Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security (ENS) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Number of Reviews
90
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (3rd)
Trellix Endpoint Security (...
Ranking in Endpoint Protection Platform (EPP)
22nd
Average Rating
7.6
Number of Reviews
53
Ranking in other categories
Endpoint Detection and Response (EDR) (17th)
 

Mindshare comparison

As of November 2024, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.3%, down from 5.4% compared to the previous year. The mindshare of Trellix Endpoint Security (ENS) is 1.6%, down from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Dec 15, 2022
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Venugopal Potumudi - PeerSpot reviewer
Nov 7, 2022
Reliable with good independent modules and a straightforward setup
I'd rate the solution seven out of ten. Having used Trend Micro as well, I would rate Trend Micro higher. However, I would still choose this product as a second option. When we recommend a product, we would recommend something based on the fit of the product and customer requirements. We worked with Defender, we worked with Trend Micro, and we worked with McAfee. All of them almost overlap in multiple use cases. That said, we do see the customer IT strategy and where they're going, and they are adopting Azure more. We know there are certain limitations in their landscape where there may be some old legacy systems, and in that case, then we would either switch back to McAfee or Trend Micro instead of Defender.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is easy to use."
"They have a new GUI which is just fantastic."
"The dashboard is customizable."
"Palo Alto is constantly adding new features."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"The protection offered by this product is good, as is the endpoint reporting."
"Threat identification and detection are the most valuable features of this solution."
"It is very valuable in finding out unknown malware."
"McAfee MVISION Endpoint is stable."
"Trellix integrates well with most SIEM and data classification solutions."
"I have not received any complaints about the performance."
"The threat scanning is excellent. It uses predictive technology and I can utilize attack data to help us fine-tune our systems and network infrastructure. This protects us against current and future attacks."
"If the network has seen something, we can use that to put a block to all the endpoints."
"MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle."
"The independent modules are very good."
 

Cons

"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"There are a large number of false positives."
"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."
"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"The solution should add unwanted malicious hash values to a block list so that whenever the action is triggered, it will automatically prevent the malicious content."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"The complexity of advanced modules can be improved."
"The technical support needs some improvement. When product distribution errors occur, we have to contact technical support, which is a very tedious task."
"The way that signatures work when using this solution could be improved. They could be more user friendly. We would like the ability to select a client's signature from a menu or file share to save time."
"Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive."
"MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint."
"It is a bit technical. The user interface has some significant limitations, mainly when using HIPS on the server side, to protect files from being changed or deleted by hackers, users, or administrators."
"From an improvement perspective, I want everything in the solution to be free."
"The initial setup can be a bit complicated for those unfamiliar with the product."
 

Pricing and Cost Advice

"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"I am using the Community edition."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"I feel it is fairly priced."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"Licensing fees are paid yearly."
"Licensing fees are billed on a yearly basis."
"It is not so cheap in comparison to Sophos and other solutions."
"The pricing is mid-ranged and quite reasonable compared to other similar products."
"Trellix Endpoint Security (ENS) has a reasonable price."
"Customers would need to purchase a license. If a customer purchases an MVISION Endpoint license, he may use that license to install ENS. It's a flexible license where you have the option to either use the McAfee security software or the Windows Defender managed by McAfee, which is MVISION Endpoint."
"There's a subscription on a yearly basis. It's not that expensive; it's quite affordable."
"Trellix Endpoint Security (ENS) is not a cheap solution...I don't think any costs are involved in the maintenance of the solution."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
9%
Government
8%
Manufacturing Company
7%
Computer Software Company
15%
Government
13%
Manufacturing Company
11%
Financial Services Firm
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy various components as desired with McAfee Endpoint Security, whereas many othe...
How does Crowdstrike Falcon compare with FireEye Endpoint Security?
The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effective program. Its graphical design is such that it makes an extremely useful too...
What do you like most about McAfee MVISION Endpoint?
The product's initial setup phase was straightforward.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
McAfee MVISION Endpoint, Trellix Endpoint Security (HX)
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Tech Resources Limited, Globe Telecom, Rizal Commercial Banking Corporation
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security (ENS) and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.