We performed a comparison between Anomali Match and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"Its most significant advantage lies in its affordability."
"Microsoft 365 Defender is a good solution and easy to use."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"The most valuable feature is the view into the application."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"The most valuable feature is the network security module."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"Sometimes, configurations take much longer than expected."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The data recovery and backup could be improved."
"The support could be more knowledgable to improve their offering."
"The licensing is a nightmare and has room for improvement."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"The product's integration capabilities are an area of concern where improvements are required."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"Cybersecurity posture has room for improvement."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
More Trellix Network Detection and Response Pricing and Cost Advice →
Earn 20 points
Anomali Match is ranked 36th in Extended Detection and Response (XDR) while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 36 reviews. Anomali Match is rated 7.0, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Anomali Match writes "Scalable, easy to use, but more features needed". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Anomali Match is most compared with ThreatConnect Threat Intelligence Platform (TIP) and EclecticIQ, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Vectra AI.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.