Try our new research platform with insights from 80,000+ expert users

Trellix Network Detection and Response vs Vectra AI comparison

Trellix and Vectra AI are both solutions in the Network Detection and Response (NDR) category. Trellix is ranked #12 with an average rating of 7.4, while Vectra AI is ranked #2 with an average rating of 8.3. Trellix holds a 1.8% mindshare in NDaR, compared to Vectra AI’s 20.2% mindshare. Additionally, 97% of Trellix users are willing to recommend the solution, compared to 97% of Vectra AI users who would recommend it.
Trellix Network Detection a...
Read 38 Trellix Network Detection and Response reviews
  • 404 Views
  • 269 Comparison Views
97% willing to recommend
Vectra AI
Read 43 Vectra AI reviews
  • 8,868 Views
  • 4,434 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 6, 2024

Trellix Network Detection and Response and Vectra AI are both strong contenders in network security solutions. Trellix appears to have an upper hand in early threat mitigation with its focused sandboxing capabilities, while Vectra's AI-driven detection offers enhanced insight across the attack lifecycle.

Features: Trellix Network Detection and Response provides robust detection with sandboxing, zero-day threat mitigation, and forensic logging. Vectra AI offers AI-driven detection, alert reduction by alert aggregation, and deep insights into attack behaviors.

Room for Improvement: Trellix can enhance cloud integration and analytics. Vectra AI should focus on reducing false positives and improving security integration. Users note Trellix's cloud limitations and Vectra's complex interface as areas needing optimization.

Ease of Deployment and Customer Service: Trellix offers diverse deployment modes, including on-premises and hybrid cloud, with high-rated customer support. Vectra AI supports flexible deployments, excelling in customer service, though challenges with monitoring features are mentioned.

Pricing and ROI: Trellix is premium-priced, emphasizing superior detection and reduced response times. Vectra AI's competitive pricing is justified by AI benefits and comprehensive visibility, offering a solid ROI by preventing breaches and optimizing security.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Trellix Network Detection and Response vs. Vectra AI Report (Updated: October 2024).
Buyer's Guide
Trellix Network Detection and Response vs. Vectra AI
October 2024
Download the complete report
Helped 815,854 peers since 2012
 

Categories and Ranking

Trellix Network Detection a...
Ranking in Network Detection and Response (NDR)
12th
Average Rating
8.4
Number of Reviews
38
Ranking in other categories
Advanced Threat Protection (ATP) (15th)
Vectra AI
Ranking in Network Detection and Response (NDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
43
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of November 2024, in the Network Detection and Response (NDR) category, the mindshare of Trellix Network Detection and Response is 1.8%, up from 0.7% compared to the previous year. The mindshare of Vectra AI is 20.2%, up from 19.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Detection and Response (NDR)
 

Featured Reviews

BiswabhanuPanda - PeerSpot reviewer
Apr 4, 2024
Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one
The in-depth investigation capabilities are a major advantage. When the system flags something as malicious, it provides a packet capture of that activity within the environment. That helps my team quickly identify additional context that most other tools wouldn't offer – like source IP or base64 encoded data. We can also see DNS requests and other details that aren't readily available in solutions like Check Point or others that we've tried. The detection itself is solid, and their sandboxing is powerful. There's a learning curve – you need a strong grasp of OS-level changes, process forking, registry changes, and the potential impact of those. But with that knowledge, the level of information Trellix provides is far greater than what we've seen elsewhere. The real-time response capability of Trellix has been quite effective, although it's not very fast. The key is this solution's concept of 'preference zero.' They don't immediately act on a zero-day. For example, the solution has seen a piece of malware for the first time. It'll let it in, then do sandboxing. Maybe after four or five minutes, it identifies that specific file's DNX Secure Store as malicious. At that point, they update the static analysis engine, and it gets detected if anything else tries to download the same file. There is that initial 'preference zero' concept, like with Panda. You may not hold traffic in the network. That's standard in the industry; we don't do much about it. To address that, we also have endpoint solutions. We use SentinelOne in our environment, which helps us identify threats like Western Bureaus and others.
Read full review
Tony Whelton - PeerSpot reviewer
Mar 7, 2023
Integrates well with other security solutions and provides good technical support
The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Support is very helpful and responsive."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"Trellix Network Detection and Response helps increase response to attacks. One benefit is increased visibility and simplicity in maintaining it. AI analyzes and relates data based on past performance over the last five days."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"Very functional and good for detecting malicious traffic."
More Trellix Network Detection and Response pros
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."
"The solution is currently used as a central threat detection and response system."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"Vectra AI is the best. It is a major product in our cybersecurity."
"Vectra AI generates relevant information."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
More Vectra AI pros
 

