No more typing reviews! Try our Samantha, our new voice AI agent.

N-able EDR vs Trellix Endpoint Detection and Response (EDR) comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
N-able EDR
Ranking in Endpoint Detection and Response (EDR)
50th
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Trellix Endpoint Detection ...
Ranking in Endpoint Detection and Response (EDR)
14th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
29
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of N-able EDR is 0.7%, up from 0.4% compared to the previous year. The mindshare of Trellix Endpoint Detection and Response (EDR) is 1.0%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Trellix Endpoint Detection and Response (EDR)1.0%
N-able EDR0.7%
Other94.7%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
NM
Senior Operations Specialist at Tagit cc
Reporting effectiveness and advanced AI capabilities improve threat awareness while needing pricing simplification and licensing self-service
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If they could bundle it as one solution and show the capabilities or features, they would be able to sell it more effectively, and as resellers, we could sell it to customers more easily. The technical support is responsive, but sometimes we experience limitations regarding the ability to add licensing. They could implement a self-service platform for assigning new licenses or ordering more. Currently, we depend on contacting someone who sends a new contract to sign through the process. They could change their licensing model, though I am not the right person to comment on functionality. On the reporting side, everything is covered.
Duncan  Kims - PeerSpot reviewer
Business Development Manager at a retailer with 10,001+ employees
Advanced detection has reduced targeted attacks and builds daily confidence in our defenses
Trellix Endpoint Detection and Response (EDR) has a very low false positive rate compared to other products, thus increasing the SOC efficiency in how my team relies on the solution day-to-day.With the best features Trellix Endpoint Detection and Response (EDR) offers, ease of SOAR integration helps to automate the IOC distribution, and our security team and management trust the product. Advanced detection capabilities ensure that targeted attacks will be detected and blocked before they arrive at our network. SOAR integration has assisted our security team and management in trusting the product.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"We think that this product will help us grow, as it meets our needs currently and we can grow with it over time."
"When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."
"It is an easy-to-use tool."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"We have been using this solution for quite some time, and the AI functionality is quite advanced; we are able to provide insights on different aspects and read the reports easily."
"The most valuable feature, which I can describe as the '360 vision' of the inventory device, provides a complete view of all the devices."
"The most valuable features are the rollback feature, it's important for us. The AI models and are good."
"It provides visibility and a storyline to track the virus or malware's activities, showing infected processes and changes made."
"The product provides a one-click recovery of encrypted files."
"The solution is scalable and the product has a good strategy when everything is in place."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"Trellix Endpoint Detection and Response (EDR) does everything; it saves time, it saves money, and of course, it provides peace of mind."
"This is a stable product."
"Trellix Endpoint Detection and Response (EDR) has positively impacted our organization by improving overall efficiency, overall detection and response capabilities, and the capability to improve threat detections as well as the overall efficiency, time utilized, resource management, and analytic use cases review, significantly enhancing the business functionality."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"The most valuable feature of the solution is its area for threat detection."
 

Cons

"The main issue I could point out is the offline agents and the way that it is missing."
"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."
"If you compare it to SentinelOne, which has more functionalities and detection capabilities on an open platform, the pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"Basically, they don't provide customer support tools just to investigate the logs."
"One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"I would rate the scalability as seven out of ten. The capability is useful. Concerning the license, if I add one more device without a license, it will automatically subscribe to a license. I do not appreciate that."
"With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process."
"I would like to see them add support for both Android and iOS smartphones."
"We have a lot of false positives we see in the dashboard. I think this is the only problem we are facing."
"When it comes to some unknown fileless attacks, the tool is not able to detect them properly, making it an area where improvements are required."
"The dashboard is split across different platforms. For example, if you want information on Incident Detection, you have to access one dashboard, and for DLP reporting, there's a separate platform. This fragmentation means you can't access everything from a single dashboard."
"One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement."
"An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."
"The searching capabilities for the IOCs can be further improved"
"I also think performance needs improvement, especially for servers, as the Trellix HX module uses high CPU, scans constantly, and negatively impacts the performance for our clients' users or our servers."
"The endpoints and utilization are too high, which impacts the production activity."
"I need some protection, possibly multi-factor authentication improvements."
 

Pricing and Cost Advice

"I feel it is fairly priced."
"Our customers have expressed that the price is high."
"This is an expensive solution."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"I don't like that they have different types of licenses."
"Cortex XDR’s pricing is very reasonable."
"The price is on the higher side, but it's okay."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"The pricing is average."
"The cost is okay, compared to other products."
"Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand."
"The licensing costs attached to the solution are very easy to manage. There is a need to make yearly payments towards the licensing costs."
"The product’s pricing is reasonable."
"Speaking about the price, you must use the product to find the product's cost for you."
"On a scale of one to ten, where one is low and ten is high, I rate the solution's pricing an eight out of ten."
"The pricing is always high."
"The price is reasonable."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
903,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
20%
Comms Service Provider
14%
Transportation Company
11%
Healthcare Company
8%
Financial Services Firm
15%
Construction Company
7%
Manufacturing Company
7%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise3
Large Enterprise14
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with N-able EDR?
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If t...
What is your primary use case for N-able EDR?
We are using N-able EDR, but I think Sophos makes sense because of the environment we operate in. The localization an...
What advice do you have for others considering N-able EDR?
I am more focused on operations and procurement. The decision to use this solution was made before I joined the compa...
What is your experience regarding pricing and costs for McAfee MVISION Endpoint Detection and Response?
I find licensing to be one of the best aspects of Trellix Endpoint Detection and Response (EDR), but I am unsure abou...
What needs improvement with McAfee MVISION Endpoint Detection and Response?
Trellix Endpoint Detection and Response (EDR) could be improved as I find that, since FireEye and McAfee became Trell...
What is your primary use case for McAfee MVISION Endpoint Detection and Response?
My main use case for Trellix Endpoint Detection and Response (EDR) is for blocking malware and catching unusual behav...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Sutherland Global Services
Find out what your peers are saying about N-able EDR vs. Trellix Endpoint Detection and Response (EDR) and other solutions. Updated: June 2026.
903,933 professionals have used our research since 2012.