWS GuardDuty vs Trellix Cloud Workload Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
122
Ranking in other categories
Vulnerability Management (4th), Cloud and Data Center Security (3rd), Container Security (3rd), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (1st), AI Observability (2nd)
AWS GuardDuty
Ranking in Cloud Workload Protection Platforms (CWPP)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
25
Ranking in other categories
No ranking in other categories
Trellix Cloud Workload Secu...
Ranking in Cloud Workload Protection Platforms (CWPP)
26th
Average Rating
9.0
Reviews Sentiment
7.5
Number of Reviews
2
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2026, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 4.9%, up from 2.6% compared to the previous year. The mindshare of AWS GuardDuty is 12.5%, up from 12.2% compared to the previous year. The mindshare of Trellix Cloud Workload Security is 0.6%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Workload Protection Platforms (CWPP) Mindshare Distribution
ProductMindshare (%)
AWS GuardDuty12.5%
SentinelOne Singularity Cloud Security4.9%
Trellix Cloud Workload Security0.6%
Other82.0%
Cloud Workload Protection Platforms (CWPP)
 

Featured Reviews

Sreeraj Mohandas - PeerSpot reviewer
Security Engineer at HashXpert
Consolidated cloud security has reduced manual work and has automated vulnerability remediation
I elaborate on my rating of SentinelOne support by mentioning that there was some time where the troubleshooting took a longer time. In fact, there were many meetings going on. The availability of the document on the internet is on a lesser side because as an engineer, I would want to know about the troubleshooting aspects of this particular tool. When I am facing a customer, I do not prefer to bring the vendor to every call and try to resolve it, as it takes months and months. It would be better to have a training session with the engineer on site to explain and train properly. This is not the case with SentinelOne, so this is the only thing I have a complaint about. I do not have any other room for improvement to suggest within SentinelOne itself. However, I would really want the AI assistant for the threat hunting part to be more accessible. They have it, but they are making it licensed, so it is a bit on the higher end.
SK
Senior IT Auditor at Ernst & Young
Has provided automated threat detection and daily malicious activity insights while supporting seamless orchestration with existing dashboards
I would assess the integration of AWS GuardDuty with Threat Intelligence as majorly positive; no threat intelligence is 100% accurate, and there are a few false positives, but as a security engineer, this must be accepted, and overall, the response and service is good for us. We do not directly use AWS GuardDuty dashboard by itself, as we have our own integrated security dashboard; AWS GuardDuty gives the feed to that dashboard, and it's giving us a satisfactory view of how the security landscape looks. We use metrics such as zero-day threats, any malicious traffic, and any traffic which originates from OFAC countries to measure its effectiveness, as we are majorly into a financial institution, as any traffic that is from a malicious IP or a rogue device. I don't see any significant negative points regarding AWS GuardDuty; it's a good product to have if you're a cloud consumer. I rate AWS GuardDuty nine out of ten overall.
Madan Mohan - PeerSpot reviewer
Director Operations at SOFTPRO PLUS
Easy policy designing and highly scalable solution
The customers really want protection against unauthorized applications running on their servers. They should avoid installing any unknown source and use Trellix Cloud Workload Security for the best solution in workload security. It includes DNS with ransomware protection. With this, they can have complete protection for their servers. Additionally, any solution working with the database should implement change control. So, if any changes are made on the database side, they should be resolved and verified to ensure they are not made by any unknown source. This is the best solution we suggest to customers who want granular control to protect their servers. It's easy to deploy with a single agent. Overall, I would rate the solution a nine out of ten because policy designing is very easy too. And the manageability is very easy. You can easily manage it through EPO and deploy policies within five to ten minutes. No issues with that.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"SentinelOne Singularity Cloud Security is better than other vendors because we get all the cloud-related, data center-related information."
