We performed a comparison between Microsoft Defender XDR and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Defender is easy to use. It has a nice console, and everything is all in one place."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"The solution is well integrated with applications. It is easy to maintain and administer."
"I have found the ability to delete unwanted threats beneficial."
"Trellix ESM is very user-friendly."
"I like the ease of deployment."
"The most valuable feature is the correlation rules."
"The product’s most valuable feature is log monitoring."
"The support I have received from the vendor has been great."
"We are now able to completely monitor our environment so we can review what is there, which is a big win for us."
"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."
"Microsoft Defender is slow to adapt to evolving threats."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"The support could be more knowledgable to improve their offering."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The support from McAfee ESM could improve. They could improve the speed."
"Cloud integration has room for improvement because they're not full-fledged to integrate with the cloud solutions that come. They use different integration platforms to bring in data, and that needs to be improved."
"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."
"There should be support for multitenancy in the product."
"The product's stability is an area of concern where improvements are required."
"The solution needs to improve case management. The UI is confusing."
"The user interface could be more user-friendly."
"I would like to see good analytics in future releases."
Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 82 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Microsoft Defender XDR is rated 8.4, while Trellix ESM is rated 7.4. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix. See our Microsoft Defender XDR vs. Trellix ESM report.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
