We performed a comparison between Microsoft Defender XDR and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The integration with other Microsoft solutions is the most valuable feature."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
"This solution integrates easily and very well with other technologies."
"We are now able to completely monitor our environment so we can review what is there, which is a big win for us."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"The solution's technical support is great."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."
"Trellix ESM is very user-friendly."
"The solution does not offer a unified response and standard data."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The support from McAfee ESM could improve. They could improve the speed."
"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."
"The user interface could be more user-friendly."
"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."
"There's no software support from McAfee."
Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 80 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. Microsoft Defender XDR is rated 8.4, while Trellix ESM is rated 7.4. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix. See our Microsoft Defender XDR vs. Trellix ESM report.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.