Cons

"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"Management of the appliance could be greatly improved."
"Technical support could be improved."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"It is an expensive solution."
"We'd like the potential for better scaling."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"The solution's support needs to improve their support."
More Trellix Network Detection and Response cons
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"Some of their integrations with other sources of data, like external threat feeds, took a bit more work than I had hoped to get integrated."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
"The rules for threats are not always precise and Vectra AI should improve this."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
More Vectra AI cons
 

Pricing and Cost Advice

"There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."
"When you purchase FireEye Network Security NX, will need to purchase a megabit per second package. You must know your needs from day one."
"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."
"Pricing and licensing are reasonable compared to competitors."
"The tool is a bit pricey."
"The user fee is not as high but the maintenance fee is expensive."
"It's an expensive solution."
"When I compare this solution to its competitors in the market, I find that it is a little expensive."
More Trellix Network Detection and Response pricing and cost advice
"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."
"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."
"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."
"The solution is low-cost and affordable."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"The pricing is high."
"The licensing is on an annual basis."
"Vectra AI is not a cheap solution."
More Vectra AI pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.
See recommendations
815,854 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Comms Service Provider
9%
Manufacturing Company
9%
Computer Software Company
9%
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about FireEye Network Security?
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement an...
See all answers
What is your experience regarding pricing and costs for FireEye Network Security?
The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced. It's a bit on the expensive side, but we don't want to compromise with cheap, less r...
See all answers
What needs improvement with FireEye Network Security?
The solution's support needs to improve their support.
See all answers
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
See all answers
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
See all answers
What is your experience regarding pricing and costs for Vectra AI?
The licensing is on annual basis.
See all answers
 

Comparisons

Fortinet FortiSandbox vs Trellix Network Detection and Response Logo
Fortinet FortiSandbox vs Trellix Network Detection and Response
Compared 20% of the time
Palo Alto Networks WildFire vs Trellix Network Detection and Response Logo
Palo Alto Networks WildFire vs Trellix Network Detection and Response
Compared 16% of the time
Darktrace vs Trellix Network Detection and Response Logo
Darktrace vs Trellix Network Detection and Response
Compared 8% of the time
Fortinet FortiGate vs Trellix Network Detection and Response Logo
Fortinet FortiGate vs Trellix Network Detection and Response
Compared 6% of the time
Zscaler Internet Access vs Trellix Network Detection and Response Logo
Zscaler Internet Access vs Trellix Network Detection and Response
Compared 5% of the time
More Trellix Network Detection and Response Competitors
Darktrace vs Vectra AI Logo
Darktrace vs Vectra AI
Compared 36% of the time
ExtraHop Reveal(x) vs Vectra AI Logo
ExtraHop Reveal(x) vs Vectra AI
Compared 12% of the time
Cisco Secure Network Analytics vs Vectra AI Logo
Cisco Secure Network Analytics vs Vectra AI
Compared 6% of the time
Arista NDR vs Vectra AI Logo
Arista NDR vs Vectra AI
Compared 5% of the time
Illumio vs Vectra AI Logo
Illumio vs Vectra AI
Compared 2% of the time
More Vectra AI Competitors
 

Product Reports

Buyer's Guide
Trellix Network Detection and Response
October 2024
Trellix Network Detection and Response reportDownload Trellix Network Detection and Response product report
Buyer's Guide
Vectra AI
October 2024
Vectra AI reportDownload Vectra AI product report
 

Also Known As

FireEye Network Security, FireEye
Vectra Networks, Vectra AI NDR
 

Learn More

Video not available
Trellix
Vectra AI
 

Overview

Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?
  • High accuracy in identifying threat locations
  • Aggregation of alerts into single incidents
  • 24/7 threat detection
  • Visibility into the entire attack lifecycle
  • Risk score aggregation
  • Effective triaging of alerts
  • Integration with other tools
What benefits or ROI should users look for?
  • Enhanced threat detection and prioritization
  • Comprehensive network visibility
  • Reduction in false positives
  • Better incident response capabilities
  • Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

 

Sample Customers

FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Buyer's Guide
Trellix Network Detection and Response vs. Vectra AI
October 2024
Free Report: Trellix Network Detection and Response vs. Vectra AI
Find out what your peers are saying about Trellix Network Detection and Response vs. Vectra AI and other solutions. Updated: October 2024.
DOWNLOAD NOW
815,854 professionals have used our research since 2012.
See our Trellix Network Detection and Response vs. Vectra AI report.
See our list of best Network Detection and Response (NDR) vendors.

We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.