We performed a comparison between Microsoft Defender for Endpoint and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The most valuable feature is the analysis, because of the beta structure."
"The stability is very good."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is stable and scalable."
"The setup is pretty simple."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"One of the valuable features of the solution is the small updates that keep my machine relatively clean from any infections."
"The most valuable features of Microsoft Defender for Endpoint are the ease of use and it was available within the operating system."
"It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10."
"The folders and files protection are its most valuable features. These have been valuable because of the increase in ransomware attacks. With these two features, I can ensure that no changes have been made to our system or endpoint folders and files without the user being aware."
"Real-time detection and cloud-based delivery of detections are highly efficient."
"It integrates very well with all Windows workstations or other Microsoft Endpoint products. It also works quite well. So far, I have not had any issue that hasn't been sorted out. It doesn't use too many resources, so you don't have to install different things."
"The most important and the most relevant features of Defender for Endpoint are the malware and ransomware protection."
"The antivirus features are very useful."
"The product provides a one-click recovery of encrypted files."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"The biggest strength of the solution is that it's an integrated product that includes EDR and antivirus."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment...It is a stable solution...It is a scalable solution."
"The product's initial setup phase was very straightforward since you just need to install it, and it works."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"I haven't seen the use of AI in the solution."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Making the portal mobile friendly would be helpful when I am out of office."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Detections could be improved."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"One thing that was lacking in Defender was web filtering. Its web filtering wasn't as comprehensive. Sophos was a little bit better than Defender for blocking URLs or installing programs."
"Microsoft Defender for Endpoint could improve by providing more user-friendly dashboards. They may be complicated for some."
"The solution should be updated by Microsoft with new features from time to time."
"I would like to see integrations with other products, such as Spunk and other CM solutions. That would create possibilities for me, and for a SOC, to consolidate all events in an older console, not one provided by Microsoft but provided by a third party, and use it to create more insights."
"The solution could use improvement on the interface."
"The initial setup can be a bit complex."
"Updates are not coming out of preview quickly enough and it is holding back on the development of the product."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available."
"The technical support must be improved."
"The graphical view for nodes must be increased."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"The console has a lot of bugs, and it creates many issues."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. Microsoft Defender for Endpoint is rated 8.0, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Trend Vision One. See our Microsoft Defender for Endpoint vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.