Try our new research platform with insights from 80,000+ expert users

Microsoft Sentinel vs Trellix ESM comparison

Microsoft and Trellix are both solutions in the Security Information and Event Management (SIEM) category. Microsoft is ranked #2 with an average rating of 8.4, while Trellix is ranked #22 with an average rating of 7.6. Microsoft holds a 10.8% mindshare in SIEM, compared to Trellix’s 0.8% mindshare. Additionally, 93% of Microsoft users are willing to recommend the solution, compared to 75% of Trellix users who would recommend it.
Microsoft Sentinel
Read 89 Microsoft Sentinel reviews
  • 23,840 Views
  • 13,739 Comparison Views
93% willing to recommend
Trellix ESM
Read 36 Trellix ESM reviews
  • 3,011 Views
  • 1,160 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Trellix ESM and Microsoft Sentinel are two comprehensive security management solutions. Microsoft Sentinel stands out with superior features, making it worth the investment.

Features: Trellix ESM provides advanced threat detection and response capabilities, integration with various security tools, and comprehensive reporting functionalities. Microsoft Sentinel offers seamless integration with Azure services, advanced AI-driven analytics, and extensive scalability. Users find Microsoft Sentinel's features more valuable for enterprise-level security management.

Room for Improvement: Trellix ESM users suggest enhancements to threat intelligence integration, more user-friendly configurations, and better user interface design. Microsoft Sentinel users request improvements in log retention policies, alignment with non-Microsoft services, and more detailed documentation. Trellix ESM requires more work on intelligence integration while Microsoft Sentinel needs to refine its retention policies and documentation.

Ease of Deployment and Customer Service: Trellix ESM's deployment process is straightforward, and it offers reliable customer support. Microsoft Sentinel, while also easy to deploy, benefits significantly from integration with Azure’s ecosystem. Some users report delays in customer service from Microsoft. Trellix ESM excels in customer support, while Microsoft Sentinel benefits from smoother integration within the Azure environment.

Pricing and ROI: Trellix ESM offers competitive setup costs and a solid return on investment through its advanced threat management capabilities. Microsoft Sentinel may come at a higher initial cost but delivers a higher ROI due to its scalable and efficient security features. Users feel the investment in Microsoft Sentinel pays off with its advanced capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Sentinel vs. Trellix ESM Report (Updated: October 2024).
Buyer's Guide
Microsoft Sentinel vs. Trellix ESM
October 2024
Download the complete report
Helped 816,406 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

Sentiment score
7.3
Microsoft Sentinel support is generally positive, with mixed reviews on responsiveness and the necessity for premium support tiers.
Sentiment score
5.9
Trellix ESM customer support is inconsistent, with mixed reviews on responsiveness, expertise, and service speed; improvement needed.
 

Room For Improvement

Sentiment score
5.0
Microsoft Sentinel users want better integration, more tools, improved UI, clearer documentation, reduced costs, and enhanced alert system.
Sentiment score
7.3
Trellix ESM requires a user-friendly interface, faster support, better integration, advanced features, improved performance, and enhanced customization.
 

Scalability Issues

Sentiment score
8.1
Microsoft Sentinel offers scalable, automatic resource adjustments, multi-region support, and extensive data integration, adapting to diverse organizational needs.
Sentiment score
8.5
Trellix ESM is highly scalable, accommodating various company sizes and environments, from on-premises enterprises to cloud-based small businesses.
 

Setup Cost

Sentiment score
5.2
Microsoft Sentinel offers value through integration but requires careful cost management due to its complex, consumption-based pricing model.
No sentiment score available
 

Stability Issues

Sentiment score
8.4
Microsoft Sentinel is highly stable and reliable, with 99.9% availability, despite some integration and log ingestion issues.
Sentiment score
8.5
Users have mixed experiences with Trellix ESM's stability, ranging from perfect scores to issues with power interruptions and service failures.
 

Valuable Features

Sentiment score
8.5
Microsoft Sentinel offers seamless integration, automation, AI capabilities, and scalable threat detection, enhancing security with cost-effectiveness and efficient monitoring.
Sentiment score
8.0
Trellix ESM offers robust security features, easy deployment, effective threat monitoring, user-friendly interface, and excellent vendor support.
 

Categories and Ranking

Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
8.2
Reviews Sentiment
7.4
Number of Reviews
89
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (5th)
Trellix ESM
Ranking in Security Information and Event Management (SIEM)
22nd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 10.8%, down from 12.8% compared to the previous year. The mindshare of Trellix ESM is 0.8%, down from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Nitin Arora - PeerSpot reviewer
Gives us one place to investigate and respond to threats, and automation eliminates manual work
They can work on the EDR side of things. It is already really superb, because of the kinds of features we get with the EDR solution. It's not a standard EDR and they have recently enhanced things. But the problem is with onboarding devices. I have different OS flavors, including a large number of Linux, Windows, macOS, and some on-prem machines as well. Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. They can eliminate having to do manual configuration for the machines, and check the different types of configurations for each OS. In some cases, it does not support some OSs. If they could reduce this type of work, that would be really amazing.
Read full review
Daniel Durian - PeerSpot reviewer
Helps to monitor and detect cyberattacks
The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
816,406 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Educational Organization
75%
Financial Services Firm
4%
Computer Software Company
3%
Government
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about McAfee ESM?
The solution's technical support is great.
See all answers
What is your experience regarding pricing and costs for McAfee ESM?
Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.
See all answers
What needs improvement with McAfee ESM?
The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.
See all answers
 

Comparisons

AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 20% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 10% of the time
Cortex XSIAM vs Microsoft Sentinel Logo
Cortex XSIAM vs Microsoft Sentinel
Compared 7% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 6% of the time
Google Chronicle Suite vs Microsoft Sentinel Logo
Google Chronicle Suite vs Microsoft Sentinel
Compared 5% of the time
More Microsoft Sentinel Competitors
Splunk Enterprise Security vs Trellix ESM Logo
Splunk Enterprise Security vs Trellix ESM
Compared 25% of the time
ArcSight Enterprise Security Manager (ESM) vs Trellix ESM Logo
ArcSight Enterprise Security Manager (ESM) vs Trellix ESM
Compared 20% of the time
LogRhythm SIEM vs Trellix ESM Logo
LogRhythm SIEM vs Trellix ESM
Compared 17% of the time
IBM Security QRadar vs Trellix ESM Logo
IBM Security QRadar vs Trellix ESM
Compared 12% of the time
Graylog Security vs Trellix ESM Logo
Graylog Security vs Trellix ESM
Compared 5% of the time
More Trellix ESM Competitors
 

Product Reports

Buyer's Guide
Microsoft Sentinel
November 2024
Microsoft Sentinel reportDownload Microsoft Sentinel product report
Buyer's Guide
Trellix ESM
October 2024
Trellix ESM reportDownload Trellix ESM product report
 

Also Known As

Azure Sentinel
McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
 

Learn More

Microsoft
Video not available
Trellix
 

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

 

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
Buyer's Guide
Microsoft Sentinel vs. Trellix ESM
October 2024
Free Report: Microsoft Sentinel vs. Trellix ESM
Find out what your peers are saying about Microsoft Sentinel vs. Trellix ESM and other solutions. Updated: October 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
See our Microsoft Sentinel vs. Trellix ESM report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.