Try our new research platform with insights from 80,000+ expert users

ServiceNow Security Operations vs Trellix Helix Connect comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 2, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ServiceNow Security Operations
Ranking in Security Incident Response
2nd
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (8th), Risk-Based Vulnerability Management (10th)
Trellix Helix Connect
Ranking in Security Incident Response
7th
Average Rating
8.8
Reviews Sentiment
6.9
Number of Reviews
11
Ranking in other categories
Security Information and Event Management (SIEM) (30th)
 

Mindshare comparison

As of April 2025, in the Security Incident Response category, the mindshare of ServiceNow Security Operations is 19.2%, up from 12.6% compared to the previous year. The mindshare of Trellix Helix Connect is 5.9%, up from 4.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Incident Response
 

Featured Reviews

KishoreKumar4 - PeerSpot reviewer
A low-cost and open-source tool for incident and change management
If we encounter challenges while deploying, we raise incidents. These incidents are categorized by priority: high, medium, and low. We assign an incident number and notify the relevant teams to address the issue. For instance, if we experience a problem with Cloud services or any other issue, we…
BiswabhanuPanda - PeerSpot reviewer
You can use it for everything, incident response, automated responses, alerts, visibility
I would give the product an overall rating of eight out of 10. We have 10 people currently using this software. Six are on the list, plus two managers and two IR experts. It's not possible for just one person to maintain the solution, and it's not really allowed. It has to be a team effort, with two or three people. It's not about users. Helix works differently, collecting logs from 6,000 different sources integrated with the solution. The licensing is not based on users; it's based on APIs. It's more of a SIEM SGL type of platform. It collects logs from around 6,000. But have around 10 people maintaining that.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Multiple projects use the ServiceNow tool because it is a low-cost and open-source tool."
"It's stable."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"The solution is stable."
"The ease of use is great."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"ServiceNow is a convenient platform to raise tickets, and the respective support team will contact us to resolve any issues."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."
"The most valuable features include predefined use cases and threatening states."
"We have started working with various customers, one of whom is particularly concerned about adjacency. We have identified several use cases where automation is possible."
"It is kind of simple and very easily deployable. You can start working with it very fast."
"I advise other customers to choose Trellix Helix, as it improves operations significantly with more efficient responses required for various scenarios they face."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
 

Cons

"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"Customer awareness and understanding of ServiceNow's SecOps capabilities could be improved."
"The dashboard and playbook creation will need to improve"
"There is room for improvement in terms of developer support and documentation."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."
"It should have more cloud connectors. It could also be cheaper."
"There is room for improvement in the integration capabilities of third-party tools."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
"Trellix needs to address the price for the product to be more appealing to customers."
 

Pricing and Cost Advice

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."
"Compared to competitor tools, ServiceNow Security Operations is more affordable"
"The product is more expensive than other solutions."
"This product is a good value for the money."
"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."
"It is an expensive product."
"The price could be better. But I think it's rightly placed when we buy everything in one shot, and we get some discount for that. That's how we basically plan our deployment, and it's holistic. We pay for the license yearly."
"FireEye Helix is a little expensive."
"I rate Trellix Helix a five out of ten for pricing."
"It could be cheaper, but that applies to every product."
report
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Manufacturing Company
11%
Computer Software Company
9%
Government
8%
Comms Service Provider
17%
Computer Software Company
14%
Manufacturing Company
11%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ServiceNow Security Operations?
The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.
What is your experience regarding pricing and costs for ServiceNow Security Operations?
The product is more expensive than other solutions like Archer but offers more features, making the pricing justifiable.
What needs improvement with ServiceNow Security Operations?
Report generation within ServiceNow can take some time. Additionally, there are occasional issues when raising a ticket, which can also consume time.
What do you like most about FireEye Helix?
Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks.
What is your experience regarding pricing and costs for FireEye Helix?
The price of Trellix Helix is competitive in the market. It is not the cheapest but also not the most expensive. As for additional costs beyond standard licensing fees, there are none.
What needs improvement with FireEye Helix?
I have just released this solution to the market, and my customers' response has been great. While Trellix Wise is seen as a top vendor with its AI implementation for accelerating incident investig...
 

Also Known As

No data available
FireEye Helix, FireEye Threat Analytics
 

Overview

 

Sample Customers

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services
Police Bank, Verisk Analytics, Teck Resources
Find out what your peers are saying about ServiceNow Security Operations vs. Trellix Helix Connect and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.