We performed a comparison between Trellix Endpoint Security and Microsoft 365 based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Microsoft 365 Defender offers effortless integration with other Microsoft solutions. Users praised its flexibility and comprehensive protection against multiple threat types. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. 365 Defender could upgrade its machine learning and AI capabilities. Some users suggested adopting Zero Trust features.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some of our reviewers were satisfied with Microsoft support, but others complained about slow responses and lackluster problem-solving capabilities.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Setting up Microsoft 365 Defender is potentially complex and may involve integrating with existing policies. Some users reported longer deployment times.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. Some users say that Microsoft 365 Defender is good value, but others perceive it as more expensive than similar competing products.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Microsoft 365 Defender offers savings, attack prevention, consolidation of security measures, and proactive threat detection.
Comparison Results: Our users prefer Microsoft 365 Defender over Trellix Endpoint Security. It is praised for its smooth integration with other Microsoft tools, license consolidation, and user-friendly interface. Users value its threat-response capability and seamless integration with the entire Microsoft 365 line.
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"It has great stability."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The DLP and user interface are the most valuable feature."
"It's easy to use and it's very powerful. It offers nice endpoint protection."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"The initial setup is straightforward, not complex."
"We like the management of the ePO, and we like the management console."
"The detection is great and the solution is constantly improving."
"I think the costing is fine compared to other products. Cost-wise you definitely get value for your money."
"It also allows multifunctionality within a single platform."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"We should be able to use the product on devices like Apple, Linux, etc."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"Tech support is not as helpful as they were in the past."
"One of the drawbacks is that it is not 100% secure."
"It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment."
"The product could do more to keep administration alerted to detected threats on endpoints."
"Recently, Trellix has introduced a CDR, which involves more manual response than automatic. I believe they should enhance the system by adding features like automated response and the ability to create custom playbooks. This is crucial for an EDR solution, and currently, Trellix lacks this feature while other products offer it."
"While we are pleased with the endpoint solution, there should also be a separate one for the firewall."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
"They can improve its resource consumption, such as memory, and maybe provide better or smaller updates. It always takes a lot of resources, but it has been getting better. I have been using McAfee products for the last 20 years or so, and I know it is getting better."
Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 79 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Microsoft Defender XDR is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Microsoft Purview Data Governance, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Microsoft Defender XDR vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.