"The ease of use of the platform is very nice."
"The UI and the widgets are what I personally appreciate. I find it easy to use."
"SentinelOne Singularity Cloud Security drastically reduces the mean time to remediate for cloud incidents by shrinking investigation and response time from hours to seconds or minutes."
"Singularity Cloud Native Security provides us with a platform to scan instances when they are getting created, and the dashboard helps us to identify the critical issues."
"The solution helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console."
"I would definitely recommend SentinelOne Singularity Cloud Security for infrastructure security."
"The GUI is one of the best features. Audit reports and documentation for alerts are also valuable."
"The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."
"The out-of-band malware detection from the EBS volumes. It's really cool. No agents or anything needed, it automatically finds and correlates based on malware."
"Deployment is great, and we didn't face any big challenges."
"Amazon GuardDuty is a very good service, and we are not planning to change it any time soon."
"We generally use AWS GuardDuty for detection of zero-day vulnerabilities and automatic threat responses; it serves as a SOAR, an orchestrated and automated response solution for us in the AWS platform."
"Overall, GuardDuty is a very easy-to-use tool, and I would recommend it even to those who are not tech-savvy."
"What I like most about Amazon GuardDuty is that you can monitor your AWS accounts across, but you don't have to pay the additional cost. You can get all your CloudTrail VPC flow logs and DNS logs all in one, and then you get the monitoring with that. A lot of times, if you had a separate tool on-premise, you would have to set up your DNS logs, so usually, Amazon GuardDuty helps with all your additional networking requirements, so I utilize it for continuous monitoring because you can't detect anything if you're not monitoring, and the solution fills that gap. If you don't do anything else first, you can deploy your firewall, and then you've got your Route 53 DNS and DNSSEC, but then Amazon GuardDuty fills that, and then you have audit requirements in AU that says, "Hey, what are your additional logs?", so you can just say, "Hey, we utilize Amazon GuardDuty." You're getting your CloudTrail, your VPC flow logs, and all your DNS logs, and those are your additional logs right there, so the solution meets a lot of requirements. Now, everything comes with a cost, but I also like that the solution also provides threat response and remediation. It's a pretty good product. I've just used it more for log analysis and that's where the value is at, the niche value. Once you do threat detection, it goes into a lot of other integrations you need to implement, so threat detection is only good as the integration, as the user that knows the tools itself, and the architecture and how it's all set up and the rules that you set within that."
"Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing."
"The discovery feature is the most valuable. After you integrate your cloud environment, maybe an Azure or AWS, or a private environment hosted on VMware, it automatically starts discovering the number of servers that are running on that cloud and the number of services that you have done. It is a beautiful feature because, from a security standpoint, it is difficult to identify which VM is compliant or not when you keep on provisioning a number of VMs in the cloud. It also checks for compliance. It checks whether a system is compliant and whether antivirus is installed on a VM. If an antivirus is installed, it checks whether the antivirus is updated to the latest signature package or not. All these things are beautifully done by McAfee Cloud Workload Security. For communicating with the McAfee server, you need to install an agent on the VM. McAfee Cloud Workload Security gives you a direct opportunity to install an agent on a Windows machine. If you have a Windows cloud, you can directly push that agent onto the VM through your McAfee portal. It provides you a single dashboard view of all servers present in the cloud. It shows the servers on which the antivirus is already installed as well as the servers for which the antivirus installation is still pending. This dashboard view is a much-needed thing. It also has a centralized management, which makes it easy to use."
"All these things are beautifully done by McAfee Cloud Workload Security."
"The most valuable feature is the application control."
 

