We performed a comparison between Trellix Endpoint Security and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. Microsoft Defender for Cloud could use enhancements in automation and ease of use.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.
Comparison Results: Our users prefer Microsoft Defender for Cloud over Trellix Endpoint Security. Microsoft Defender for Cloud is praised for its automation and threat analysis capabilities. Users appreciate the convenience of managing everything from a single portal. Microsoft Defender for Cloud is generally considered cost-effective, while opinions of Trellix Endpoint Security's pricing are mixed, with some saying it is on the higher side.
"The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"The most valuable feature is that it's intuitive. It's very intuitive."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"The solution's robust security posture is the most valuable feature."
"It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."
"It's quite a good product. It helps to understand the infections and issues you are facing."
"The solution includes a good combination of features for both signature and signature-less."
"Initially, the DLP was very valuable for disabling access to USB drives."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"Would benefit with the addition of DLP features."
"The endpoint protection and disk encryption features are the most valuable."
"The user behavioral analysis feature is great."
"We receive good protection with this solution."
"The endpoint security, antivirus and firewall are the most valuable features of Trellix Endpoint Security."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"Microsoft Defender could be more centralized. For example, I still need to go to another console to do policy management."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"The most significant areas for improvement are in the security of our identity and endpoints and the posture of the cloud environment. Better protection for our cloud users and cloud apps is always welcome."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"Tech support is not as helpful as they were in the past."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"Recently, Trellix has introduced a CDR, which involves more manual response than automatic. I believe they should enhance the system by adding features like automated response and the ability to create custom playbooks. This is crucial for an EDR solution, and currently, Trellix lacks this feature while other products offer it."
"There is room to improve with scalability."
"The solution takes up a high amount of memory and can cause the system to hang."
"Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
Microsoft Defender for Cloud is ranked 2nd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Trellix Endpoint Security is ranked 12th in Endpoint Protection Platform (EPP) with 94 reviews. Microsoft Defender for Cloud is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Microsoft Defender for Cloud vs. Trellix Endpoint Security report.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.