We performed a comparison between Microsoft Defender XDR and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"It has great stability."
"Microsoft 365 Defender is a good solution and easy to use."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use."
"It is easy to use and deploy. It comes with user-friendly manuals."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."
"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."
"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."
"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
"It is user-friendly. The notification part of McAfee ESM is very easy."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"Advanced attacks could use an improvement."
"Stability could be improved by avoiding frequent changes to the interface."
"The product’s alert response feature needs improvement. It could be more flexible and secure."
"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."
"There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"The user interface could be more user-friendly."
"I would like to see good analytics in future releases."
"Customized reports and alerting functionality could be included in the dashboard."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 80 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Microsoft Defender XDR is rated 8.4, while Trellix ESM is rated 7.4. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix. See our Microsoft Defender XDR vs. Trellix ESM report.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.