We performed a comparison between Trellix Endpoint Security and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. Microsoft Defender for Cloud could use enhancements in automation and ease of use.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.
Comparison Results: Our users prefer Microsoft Defender for Cloud over Trellix Endpoint Security. Microsoft Defender for Cloud is praised for its automation and threat analysis capabilities. Users appreciate the convenience of managing everything from a single portal. Microsoft Defender for Cloud is generally considered cost-effective, while opinions of Trellix Endpoint Security's pricing are mixed, with some saying it is on the higher side.
"PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"The solution helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console."
"There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring."
"It is fairly simple. Anybody can use it."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"It's helped free up staff time so that they can work on other projects."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"Provides a very good view of the entire security setup of your organization."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"Defender is user-friendly and provides decent visibility into threats."
"The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance."
"It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."
"It also allows multifunctionality within a single platform."
"Communication with all Mcafee products (also 3rd parties) by DXL infrastructure."
"The central management console is powerful. You can manage endpoints, DLP, encryption, and all the other features from a single console."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"Tech support is responsive. They're good, the very best."
"Their malware detection rate is excellent for all type of devices and the anti-theft products are good and easy to use."
"I have found many of the features to be useful."
"Anyone can use it, the protection is good, and they have all of the features."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"One of our use cases was setting up a firewall for our endpoints, specifically for our remote users... We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to."
"I'd like to see better onboarding documentation."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."
"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."
"In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier."
"There should be more documentation about the product."
"It needs to be simplified and made more user-friendly for a non-technical person."
"The documentation could be much clearer."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint."
"There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Sheild. It is quite old and is not fully integrated properly and could be improved."
"Sometimes, while installing the ePO, we were getting so many errors and I don't know why it happened."
"The vendor should simplify the way they bundle the products because it's very hard to explain to customers what products contain which features."
"Trying to move away from the signature model for antivirus and malware blocking is something that would be nice. Instead of having to update every day, which is signature-based, moving to more of a kernel or architecture-based model would probably be beneficial."
"The tool could provide more advanced protection."
"The resolution time should be faster."
"Tech support is not as helpful as they were in the past."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 96 reviews. Microsoft Defender for Cloud is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Microsoft Defender for Cloud vs. Trellix Endpoint Security report.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
