Mandiant Advantage vs Trellix Endpoint Security comparison

Sponsored
Microsoft Defender XDR
Read 82 Microsoft Defender XDR reviews
  • 6,230 Views
  • 4,702 Comparison Views
97% willing to recommend
Mandiant Advantage
Read 3 Mandiant Advantage reviews
  • 980 Views
  • 626 Comparison Views
100% willing to recommend
Trellix Endpoint Security
Read 96 Trellix Endpoint Security reviews
  • 4,125 Views
  • 2,445 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Mandiant Advantage and Trellix Endpoint Security based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Mandiant Advantage vs. Trellix Endpoint Security Report (Updated: May 2024).
Buyer's Guide
Mandiant Advantage vs. Trellix Endpoint Security
May 2024
Download the complete report
Helped 787,061 peers since 2012
 

Categories and Ranking

Microsoft Defender XDR
Sponsored
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
8.4
Number of Reviews
82
Ranking in other categories
Endpoint Detection and Response (EDR) (7th), Microsoft Security Suite (1st)
Mandiant Advantage
Ranking in Extended Detection and Response (XDR)
20th
Average Rating
8.6
Number of Reviews
3
Ranking in other categories
Attack Surface Management (ASM) (1st)
Trellix Endpoint Security
Ranking in Extended Detection and Response (XDR)
10th
Average Rating
8.0
Number of Reviews
96
Ranking in other categories
Endpoint Protection Platform (EPP) (11th)
 

Market share comparison

As of June 2024, in the Extended Detection and Response (XDR) category, the market share of Microsoft Defender XDR is 23.3% and it increased by 248.9% compared to the previous year. The market share of Mandiant Advantage is 1.9% and it decreased by 14.2% compared to the previous year. The market share of Trellix Endpoint Security is 4.1% and it decreased by 30.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
Unique Categories:
Endpoint Detection and Response (EDR)
8.4%
Microsoft Security Suite
4.9%
Attack Surface Management (ASM)
10.5%
Endpoint Protection Platform (EPP)
4.5%
 

Featured Reviews

NitinKumar1 - PeerSpot reviewer
Apr 17, 2024
Works very well for vulnerability management but doesn't have many features available in other solutions
The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution. Other than that, there are still limitations in creating device groups. You can create tags, but these tags are based on limited options. There are only a few categories based on which you can create a tag or device group. If there are other conditions that you want to put, such as creating a group based on the application installed on a particular machine, you cannot do that. There are some shortcomings. Also, if you want to whitelist a particular application for a set of groups, you cannot do that. We had an incident where we wanted to whitelist a particular application that was getting blocked by Microsoft Defender, but we were not able to create those groups. We were not able to whitelist the application for some of the devices. We had to whitelist it for the whole environment, which we did not want to do. It only has pre-built dashboards. You cannot create customized dashboards. They have a set of dashboards, but they are not customizable. We can create reports using KQL, but it is hard to create customized reports using KQL. You get a CSV, but you need to use Power BI or another reporting product to create the report. The other products available in the market give you customized dashboards, customized reporting, and customized workflows. This is pending in Microsoft Defender.
Read full review
Joshua Garnett - PeerSpot reviewer
Mar 9, 2023
It gives us peace of mind that issues can be addressed when our core IT team isn't working
I rate Mandiant Advantage eight out of 10. It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far. Our biggest concern is that the client can be a resource hog and will slow things a bit while scanning if your computer doesn't have enough processing power. It works for us because we've spent the past few years upgrading our hardware. Our typical workstation has an i7 processor, at least 16 gigs of ram, and an SSD. However, if your computers aren't that robust, you might have issues when Mandiant is scanning your device.
Read full review
AV
May 2, 2023
Useful for containment and taking a triage image
We build our own use cases and those provided by the vendor for specific upcoming attack scenarios. Configuring the rule set using Trellix Endpoint Security is very much flexible based on the IOCs Trellix Endpoint Security is good for doing containment immediately. We can get visibility of…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The most valuable aspect is undoubtedly the exploration capability"
"I like Defender XDR's reports and alerts. They give you updates about the latest hotfixes and zero-day vulnerabilities, which gives me all the information I need to maintain my servers."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
More Microsoft Defender XDR pros
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security."
"The product has a robust reporting feature"
"Initially, the DLP was very valuable for disabling access to USB drives."
"Dynamic Application Containment."
"The installation is pretty straightforward."
"The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us."
"There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec."
"Trellix Security Endpoint can promptly isolate any host machines directly from the console. If alerts are received and isolation is necessary, it can be accomplished through the console. The console itself holds significant value, accessible through a browser and allowing remote actions via cloud login."
More Trellix Endpoint Security pros
 

