Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Trellix Advanced Threat Defense comparison

Microsoft and Trellix are both solutions in the Advanced Threat Protection (ATP) category. Microsoft is ranked #2 with an average rating of 8.3, while Trellix is ranked #22 with an average rating of 9.0. Microsoft holds a 9.1% mindshare in ATP, compared to Trellix’s 1.7% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 83% of Trellix users who would recommend it.
Microsoft Defender for Endp...
Read 192 Microsoft Defender for Endpoint reviews
  • 2,028 Views
  • 1,591 Comparison Views
94% willing to recommend
Trellix Advanced Threat Def...
Read 8 Trellix Advanced Threat Defense reviews
  • 391 Views
  • 251 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 1, 2024

Trellix Advanced Threat Defense and Microsoft Defender for Endpoint compete in the cybersecurity market, focusing on defending against advanced cyber threats. Data analysis shows Microsoft Defender for Endpoint has an upper hand due to its broad feature set, despite Trellix offering advantageous pricing and support.

Features: Trellix Advanced Threat Defense excels in real-time sophisticated threat detection, automated incident responses, and strong threat analysis capabilities. Microsoft Defender for Endpoint stands out with integrated threat intelligence, multi-platform support, and high-quality threat analytics.

Room for Improvement: Trellix could enhance user interface intuitiveness, expand integration capabilities, and optimize threat intelligence updates. Microsoft Defender for Endpoint could improve its initial cost structure, enhance feature customization, and streamline cross-platform interoperability.

Ease of Deployment and Customer Service: Trellix Advanced Threat Defense offers a streamlined deployment process with rich support options, although it can be complex due to customization needs. Microsoft Defender for Endpoint benefits from easy integration within Microsoft environments, backed by comprehensive support documents, making its deployment more straightforward.

Pricing and ROI: Trellix Advanced Threat Defense provides competitive pricing and substantial ROI for budget-conscious organizations. Microsoft Defender for Endpoint, while carrying a higher initial cost, justifies this through its extensive features and long-term integration benefits, making the investment worthwhile in the long run.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Defender for Endpoint vs. Trellix Advanced Threat Defense Report (Updated: March 2025).
Buyer's Guide
Microsoft Defender for Endpoint vs. Trellix Advanced Threat Defense
March 2025
Download the complete report
Helped 846,617 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Advanced Threat Protection (ATP)
2nd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (5th)
Trellix Advanced Threat Def...
Ranking in Advanced Threat Protection (ATP)
22nd
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Advanced Threat Protection (ATP) category, the mindshare of Microsoft Defender for Endpoint is 9.1%, down from 11.4% compared to the previous year. The mindshare of Trellix Advanced Threat Defense is 1.7%, up from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP)
 

Featured Reviews

AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
Read full review
HS
Easy to set up and use with a nice interface
The scalability could be better. We'd like them to be better at dealing with script threats. In sandboxing, the time to respond is slower than we would like. We'd like them to be able to process faster. For example, Fortinet, they are doing 18,000 files per hour. For Wildfire, it is elastic. It can support as many files as you get. McAfee doesn't react like that. It does not support interfaces with HTTPS.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Microsoft Defender for Endpoint is a robust platform."
"The installation is straightforward."
"Defender should be fine for home use. It has all the basic functionality you need. I can't speak to how well it works as an enterprise solution because I'm not in the space."
"User-friendly, offering safety and security."
"Defender provides useful alerts and groups them. It sends an alert to your portal if it detects any malicious activity, and you can group multiple alerts to form an incident."
"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."
"Defender's analytics are much better than CrowdStrike's."
"The performance of Microsoft Defender for Endpoint has been good."
More Microsoft Defender for Endpoint pros
"I recommend this solution because of its ease of use."
"It stops in excess of twenty-five malware events per month, all of which could be critical to the business."
"The most valuable features are the administration console and its detection and response module."
"Provides good exfiltration, and is an all-in-one product."
"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server."
"It is very scalable."
"It is stable and reliable."
 

