Try our new research platform with insights from 80,000+ expert users

RiskIQ Illuminate vs Trellix Network Detection and Response comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

RiskIQ Illuminate
Average Rating
0.0
Number of Reviews
1
Ranking in other categories
Attack Surface Management (ASM) (30th)
Trellix Network Detection a...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Advanced Threat Protection (ATP) (14th), Network Detection and Response (NDR) (12th)
 

Mindshare comparison

RiskIQ Illuminate and Trellix Network Detection and Response aren’t in the same category and serve different purposes. RiskIQ Illuminate is designed for Attack Surface Management (ASM) and holds a mindshare of 0.2%, down 0.6% compared to last year.
Trellix Network Detection and Response, on the other hand, focuses on Advanced Threat Protection (ATP), holds 4.8% mindshare, down 4.9% since last year.
Attack Surface Management (ASM)
Advanced Threat Protection (ATP)
 

Featured Reviews

SimonClark - PeerSpot reviewer
Able to discover unpatched servers, offers good stability, and scales very well
A low-cost service to evaluate the risk score of a supply chain would be very helpful. This could be useful for insurance companies offering cyber insurance to enterprise customers, providing the insurer with a valuable way to unobtrusively, quickly, and frequently assess their customers and apply appropriate premiums for the level of risk. This would also be useful for enterprises. They could, for example, assess companies prior to a merger or acquisition. What would also be useful for any enterprise would be if their supply chain has some kind of direct digital access to parts of their network.
BiswabhanuPanda - PeerSpot reviewer
Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one
The in-depth investigation capabilities are a major advantage. When the system flags something as malicious, it provides a packet capture of that activity within the environment. That helps my team quickly identify additional context that most other tools wouldn't offer – like source IP or base64 encoded data. We can also see DNS requests and other details that aren't readily available in solutions like Check Point or others that we've tried. The detection itself is solid, and their sandboxing is powerful. There's a learning curve – you need a strong grasp of OS-level changes, process forking, registry changes, and the potential impact of those. But with that knowledge, the level of information Trellix provides is far greater than what we've seen elsewhere. The real-time response capability of Trellix has been quite effective, although it's not very fast. The key is this solution's concept of 'preference zero.' They don't immediately act on a zero-day. For example, the solution has seen a piece of malware for the first time. It'll let it in, then do sandboxing. Maybe after four or five minutes, it identifies that specific file's DNX Secure Store as malicious. At that point, they update the static analysis engine, and it gets detected if anything else tries to download the same file. There is that initial 'preference zero' concept, like with Panda. You may not hold traffic in the network. That's standard in the industry; we don't do much about it. To address that, we also have endpoint solutions. We use SentinelOne in our environment, which helps us identify threats like Western Bureaus and others.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is stable with 12 years of established historical data."
"The most valuable feature is the network security module."
"Support is very helpful and responsive."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch."
"Very functional and good for detecting malicious traffic."
 

Cons

"A low-cost service to evaluate the risk score of a supply chain would be very helpful."
"Technical support could be improved."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"Management of the appliance could be greatly improved."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"We'd like the potential for better scaling."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
 

Pricing and Cost Advice

Information not available
"The tool is a bit pricey."
"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."
"Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
"When I compare this solution to its competitors in the market, I find that it is a little expensive."
"We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
"FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."
"The pricing is a little high."
"Pricing and licensing are reasonable compared to competitors."
report
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
20%
Financial Services Firm
12%
Real Estate/Law Firm
8%
Manufacturing Company
8%
Financial Services Firm
17%
Comms Service Provider
11%
Computer Software Company
9%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about FireEye Network Security?
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement an...
What is your experience regarding pricing and costs for FireEye Network Security?
While I do not handle pricing directly, it is known that there is a variety of customers with different licensing needs, which depends on the organization's size and policy.
What needs improvement with FireEye Network Security?
The Trellix solution could be improved by enhancing the Central Management Console for faster visibility, which would help in network detection response. Networking often involves complexity that c...
 

Also Known As

RiskIQ Digital Threat Management
FireEye Network Security, FireEye
 

Overview

 

Sample Customers

DocuSign, Outbrain, The Economist Group, Rackspace, The Citizen Lab
FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
Find out what your peers are saying about CrowdStrike, Trend Micro, Darktrace and others in Attack Surface Management (ASM). Updated: March 2025.
845,040 professionals have used our research since 2012.