Try our new research platform with insights from 80,000+ expert users

Microsoft Defender XDR vs Trellix Endpoint Security comparison

Microsoft and Trellix are both solutions in the Extended Detection and Response (XDR) category. Microsoft is ranked #4 with an average rating of 8.4, while Trellix is ranked #13 with an average rating of 8.2. Microsoft holds a 7.4% mindshare in XDR, compared to Trellix’s 1.9% mindshare. Additionally, 97% of Microsoft users are willing to recommend the solution, compared to 92% of Trellix users who would recommend it.
Microsoft Defender XDR
Read 96 Microsoft Defender XDR reviews
  • 7,145 Views
  • 5,483 Comparison Views
97% willing to recommend
Trellix Endpoint Security
Read 98 Trellix Endpoint Security reviews
  • 3,206 Views
  • 1,933 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 12, 2025

Trellix Endpoint Security and Microsoft Defender XDR compete in the endpoint security software market. Microsoft Defender XDR seems to have the upper hand due to its seamless integration within the Microsoft ecosystem and advanced protection features.

Features: Trellix Endpoint Security provides robust central management, a unified security architecture integrating various tools, strong encryption, and DLP capabilities. Microsoft Defender XDR features deep integration with Microsoft products, offering EDR, XDR capabilities, and enhanced threat visibility, making it a comprehensive security solution.

Room for Improvement: Trellix users seek improvements in resource consumption, scalability, technical support response, and integration for patches and updates. Microsoft Defender XDR users face challenges with licensing complexity, integration flexibility, particularly with third-party solutions, and desire improved dashboards and automated remediation.

Ease of Deployment and Customer Service: Trellix supports on-premises and hybrid cloud environments but often requires dedicated staff for deployment and maintenance. Its technical support is mixed, with responsiveness but noted delays. Microsoft Defender XDR excels in public and hybrid cloud deployments, offering unified management and high-rated technical support and customer service.

Pricing and ROI: Trellix offers mid-range pricing with flexible licensing, enabling substantial cost savings in recovery expenses. Microsoft Defender XDR can be expensive unless bundled with Microsoft 365, but provides value for cost with its functionality and integration, notably lowering operational costs through ease of use and integration.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Defender XDR vs. Trellix Endpoint Security Report (Updated: January 2025).
Buyer's Guide
Microsoft Defender XDR vs. Trellix Endpoint Security
January 2025
Download the complete report
Helped 832,138 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender XDR
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
96
Ranking in other categories
Endpoint Detection and Response (EDR) (5th), Microsoft Security Suite (2nd)
Trellix Endpoint Security
Ranking in Extended Detection and Response (XDR)
13th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
98
Ranking in other categories
Endpoint Protection Platform (EPP) (9th)
 

Mindshare comparison

As of February 2025, in the Extended Detection and Response (XDR) category, the mindshare of Microsoft Defender XDR is 7.4%, up from 6.1% compared to the previous year. The mindshare of Trellix Endpoint Security is 1.9%, down from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Gabor Nyerd - PeerSpot reviewer
Includes four services and four products, which can help organizations a lot
We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.
Read full review
AhmedEl-Tayeb - PeerSpot reviewer
Good user behavioral analysis and helpful patching but needs better support services
Some of our products have a first and second line owned by us. We are giving support services to the customers instead of the vendor. Some other products are supported directly by the technology vendor, however. Technical support from the vendor is very bad. Usually, when the customer submits a ticket, they put a severity level on the case. Whenever the case is very important, and there is a real malfunction in the product on the customer side, and there is something down that needs someone to have a look immediately, it takes more time than it should to even engage with the customer. When someone has to contact the customer and have a remote session within the customer environment, they sometimes lack in terms of communication with the customer. The support centers are located in the East and not all have an acceptable level of English in order to communicate directly with the customer.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like Defender XDR's reports and alerts. They give you updates about the latest hotfixes and zero-day vulnerabilities, which gives me all the information I need to maintain my servers."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The most valuable feature is the network security."
"The feature I find most valuable is Defender for Endpoint."
"The most valuable aspect is undoubtedly the exploration capability"
More Microsoft Defender XDR pros
"The loss prevention feature would be the most valuable."
"Anyone can use it, the protection is good, and they have all of the features."
"The initial setup is straightforward, not complex."
"The solution provides a data view of the Alpha systems with Trellix installs and makes small changes to the central management console. Nothing on the endpoints themselves works, but it focuses more on the management side."
"The most valuable feature is ease of use."
"The endpoint protection and disk encryption features are the most valuable."
"The solution is reliable."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
More Trellix Endpoint Security pros
 

Cons

"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The web filtering solution needs to be improved because currently, it is very simple."
"Microsoft could improve on threat hunting and build more on threat detection and handling. The cybersecurity and cloud security posture features are a bit lesser than standard security products."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
More Microsoft Defender XDR cons
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
"Trying to move away from the signature model for antivirus and malware blocking is something that would be nice. Instead of having to update every day, which is signature-based, moving to more of a kernel or architecture-based model would probably be beneficial."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
"The VirusScan needs to improve in order to detect ransomware and other advanced threats."
"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."
"Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short."
"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it."
"Signatures to protect against new attacks."
More Trellix Endpoint Security cons
 