Cons

"Reporting could be improved. I would like to see how many security incidents occurred in the last six months, how many devices were highly exposed to security risks, and how many devices were actually compromised."
"The solution could use improvement on the interface."
"Some integration components for Mac should be added. We use both Windows 10 desktops and Mac desktops, but presently, the Mac component is still lagging a bit behind."
"The onboarding and deployment could be more user-friendly, and there is room to grow in some of the reports. I don't want them to be oversimplified or overly complex, but there is room for improvement in the reporting it can do. It's relatively minor."
"The user interface could use some improvement."
"It would be helpful if they offered video tutorial guides."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"Localization is always a challenge, especially with new products you typically want. Solutions are designed to be deployed where the most licenses are being consumed, such as in the United States. They focus on US products, devices, and networks. Specialized deployments for other countries would allow for a smoother experience in transition."
More Microsoft Defender for Endpoint cons
"We'd like them to be better at dealing with script threats."
"Lacks remote capabilities not dependent on the internet."
"The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."
"I would like to see future versions of the solution incorporate artificial intelligence technology."
"There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client."
"This solution needs to be made "cloud ready"."
"Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version."
 

Pricing and Cost Advice

"It came with Windows."
"I'm not too familiar with costs as I'm an architect, though I know about online pricing, as I help two teams with online purchasing and procurement. Nowadays, everyone has an enterprise agreement, such as an E3 license, which we provide to our customers."
"They are now doing it on an endpoint basis. It is based on the number of endpoints, which is good."
"It is so expensive. It isn't cheaper than McAfee or other solutions."
"Licensing options vary. Some customers buy it as an enterprise agreement and pay yearly. Others buy it as a CSP, so they pay per month. It completely depends on the customer's needs."
"This is an expensive product and licensing for all Microsoft products is a big issue."
"Microsoft Defender for Endpoint is more affordable compared to some other endpoint solutions."
"I pay for it through the Windows Professional or Standard license. It is a one-time cost for me, and I use the same license."
More Microsoft Defender for Endpoint pricing and cost advice
"The product is expensive, but it is better than the rest of them in the industry."
"Our licensing fees for this solution are approximately one million dollars per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
846,617 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
27%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
Financial Services Firm
18%
Government
15%
Manufacturing Company
14%
Computer Software Company
13%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
See all answers
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
See all answers
What do you like most about McAfee Advanced Threat Defense?
I recommend this solution because of its ease of use.
See all answers
What needs improvement with McAfee Advanced Threat Defense?
There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client.
See all answers
What is your primary use case for McAfee Advanced Threat Defense?
We use the solution for client management and security. We used the whole suite for client Firewall, antivirus, and everything provided by Trellix.
See all answers
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender for Endpoint Logo
CrowdStrike Falcon vs Microsoft Defender for Endpoint
Compared 8% of the time
Microsoft Intune vs Microsoft Defender for Endpoint Logo
Microsoft Intune vs Microsoft Defender for Endpoint
Compared 5% of the time
Symantec Endpoint Security vs Microsoft Defender for Endpoint Logo
Symantec Endpoint Security vs Microsoft Defender for Endpoint
Compared 5% of the time
F-Secure Total vs Microsoft Defender for Endpoint Logo
F-Secure Total vs Microsoft Defender for Endpoint
Compared 4% of the time
HP Wolf Security vs Microsoft Defender for Endpoint Logo
HP Wolf Security vs Microsoft Defender for Endpoint
Compared 4% of the time
More Microsoft Defender for Endpoint Competitors
Microsoft Defender for Identity vs Trellix Advanced Threat Defense Logo
Microsoft Defender for Identity vs Trellix Advanced Threat Defense
Compared 51% of the time
Fortinet FortiSandbox vs Trellix Advanced Threat Defense Logo
Fortinet FortiSandbox vs Trellix Advanced Threat Defense
Compared 49% of the time
More Trellix Advanced Threat Defense Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender for Endpoint
March 2025
Microsoft Defender for Endpoint reportDownload Microsoft Defender for Endpoint product report
Buyer's Guide
Advanced Threat Protection (ATP)
March 2025
Trellix Advanced Threat Defense reportDownload Trellix Advanced Threat Defense product report
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
McAfee Advanced Threat Defense
 

Interactive Demo

Microsoft
Demo not available
Trellix
 

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Powerful advanced threat detection

Uncover Hidden Threats

Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.

Threat Intelligence Sharing

Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.

Enable Investigation

Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.

Trellix
 

Sample Customers

Petrofrac, Metro CSG, Christus Health
The Radicati Group, Florida International University, MGM Resorts International, County Durham andDarlington NHS Foundation Trust
Buyer's Guide
Microsoft Defender for Endpoint vs. Trellix Advanced Threat Defense
March 2025
Free Report: Microsoft Defender for Endpoint vs. Trellix Advanced Threat Defense
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Trellix Advanced Threat Defense and other solutions. Updated: March 2025.
DOWNLOAD NOW
846,617 professionals have used our research since 2012.
See our Microsoft Defender for Endpoint vs. Trellix Advanced Threat Defense report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.