We performed a comparison between Microsoft Defender for Endpoint and Trellix Active Response based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The setup is pretty simple."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"This is stable and scalable."
"The product detects and blocks threats and is more proactive than firewalls."
"Fortinet is very user-friendly for customers."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It is a very advanced system based on AI. It has a very large database of places or sites on the internet where you should not go. It is continuously online."
"I like the real-time protection features. Windows Defender will detect if there's a threat like a Trojan or something like that but Kaspersky lets it run normally."
"Coming from an organization where the EDR wasn't strong, it has always been a case of basically searching through the information you already have and looking for something. It was basically trying to find the needle in a haystack. What the Defender platform does is that it reduces the size of the haystack, and it'll say that the needle is over here. Minutes matter, and it certainly zeros you in on the events that are concerning. It also simplifies the effort of trying to get some kind of correlation of behaviors or actions you see in the environment and confirming if something is benign or a threat."
"Automatic scanning and cleaning of viruses is the best and most valuable feature helping this tool to thrive. If any viruses are found, they are cleaned automatically."
"It can reach our applications and PC activities in the cloud."
"For threat-hunting, I'll put some threats in a test scenario. I've downloaded known viruses that are out in the public for testing. They're not really a virus but they've got a signature. Defender for Endpoint will automatically find those, quarantine them for me, and alert me to what it did. It gives me "automated eyes.""
"Its threat intelligence feature is beneficial. This solution smoothly integrates with SIEM."
"Defender for Endpoint is a robust solution that works well out-of-the-box."
"We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."
"The solution is scalable."
"It's a little lighter compared to the older version, which was mostly signature-based."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Making the portal mobile friendly would be helpful when I am out of office."
"I haven't seen the use of AI in the solution."
"The solution is not stable."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"A single dashboard would be a significant improvement."
"The solution could always be more secure."
"With regards to the interface, a challenge I found was that there was not enough documentation on how to tune it. I had to read multiple sources on the internet to learn how to configure the tool appropriately."
"The solution has minimal customization options, especially compared to Mandiant, so we want to see more scope for customization. A single portal for customization would also be a welcome addition."
"The time it takes to implement policies has room for improvement."
"The pricing could be a bit better."
"If you have multi-cloud like Google and AWS, the native solutions are better for those particular cases."
"Notifications are always popping up — I hate that."
"I also expected Active Response 's user interface to be much more analytical."
"There are some components on the cloud that should also reside in the on-prem deployment models but don't."
"While the product is good, we are currently facing support issues."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Earn 20 points
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while Trellix Active Response is ranked 57th in Endpoint Detection and Response (EDR). Microsoft Defender for Endpoint is rated 8.0, while Trellix Active Response is rated 6.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Active Response writes "Lighter with good stability and pretty good technical support". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas Trellix Active Response is most compared with Trellix Endpoint Detection and Response (EDR) and Trellix Endpoint Security (ENS).
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.