We performed a comparison between Trellix Endpoint Security and Cortex XDR by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security is highly valued for its easy administration options and reliability. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness. Cortex XDR by Palo Alto Networks presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. However, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education.
Service and Support: Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems. Some customers were impressed with Palo Alto support, while others reported mixed experiences.
Ease of Deployment: The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise. Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning.
Pricing: Some find Trellix’s price reasonable and competitive, while others believe it could be lowered. Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers.
ROI: Trellix Endpoint Security provides significant time savings. Cortex XDR creates value by ensuring system and data security rather than a financial return on investment.
Comparison Results: Trellix Endpoint Security is preferred over Cortex XDR. Users said Trellix's comprehensive management capabilities enable effortless administration of all programs from a single console. Cortex XDR received mixed reviews for its initial setup, customer service, and pricing.
"The integration between all the Defender products is the most valuable feature."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The product is very easy to use."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Microsoft 365 Defender is simple to upgrade."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"It has great stability."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
"The behavior-based detection feature is valuable."
"The integrations are out-of-the-box, as are the playbooks."
"The tool's use cases are relevant to security."
"The protection offered by this product is good, as is the endpoint reporting."
"The product has an intuitive dashboard."
"The most valuable for us is the correlation feature."
"We really like the dashboard from Trellix and we've found that it's pretty informative."
"What I like best is the integrated end-to-end security that works with the security information and events manager."
"Would benefit with the addition of DLP features."
"The endpoint protection and disk encryption features are the most valuable."
"It has improved my organization because it helps with visibility, in terms of security. We can see the actual attack and can contain it. The antivirus can detect that."
"The package of protection that it provides is useful. It has antivirus, malware protection, VPN, and a whole bunch of other features."
"The most valuable features are reporting from the ePO console and the advanced threat protection (ATP)."
"Some of McAfee Endpoint Security's main features are it has benefits over normal conventional antivirus solutions because it works much faster."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."
"The price could be a little lower."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"Managing the product should be easier."
"Impact on system performance is horrible, adding a lot of delays for users."
"The solution could improve by providing better integration with their own products and others."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"We don't like the solution since it requires much memory consumption and consumes much CPU resources."
"I've encountered minor challenges related to encryption."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
"The solution should provide a more easy way to uninstall it on specific stations."
"There is room to improve with scalability."
"The interface is complex."
"The price of the solution is high in Asia."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 95 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trend Micro Apex One, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.