Try our new research platform with insights from 80,000+ expert users

Microsoft Sentinel vs Trellix ESM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

Sentiment score
7.3
Microsoft Sentinel support is generally positive, with mixed reviews on responsiveness and the necessity for premium support tiers.
Sentiment score
5.9
Trellix ESM customer support is inconsistent, with mixed reviews on responsiveness, expertise, and service speed; improvement needed.
 

Room For Improvement

Sentiment score
5.0
Microsoft Sentinel users want better integration, more tools, improved UI, clearer documentation, reduced costs, and enhanced alert system.
Sentiment score
7.3
Trellix ESM requires a user-friendly interface, faster support, better integration, advanced features, improved performance, and enhanced customization.
 

Scalability Issues

Sentiment score
8.1
Microsoft Sentinel offers scalable, automatic resource adjustments, multi-region support, and extensive data integration, adapting to diverse organizational needs.
Sentiment score
8.5
Trellix ESM is highly scalable, accommodating various company sizes and environments, from on-premises enterprises to cloud-based small businesses.
 

Setup Cost

Sentiment score
5.2
Microsoft Sentinel offers value through integration but requires careful cost management due to its complex, consumption-based pricing model.
No sentiment score available
 

Stability Issues

Sentiment score
8.4
Microsoft Sentinel is highly stable and reliable, with 99.9% availability, despite some integration and log ingestion issues.
Sentiment score
8.5
Users have mixed experiences with Trellix ESM's stability, ranging from perfect scores to issues with power interruptions and service failures.
 

Valuable Features

Sentiment score
8.5
Microsoft Sentinel offers seamless integration, automation, AI capabilities, and scalable threat detection, enhancing security with cost-effectiveness and efficient monitoring.
Sentiment score
8.0
Trellix ESM offers robust security features, easy deployment, effective threat monitoring, user-friendly interface, and excellent vendor support.
 

Categories and Ranking

Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
8.2
Reviews Sentiment
7.4
Number of Reviews
89
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (5th)
Trellix ESM
Ranking in Security Information and Event Management (SIEM)
22nd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 10.8%, down from 12.8% compared to the previous year. The mindshare of Trellix ESM is 0.8%, down from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Nitin Arora - PeerSpot reviewer
Gives us one place to investigate and respond to threats, and automation eliminates manual work
They can work on the EDR side of things. It is already really superb, because of the kinds of features we get with the EDR solution. It's not a standard EDR and they have recently enhanced things. But the problem is with onboarding devices. I have different OS flavors, including a large number of Linux, Windows, macOS, and some on-prem machines as well. Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. They can eliminate having to do manual configuration for the machines, and check the different types of configurations for each OS. In some cases, it does not support some OSs. If they could reduce this type of work, that would be really amazing.
Daniel Durian - PeerSpot reviewer
Helps to monitor and detect cyberattacks
The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Educational Organization
75%
Financial Services Firm
4%
Computer Software Company
3%
Government
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about McAfee ESM?
The solution's technical support is great.
What is your experience regarding pricing and costs for McAfee ESM?
Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.
What needs improvement with McAfee ESM?
The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.
 

Also Known As

Azure Sentinel
McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
 

Learn More

Video not available
 

Overview

 

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
Find out what your peers are saying about Microsoft Sentinel vs. Trellix ESM and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.