Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs Trellix Endpoint Security (ENS) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
35th
Ranking in Endpoint Detection and Response (EDR)
25th
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
No ranking in other categories
Trellix Endpoint Security (...
Ranking in Endpoint Protection Platform (EPP)
27th
Ranking in Endpoint Detection and Response (EDR)
20th
Average Rating
7.6
Reviews Sentiment
7.4
Number of Reviews
54
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.9%, down from 1.2% compared to the previous year. The mindshare of Trellix Endpoint Security (ENS) is 1.6%, down from 2.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Chad Kliewer - PeerSpot reviewer
We can make more informed decisions on whether an action is malicious
The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.
Shreyansh Sharma - PeerSpot reviewer
Our main antivirus tool and offers adaptive threat prevention tool
The technical support needs some improvement. When product distribution errors occur, we have to contact technical support, which is a very tedious and time consuming task. After raising the call onto the technical support portal, usually receive a notification after 24 hours. It usually takes 3 to 4 days to conclude and resolve the issue. If 24/7 online support or a phone line where we could speak directly with technical support for real-time troubleshooting, that would be very helpful. Licensing is another aspect where trellix should look into. Different purchases are grouped together in single user account get mixed up. Categorization of purchases and their grant numbers is not available to end user.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial setup was straightforward."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"The dashboard is very good and you can consider it as an interactive UI."
"What I find most valuable is the clarity of the platform. It is very straightforward."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"The initial setup is not overly complicated."
"For me, the technical support is good."
"What I find most valuable is the clarity of the platform."
"Technical support is excellent."
"The platform's most valuable features are AI capabilities and its quick updates."
"The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
"The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow."
"The EPO, the ePolicy Orchestrator, is the best endpoint protection central management system."
"If the network has seen something, we can use that to put a block to all the endpoints."
"It is a really strong solution for endpoint security."
"I have not received any complaints about the performance."
 

Cons

"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"The product's reporting isn't great."
"I feel it is a shame that I cannot create groups of groups with inheritance."
"I would like to see improvements on the operational side, specifically in grouping."
"The network coverage becomes an issue most of the time."
"They need to improve their technical support services."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us."
"The performance could be better. I noticed that it slows down a bit."
"The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux. We would also like assets grouping and device lock protection features, which are included in their roadmap."
"I hope the solution can be used in cloud systems going forward."
"Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive."
"Sometimes, one might face issues with the scalability of the product. The aforementioned area can be considered for improvement."
"The product is consolidating its portfolio into one product. It is difficult at the moment."
"In some cases, the detection part was not accurate enough. We opened a few cases for the vendor to help us with some miscategorized findings on the endpoints. There were some false positive detections, and we had to work with the vendor to get them tested. We even had some incidents that were not detected. It was a black box type of solution for us."
 

Pricing and Cost Advice

"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"I do not have experience with the licensing of the product."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"In terms of cost, this is a good choice for our needs."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"This product is somewhat expensive and should be cheaper."
"The pricing is manageable."
"It was an annual fee. There was just one overall fee."
"There's a subscription on a yearly basis. It's not that expensive; it's quite affordable."
"The pricing is reasonable."
"It is not so cheap in comparison to Sophos and other solutions."
"The price of the product is similar to the ones in the market that offer the same features."
"Trellix Endpoint Security (ENS) has a reasonable price."
"It is based on an annual subscription."
"They should reduce the cost or make it free, open-source software."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
848,396 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
8%
Government
6%
Computer Software Company
15%
Financial Services Firm
13%
Government
12%
Manufacturing Company
11%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy various components as desired with McAfee Endpoint Security, whereas many othe...
How does Crowdstrike Falcon compare with FireEye Endpoint Security?
The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effective program. Its graphical design is such that it makes an extremely useful too...
What do you like most about McAfee MVISION Endpoint?
The product's initial setup phase was straightforward.
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
McAfee MVISION Endpoint, Trellix Endpoint Security (HX)
 

Overview

 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Tech Resources Limited, Globe Telecom, Rizal Commercial Banking Corporation
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Trellix Endpoint Security (ENS) and other solutions. Updated: April 2025.
848,396 professionals have used our research since 2012.