We performed a comparison between Trellix Endpoint Security and Microsoft 365 based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Microsoft 365 Defender offers effortless integration with other Microsoft solutions. Users praised its flexibility and comprehensive protection against multiple threat types. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. 365 Defender could upgrade its machine learning and AI capabilities. Some users suggested adopting Zero Trust features.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some of our reviewers were satisfied with Microsoft support, but others complained about slow responses and lackluster problem-solving capabilities.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Setting up Microsoft 365 Defender is potentially complex and may involve integrating with existing policies. Some users reported longer deployment times.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. Some users say that Microsoft 365 Defender is good value, but others perceive it as more expensive than similar competing products.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Microsoft 365 Defender offers savings, attack prevention, consolidation of security measures, and proactive threat detection.
Comparison Results: Our users prefer Microsoft 365 Defender over Trellix Endpoint Security. It is praised for its smooth integration with other Microsoft tools, license consolidation, and user-friendly interface. Users value its threat-response capability and seamless integration with the entire Microsoft 365 line.
"The product integrates security into one tool instead of having third-party security tools."
"Microsoft 365 Defender is a stable solution."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The summarization of emails is a valuable feature."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"This is a good solution for antivirus and malware protection."
"We like the management of the ePO, and we like the management console."
"Automatic user recovery prior to Windows booting up."
"I feel McAfee Endpoint Security to be a good, mature product."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"Dynamic Application Containment."
"The new central console is better than the earlier one."
"The product is easy to use."
"The licensing is a nightmare and has room for improvement."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"The mobile app support for Android and iOS is difficult and needs improvement."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Sheild. It is quite old and is not fully integrated properly and could be improved."
"Some agents become old and then they don't communicate well any longer."
"An area in need of improvement involves the overview, which usually does not enable one to get the value in reports."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"It would be nice if the solution was a bit more stable."
"The tool could provide more advanced protection."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."
Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 80 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 96 reviews. Microsoft Defender XDR is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Microsoft Purview Data Governance, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Microsoft Defender XDR vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.