We performed a comparison between Trellix ESM and Trellix Helix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the capability to correlate different events from different platforms that we feed into it."
"It is easy to use and deploy. It comes with user-friendly manuals."
"It can be easily deployed with the other solutions."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"The solution's technical support is great."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"McAfee as a whole is a good solution."
"It has performed well and delivered the results that I have been looking for."
"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"It is kind of simple and very easily deployable. You can start working with it very fast."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
"The most valuable features include predefined use cases and threatening states."
"The product's stability is an area of concern where improvements are required."
"There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee."
"There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable."
"The only drawback is that they don't have any packet capturing or network behavior analysis."
"The support from McAfee ESM could improve. They could improve the speed."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"We cannot add new data sources to the most recent version."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."
"It should have more cloud connectors. It could also be cheaper."
"Integrations could be improved, and the dashboard could be a little better."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews while Trellix Helix is ranked 31st in Security Information and Event Management (SIEM) with 7 reviews. Trellix ESM is rated 7.4, while Trellix Helix is rated 8.6. The top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". On the other hand, the top reviewer of Trellix Helix writes "Helps prevent email attacks, like phishing and email spoofing attacks". Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Fortinet FortiSIEM, whereas Trellix Helix is most compared with Microsoft Sentinel, LogRhythm SIEM, Splunk Enterprise Security, IBM Security QRadar and USM Anywhere. See our Trellix ESM vs. Trellix Helix report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.