We performed a comparison between Trellix Endpoint Security and Cortex XDR by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security is highly valued for its easy administration options and reliability. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness. Cortex XDR by Palo Alto Networks presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. However, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education.
Service and Support: Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems. Some customers were impressed with Palo Alto support, while others reported mixed experiences.
Ease of Deployment: The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise. Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning.
Pricing: Some find Trellix’s price reasonable and competitive, while others believe it could be lowered. Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers.
ROI: Trellix Endpoint Security provides significant time savings. Cortex XDR creates value by ensuring system and data security rather than a financial return on investment.
Comparison Results: Trellix Endpoint Security is preferred over Cortex XDR. Users said Trellix's comprehensive management capabilities enable effortless administration of all programs from a single console. Cortex XDR received mixed reviews for its initial setup, customer service, and pricing.
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Microsoft 365 Defender is a good solution and easy to use."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"The solution doesn't need a high level of technical training."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"Threat identification and detection are the most valuable features of this solution."
"This software helps us understand any issues that may arise when someone is not at work."
"It's quite easy to install agents."
"Automatic user recovery prior to Windows booting up."
"Trellix Security Endpoint can promptly isolate any host machines directly from the console. If alerts are received and isolation is necessary, it can be accomplished through the console. The console itself holds significant value, accessible through a browser and allowing remote actions via cloud login."
"The installation is pretty straightforward."
"The product is quite user-friendly."
"This is a good solution for antivirus and malware protection."
"The solution scales well."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"Advanced attacks could use an improvement."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The encryption is not up to the mark."
"It'll help if customization was easier."
"It is a complex solution to implement."
"I would like to see some additional features related to email protection included."
"Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"Cortex XDR could be improved with more GUI features."
"There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Sheild. It is quite old and is not fully integrated properly and could be improved."
"It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment."
"Technical support from the vendor is very bad."
"The local technical support could be better."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
"We’re facing remote installation issues sometimes:"
"They can improve its resource consumption, such as memory, and maybe provide better or smaller updates. It always takes a lot of resources, but it has been getting better. I have been using McAfee products for the last 20 years or so, and I know it is getting better."
"Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 94 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Fortinet FortiEDR, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.