Cybereason Endpoint Detection & Response vs Trellix ESM comparison

"The dashboard is very good and you can consider it as an interactive UI."

"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."

"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."

"The solution is efficient."

"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."

"For me, the technical support is good."

"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."

"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."

"McAfee as a whole is a good solution."

"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."

"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."

"The strongest part of Trellix ESM is that we get quite good reports."

"I like the ease of deployment."

"The most valuable feature is the capability to correlate different events from different platforms that we feed into it."

"The solution's technical support is great."

"Trellix ESM utilizes fewer human resources and improves security and visibility."

"The network coverage becomes an issue most of the time."

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."

"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."

"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."

"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."

"The product's reporting isn't great."

"I feel it is a shame that I cannot create groups of groups with inheritance."

"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."

"I would like to see fingerprint recognition included in the next release of this solution."

"The initial setup is difficult and could improve."

"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."

"Customized reports and alerting functionality could be included in the dashboard."

"It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."

"The product's stability is an area of concern where improvements are required."

"It is more difficult to operate Trellix ESM than other solutions."

"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"This product is somewhat expensive and should be cheaper."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"In terms of pricing, it's a good solution."

"I do not have experience with the licensing of the product."

"The pricing is manageable."

"In terms of cost, this is a good choice for our needs."

"We renew our license annually."

"McAfee is the right choice for a low-budget solution."

"The product is slightly expensive."

"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"The pricing is fair."

"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."

"The licensing cost is based on EPS."