Cons

"After closing an alert in Cloud Native Security, it still shows as unresolved."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"The Infrastructure as Code service available in SentinelOne Singularity Cloud Security and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in SentinelOne Singularity Cloud Security. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on SentinelOne Singularity Cloud Security, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great."
"They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding."
"They need more experienced support personnel."
"Some of the navigation and some aspects of the portal may be a little bit confusing."
"To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"For the next release, they could provide IPS features as well."
"Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play."
"Improvement-wise, Amazon GuardDuty should have an overall dashboard analytics function so we could see what's in the current environment, and then in addition to that, provide best practices and recommendations, particularly to provide some type of observability, and then figure out the login side of it, based on our current environment, in terms of what we're not monitoring and what we should monitor. The solution should also give us a sample code configuration to implement that added feature or feature request. What I'd like to see in the next release of Amazon GuardDuty are more security analytics, reporting, and monitoring. They should provide recommendations and additional options that answer questions such as "Hey, what can we see in our environment?", "What should we implement within the environment?", What's recommended?" We know that cost will always be associated with that, but Amazon GuardDuty should show us the increased costs or decreased costs if we implement it or don't implement it, and that would be a good feature request, particularly with all products within AWS, just for cloud products in general because there are times features are implemented, but once they're deployed, they don't tell you about costs that would be generated along with those features. After features are deployed, there should a summary of the costs that would be generated, and projected based on current usage, so they would give us the option to figure out how long we're going to use those features and the option to keep those on or turn those off. If more services were like that, a lot more people would use those on the cloud."
"If you are looking for advanced security that would provide higher checks to secure their environment, this may not be enough."
"There is currently no consolidated dashboard for AWS GuardDuty. It would be helpful if they could provide a dashboard based on severity levels (high, medium, low) and offer insights account-wise, especially for users utilizing automation structures."
"GuardDuty is limited to AWS environments."
"It would be great if the solution had some automation capabilities."
"Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution."
"There is room for improvement in the pricing model."
"Its vulnerability assessment is not the best. We cannot identify the vulnerabilities that are related to the operating system by using McAfee Cloud Workload Security. I wish McAfee would add a vulnerability assessment tool that will not only identify the vulnerability but will also be able to generate a report so that the required patching can be done for the servers. Currently, McAfee Cloud Workload Security only integrates with AWS and Azure. If it can also integrate with GCP, Alibaba, and other cloud services available in the market, it would be good because not all people are using Azure and AWS."
"Its vulnerability assessment is not the best. We cannot identify the vulnerabilities that are related to the operating system by using McAfee Cloud Workload Security."
 

Pricing and Cost Advice

"The pricing is somewhat high compared to other market tools."
"PingSafe is less expensive than other options."
"The pricing for PingSafe in India was more reasonable than other competitors."
"The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity."
"PingSafe is fairly priced."
"SentinelOne offers excellent pricing and licensing options."
"SentinelOne Singularity Cloud Security is on the costlier side."
"SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven."
"The tool has no subscription charges."
"It can get very expensive. If you turn on every feature, it can turn into hundreds of thousands of dollars."
"The platform is inexpensive."
"Pricing is determined by the number of events sent."
"On a scale of one to ten, where one is a high price, and ten is a low price, I rate the pricing a four or five, which is somewhere in the middle."
"The pricing model is pay as you go and is based on the number of events per month."
"We use a pay-as-you-use license, which is competitively priced in the market."
"I prefer to have something on demand for myself. That's why I haven't been paying for GuardDuty specifically. AWS provides a wide range of offerings, especially in the security area."
"It is not an expensive product. I am in the Indian market, and it is one of the most reliable and cost-effective solutions."
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
890,088 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
11%
Manufacturing Company
9%
Government
5%
Financial Services Firm
14%
Computer Software Company
10%
Manufacturing Company
9%
Government
7%
Comms Service Provider
17%
Government
13%
Construction Company
10%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business51
Midsize Enterprise22
Large Enterprise57
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise15
No data available
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
Regarding the pricing for SentinelOne Singularity Cloud Security, I do not think it is something I can compare.
What needs improvement with PingSafe?
I do not see room for improvement in SentinelOne Singularity Cloud Security. In the future, I would like to see the i...
What is your experience regarding pricing and costs for Amazon GuardDuty?
AWS GuardDuty is an expensive feature, and while you can't expect the price to be low, it can be lower because it's p...
What needs improvement with Amazon GuardDuty?
AWS GuardDuty is a good product; it's doing its job right now, and I don't see any additional improvements needed. Co...
What is your primary use case for Amazon GuardDuty?
We generally use AWS GuardDuty for detection of zero-day vulnerabilities and automatic threat responses; it serves as...
Ask a question
Earn 20 points
 

Also Known As

PingSafe
No data available
McAfee Cloud Workload Security
 

Overview

 

Sample Customers

Information Not Available
autodesk, mapbox, fico, webroot
Information Not Available
Find out what your peers are saying about AWS GuardDuty vs. Trellix Cloud Workload Security and other solutions. Updated: April 2026.
890,088 professionals have used our research since 2012.