We performed a comparison between Forescout Platform and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Forescout users say the product could be better at resolving connectivity and license issues. Trend Micro XDR is commended for its holistic approach to threat prevention, real-time visualization, and ability to prioritize network-based detection and response. Forescout users say the product could be better at resolving connectivity and license issues. Users want better device compatibility and troubleshooting tools. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: Some users reported positive experiences with Forescout support, but others requested better responsiveness and training. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: The total cost of Forescout Platform can be high depending on the level of customization and integration required. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: Forescout Platform yields a solid ROI by improving network access control and overall security. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer Forescout Platform over Trend Micro XDR. It offers superior agentless visibility and thorough device fingerprinting. The platform stands out with its excellent orchestration features, discovery capabilities, and flexible policies. It is highly customizable, provides exceptional support, and seamlessly integrates with multiple vendors without requiring upgrades. Trend Micro XDR falls short in terms of integration, user-friendliness, and technical support in complex environments.
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"Microsoft 365 Defender is a stable solution."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The comprehensiveness of Microsoft's threat detection is good."
"The standout strength of this solution lies in its unique capability to effectively manage unmanaged switches."
"The most valuable feature of the Forescout Platform it's highly customizable and flexible."
"Forescout Platform is stable, it is great."
"The threat prevention feature provides complete visibility."
"Forescout has a feature that blocks the endpoint at the point of collection. It sets preconditions and will block the system if those aren't met."
"Forescout Platform's best feature is plug-in integration."
"It allows for good detection of all the vendor products we have on-site."
"Vulnerability remediation is valuable. We can narrow down a system and its properties. We can go granular on the properties of each endpoint, such as which operating system you're using."
"Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
"It is a stable product. It works very well."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"Scaling is not a problem at all."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"We had a quick deployment. The solution is easy to set up."
"VisionOne offers a clear window into the security posture of our endpoints."
"The data recovery and backup could be improved."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns."
"Search - needs boolean functionality (or pseudo operand now working)."
"Custom integrations need to be better."
"When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies."
"We have found that the agent-based authentication, available within this solution could be improved."
"The solution could always improve by adding more features to make it more robust."
"We experienced some detection issues when checking compliance for the Sophos agent."
"The cost is too high."
"The information captured by Trend Vision One needs to be more detailed."
"It would be better if it were more user-friendly. It would also be better if the implementation were more straightforward."
"A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."
"They have a DLP module in Tredn Moicros and they need to enhance its capabilities."
"I would like to have more integration with mobile device management."
"Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."
"The solution could always be made to be more secure."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 42 reviews. Forescout Platform is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Fortinet FortiEDR. See our Forescout Platform vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.