We performed a comparison between Microsoft Defender for Endpoint and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The product detects and blocks threats and is more proactive than firewalls."
"The most valuable feature is the analysis, because of the beta structure."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is stable and scalable."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The product's initial setup phase is very easy."
"Microsoft Defender for Endpoint is beneficial because we are using Microsoft Windows and all the core solutions are made by Microsoft, such as the authentic platform, operating system, and antivirus protection. It is a heterogeneous environment. We had to use third-party solutions before and update everything separately. For example, the policy for antivirus. With Microsoft Defender for Endpoint, when Microsoft Windows receives updates it will update with it. This is one main advantage of this solution."
"The integration with all variations of Microsoft Defender, for Endpoint, 365, and Cloud is valuable."
"The intelligence mechanisms are good."
"It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool."
"We are able to productively integrate with existing on-prem, hybrid, or cloud applications."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"There are a couple of features, such as isolating the devices or connecting the device and connecting live response."
"The most valuable aspect is information, specifically the automatic investigation of packages."
"The product provides a one-click recovery of encrypted files."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"Blocking browser navigation is a feature of the solution with which we have experienced success."
"It is a scalable solution and very easy to use."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment...It is a stable solution...It is a scalable solution."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution is not user-friendly."
"The solution is not stable."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Cannot be used on mobile devices with a secure connection."
"FortiEDR can be improved by providing more detailed reporting."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The support needs improvement."
"The application control feature requires improvement."
"Microsoft Defender for Endpoint could improve by adding more security features."
"Microsoft Defender for Endpoint can use more advertising to promote their features."
"Microsoft Windows Defender doesn't have a game mode."
"Microsoft Defender for Endpoint could improve by providing more user-friendly dashboards. They may be complicated for some."
"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."
"If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help."
"The dashboard customization could be improved."
"The CPU utilization of the product is quite high compared to its competitors."
"The endpoints and utilization are too high, which impacts the production activity."
"The technical support must be improved."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."
"Trellix does not support Linux and Mac."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 23rd in Endpoint Detection and Response (EDR) with 17 reviews. Microsoft Defender for Endpoint is rated 8.0, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and Fortinet FortiClient, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Trend Vision One. See our Microsoft Defender for Endpoint vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
