We performed a comparison between Cortex XDR by Palo Alto Networks and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The stability is very good."
"I get alerts when scripts are detected in the environment."
"This is stable and scalable."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Ability to get forensics details and also memory exfiltration."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The product's initial setup phase is very easy."
"It has pretty much everything we need and works well within the Palo Alto ecosystem."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"The solution doesn't need a high level of technical training."
"Stability is one of the features we like the most."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"The product's most valuable features are massive user and feature intelligence exploit detection."
"Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment...It is a stable solution...It is a scalable solution."
"Blocking browser navigation is a feature of the solution with which we have experienced success."
"The biggest strength of the solution is that it's an integrated product that includes EDR and antivirus."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"The product is user-friendly."
"The product provides a one-click recovery of encrypted files."
"This is a stable product."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The dashboard isn't easy to access and manage."
"We find the solution to be a bit expensive."
"Detections could be improved."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"In general, the price could be more competitive."
"I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"If they had pulse rate detection, it would be better."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available."
"One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement."
"An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."
"The console has a lot of bugs, and it creates many issues."
"The technical support must be improved."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, Microsoft Defender for Endpoint and CrowdStrike Falcon. See our Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.