Cybereason Endpoint Detection & Response vs Trellix ESM comparison

The compared Cybereason and Trellix solutions aren't in the same category. Cybereason is ranked #24 in EDR , with an average rating of 8.2, and holds a 0.9% mindshare in the category. Trellix is ranked #20 in SIEM , with an average rating of 8.0, and holds a 1.0% mindshare. Additionally, 89% of Cybereason users are willing to recommend the solution, compared to 75% of Trellix users who would recommend it.

Cybereason Endpoint Detecti...

Read 21 Cybereason Endpoint Detection & Response reviews

2,561 Views
339 Comparison Views

89% willing to recommend

Trellix ESM

Read 37 Trellix ESM reviews

1,563 Views
721 Comparison Views

75% willing to recommend

Cybereason Endpoint Detecti...

Trellix ESM

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cybereason Endpoint Detection & Response and Trellix ESM based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: January 2025).

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download the complete report

Helped 860,711 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Average Rating

8.0

Reviews Sentiment

7.9

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (35th), Endpoint Detection and Response (EDR) (24th)

Trellix ESM

Average Rating

7.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (20th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cybereason Endpoint Detection & Response is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 0.9%, down 1.1% compared to last year.
Trellix ESM, on the other hand, focuses on Security Information and Event Management (SIEM), holds 1.0% mindshare, up 0.7% since last year.

Endpoint Detection and Response (EDR)

Security Information and Event Management (SIEM)

Featured Reviews

AtulChaurasia

Operational Technical Security at Metro Bank

Scalable platform with intuitive features for detecting malicious files

The initial setup process is straightforward. We have to install the agent, create a package, and deploy it on servers. It has a prebuilt console managed by the cloud team of Cybereason. We don't have to worry about the console and concentrate on endpoint implementation. It takes ten days to deploy it on 10,000 devices.

Read full review

Daniel Durian

Senior Information Security Manager at a real estate/law firm with 10,001+ employees

Helps to monitor and detect cyberattacks

The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The interface is user-friendly."

"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."

"The initial setup is not overly complicated."

"The initial setup process is straightforward."

"The initial setup was straightforward."

"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."

"The dashboard is very good and you can consider it as an interactive UI."

"What I find most valuable is the clarity of the platform."

More Cybereason Endpoint Detection & Response pros

"The most valuable feature in ESM is its search and reporting feature. It's really nice."

"It enables us to detect malicious threats, issues, or vulnerabilities in our network."

"Compared to other solutions, the user interface is good."

"It is user-friendly. The notification part of McAfee ESM is very easy."

"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."

"The strongest part of Trellix ESM is that we get quite good reports."

"It is easy to use and deploy. It comes with user-friendly manuals."

"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."

More Trellix ESM pros

Cons

"They need to improve their technical support services."

"The reporting feature needs improvement."

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."

"It should be more stable, and the sensor needs improvement in terms of connectivity."

"It initially took some time to deploy."

"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."

"I feel that the product lacks reporting features and needs improvement."

"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."

More Cybereason Endpoint Detection & Response cons

"We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics."

"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."

"There should be support for multitenancy in the product."

"Product-wise, adding accounts on a single data source by batch would be a really great help."

"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."

"The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time."

"Tech support is required each time there is a system update of the solution."

"I would like to see improvements to the user interface."

More Trellix ESM cons

Pricing and Cost Advice

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"I do not have experience with the licensing of the product."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"In terms of cost, this is a good choice for our needs."

"This product is somewhat expensive and should be cheaper."

"In terms of pricing, it's a good solution."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

More Cybereason Endpoint Detection & Response pricing and cost advice

"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."

"We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."

"The product is slightly expensive."

"It is an inexpensive product. We purchase its yearly license."

"The cost is dependent on the customer's environment and requirements."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"We renew our license annually."

More Trellix ESM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

860,711 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

11%

Manufacturing Company

Government

Educational Organization

36%

Financial Services Firm

Computer Software Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about McAfee ESM?

The solution's technical support is great.

See all answers

What is your experience regarding pricing and costs for McAfee ESM?

When discussing Trellix ESM pricing and licensing, if you consider some premium product, the pricing also has to be premium, however, enterprise customers who look for a premium product, alongside ...

See all answers

What needs improvement with McAfee ESM?

We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be...

See all answers

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response

Compared 29% of the time

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 11% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 11% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 10% of the time

Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response

Compared 5% of the time

More Cybereason Endpoint Detection & Response Competitors

OpenText Enterprise Security Manager vs Trellix ESM

Compared 29% of the time

Splunk Enterprise Security vs Trellix ESM

Compared 15% of the time

LogRhythm SIEM vs Trellix ESM

Compared 15% of the time

SentinelOne Singularity Complete vs Trellix ESM

Compared 11% of the time

Fortinet FortiSIEM vs Trellix ESM

Compared 11% of the time

More Trellix ESM Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

July 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

Trellix ESM

June 2025

Download Trellix ESM product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Trellix

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.

DOWNLOAD NOW

860,711 professionals have used our research since 2012.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.