We performed a comparison between Microsoft Defender for Endpoint and Trellix Active Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The price is low and quite competitive with others."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"It is stable and scalable."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Ability to get forensics details and also memory exfiltration."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"This is stable and scalable."
"The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use."
"Microsoft Defender for Endpoint is quite good. We haven't really experienced any issues with it."
"This software is easy to use."
"Easy to understand and easy to set up endpoint security solution. It's a multifeatured product with web content filtering and automated investigation features. It also has a fantastic vulnerability management dashboard."
"It's a very solid security system, and the advanced hunting and everything really lets you dive deep into things."
"Technical support is good."
"The solution is highly scalable."
"It automatically detects intrusion and malware."
"It's a little lighter compared to the older version, which was mostly signature-based."
"The solution is scalable."
"We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"FortiEDR can be improved by providing more detailed reporting."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The support needs improvement."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Updates are not coming out of preview quickly enough and it is holding back on the development of the product."
"The solution could use improvement on the interface."
"The scanning is slow when it is working with incoming emails."
"Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."
"Sometimes the software doesn't work the way we expect it to, and in those cases, we can't communicate with a device because it may be infected."
"The solution could always be more secure."
"They should bring back the feature of a dedicated proxy device for communication to the cloud. As of now, all the agents are required to send the logs directly to the cloud. There should be a solution where you can put a proxy and all the logs are consolidated, like a forwarder."
"The dashboard customization could be improved."
"While the product is good, we are currently facing support issues."
"I also expected Active Response 's user interface to be much more analytical."
"There are some components on the cloud that should also reside in the on-prem deployment models but don't."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Earn 20 points
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while Trellix Active Response is ranked 57th in Endpoint Detection and Response (EDR). Microsoft Defender for Endpoint is rated 8.0, while Trellix Active Response is rated 6.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Active Response writes "Lighter with good stability and pretty good technical support". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas Trellix Active Response is most compared with Trellix Endpoint Detection and Response (EDR) and Trellix Endpoint Security (ENS). See our Microsoft Defender for Endpoint vs. Trellix Active Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.