We performed a comparison between Trellix Endpoint Security and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"The summarization of emails is a valuable feature."
"The best feature is probably the alert generation. When I do a security reset, the other session triggers instantly from the Defender console, and I can work on it. The policies are three times, but they are also ready to install it."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts."
"We can manage everything from the central console and it is very easy."
"The product is fairly reliable."
"The DLP and user interface are the most valuable feature."
"A big advantage of McAfee Endpoint Security is the ability to manage very big environments. We are supporting environments with 200,000 to 300,000 endpoints. The ability to manage with one single console is very important for us. McAfee has phenomenally improved in terms of detection. It provides real-time detection and response with the error, Real Protect, and reputations. It is not only based on signatures but also on behavior analytics, artificial intelligence, or machine learning. We have environments that never had issues with ransomware in the last 20 years. McAfee has a very good performance in this field."
"The initial setup of Trellix Endpoint Security was straightforward."
"The endpoint security, antivirus and firewall are the most valuable features of Trellix Endpoint Security."
"I like Vision One's workbench. It provides helpful logs that I can search, and the telemetry is excellent because I can see what's happening during an attack or potential attack."
"The most valuable feature is the network protection shield on every server, which isolates attacks and prevents our clients from being affected."
"The solution is stable."
"I appreciate the value of real-time activity monitoring."
"The telemetric report is the most valuable feature."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks."
"The solution is very easy to use."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The management and automation of the cloud apps have room for improvement."
"The licensing is a nightmare and has room for improvement."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."
"Tech support is not as helpful as they were in the past."
"It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment."
"The resolution time should be faster."
"Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short."
"I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting."
"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."
"With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
"We'd like to see a few more integrations."
"There isn't a lot I'd do to change it. The web interface could be improved to sort of make it a little easier to manage multiple clients out of one location. It could also be made a bit easier to sort of manage the licensing side of it."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
"Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."
Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 96 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews. Trellix Endpoint Security is rated 8.0, while Trend Vision One is rated 8.6. The top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete and Microsoft Defender for Endpoint. See our Trellix Endpoint Security vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.