Pricing and Cost Advice

"Licensing is somewhat confusing, particularly when presenting our pitch decks to stakeholders and leveraging key features in premium SKUs, but we managed with some assistance from Microsoft."
"I believe that the pricing of the licensing is fair."
"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."
"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."
"Microsoft Defender falls within a mid-tier price range compared to other security solutions."
"The license cost for a year is approximately forty-four thousand, and this annual saving is a significant factor in our decision to switch."
"Defender plan 1 is tenant-wise, and Defender plan 2 is per-user, which makes it more expensive. To have certain features, you would need to purchase the E5 license. For all of the capabilities that the tool provides, the price, though it can be high, is fair."
"The solutions price is fair for what they offer."
More Microsoft Defender XDR pricing and cost advice
"Since the maintenance is done by our own team, the price of the subscription should really be cheaper."
"Pricing is fair."
"There is a one-year and a three-year license available for this solution, we are currently on a three-year license."
"The price of McAfee is pretty similar to Symantec, and there are no costs in addition to the standard licensing fees."
"It is not that expensive. There is no additional cost. We got the entire bundle together."
"I would rate the cost as four to five, considering it's normal compared to other products. I find it nominal and worth the money."
"The pricing is more or less the same as the other tools in the market."
"Trellix may cost around $46 to $47 for a single license without an EDR."
More Trellix Endpoint Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
832,138 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Manufacturing Company
8%
Government
8%
Educational Organization
43%
Government
9%
Computer Software Company
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
See all answers
What is your experience regarding pricing and costs for Microsoft 365 Defender?
Licensing is somewhat confusing, particularly when presenting our pitch decks to stakeholders and leveraging key features in premium SKUs, but we managed with some assistance from Microsoft.
See all answers
What needs improvement with Microsoft 365 Defender?
It would be beneficial to reduce the number of clicks required to navigate between blades, as the current navigation and breadcrumb system can be a bit confusing. Some inconsistencies exist between...
See all answers
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy various components as desired with McAfee Endpoint Security, whereas many othe...
See all answers
What do you like most about McAfee Endpoint Security?
It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts.
See all answers
What is your experience regarding pricing and costs for McAfee Endpoint Security?
The license costs are very reasonable, around 1,000 to 1,200 rupees per year.
See all answers
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR Logo
CrowdStrike Falcon vs Microsoft Defender XDR
Compared 30% of the time
Wazuh vs Microsoft Defender XDR Logo
Wazuh vs Microsoft Defender XDR
Compared 9% of the time
Microsoft Defender for Cloud vs Microsoft Defender XDR Logo
Microsoft Defender for Cloud vs Microsoft Defender XDR
Compared 8% of the time
Trend Vision One vs Microsoft Defender XDR Logo
Trend Vision One vs Microsoft Defender XDR
Compared 4% of the time
Microsoft Purview Compliance Manager vs Microsoft Defender XDR Logo
Microsoft Purview Compliance Manager vs Microsoft Defender XDR
Compared 4% of the time
More Microsoft Defender XDR Competitors
Microsoft Defender for Endpoint vs Trellix Endpoint Security Logo
Microsoft Defender for Endpoint vs Trellix Endpoint Security
Compared 20% of the time
Trellix Endpoint Security (ENS) vs Trellix Endpoint Security Logo
Trellix Endpoint Security (ENS) vs Trellix Endpoint Security
Compared 10% of the time
Trend Micro Deep Security vs Trellix Endpoint Security Logo
Trend Micro Deep Security vs Trellix Endpoint Security
Compared 7% of the time
Kaspersky Endpoint Security for Business vs Trellix Endpoint Security Logo
Kaspersky Endpoint Security for Business vs Trellix Endpoint Security
Compared 6% of the time
Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security Logo
Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security
Compared 6% of the time
More Trellix Endpoint Security Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender XDR
January 2025
Microsoft Defender XDR reportDownload Microsoft Defender XDR product report
Buyer's Guide
Trellix Endpoint Security
January 2025
Trellix Endpoint Security reportDownload Trellix Endpoint Security product report
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
 

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Microsoft

Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

Trellix Endpoint Security Benefits

  • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

  • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

  • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

Trellix Endpoint Security Top Features

  • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

  • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
  • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

Reviews from Real Users

“It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

“There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

Trellix
 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
inHouseIT, Seagate Technology
Buyer's Guide
Microsoft Defender XDR vs. Trellix Endpoint Security
January 2025
Free Report: Microsoft Defender XDR vs. Trellix Endpoint Security
Find out what your peers are saying about Microsoft Defender XDR vs. Trellix Endpoint Security and other solutions. Updated: January 2025.
DOWNLOAD NOW
832,138 professionals have used our research since 2012.
See our Microsoft Defender XDR vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.