Cons

"The logs could be better."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
More Microsoft Defender XDR cons
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"Sometimes, while installing the ePO, we were getting so many errors and I don't know why it happened."
"It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well."
"The solution should provide a more easy way to uninstall it on specific stations."
"One of the drawbacks is that it is not 100% secure."
"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
"We have a lot of problems with the user experience and it's difficult to implement. MacAfee's better than the ancient anti-virus solutions but it's a little slow to resolve. Many files with malware were destroyed through the network, and MacAfee doesn't detect anything."
"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."
More Trellix Endpoint Security cons
 

Pricing and Cost Advice

"I believe that the pricing of the licensing is fair."
"I believe the pricing is fair and acceptable. I consider it to be reasonable and satisfactory."
"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."
"While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment."
"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."
"It is fairly priced because we get complete integrated services with the E5 license."
"Microsoft Defender falls within a mid-tier price range compared to other security solutions."
"Microsoft purposely makes its license combinations complex and includes combinations like Microsoft 365 E3 and Microsoft 365 E5, Office 365 E3, Office 365 E5, and Office 365 E1, so you get confused. Microsoft tries to sell you a bundle of a lot of things together."
More Microsoft Defender XDR pricing and cost advice
Information not available
"Since the maintenance is done by our own team, the price of the subscription should really be cheaper."
"There are some extra expenses for using the product, in addition to licensing related to the maintenance of the product."
"The price of McAfee is pretty similar to Symantec, and there are no costs in addition to the standard licensing fees."
"When comparing the solution to others it is a bit expensive. We are on a monthly license."
"Trellix Endpoint Security is an inexpensive platform."
"The price of the solution is fair, we have a complete security package."
"McAfee's prices are flexible and can be quite competitive, although there are other solutions that are even more so."
"The price of the solution is in the middle range compare to others and could be reduced. There are not any additional costs."
More Trellix Endpoint Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
787,061 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Financial Services Firm
18%
Computer Software Company
13%
Government
9%
Manufacturing Company
7%
Educational Organization
37%
Government
9%
Computer Software Company
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and p...
See all answers
What is your experience regarding pricing and costs for Microsoft 365 Defender?
Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying mu...
See all answers
What needs improvement with Microsoft 365 Defender?
Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionall...
See all answers
What do you like most about Mandiant Advantage?
The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to...
See all answers
What needs improvement with Mandiant Advantage?
I think that the data query that is used for data cloud language should be improved. It's really hard to query actual...
See all answers
What is your primary use case for Mandiant Advantage?
Our primary use case was monitoring the threat actors that our clients were concerned about. We also used Mandiant Ad...
See all answers
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deplo...
See all answers
What do you like most about McAfee Endpoint Security?
It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications a...
See all answers
What is your experience regarding pricing and costs for McAfee Endpoint Security?
Trellix Endpoint Security is an affordable tool. Its renewal price is also quite low. The product is available as a s...
See all answers
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR Logo
CrowdStrike Falcon vs Microsoft Defender XDR
Compared 45% of the time
Microsoft Defender for Cloud vs Microsoft Defender XDR Logo
Microsoft Defender for Cloud vs Microsoft Defender XDR
Compared 15% of the time
Microsoft Purview Compliance Manager vs Microsoft Defender XDR Logo
Microsoft Purview Compliance Manager vs Microsoft Defender XDR
Compared 5% of the time
Wazuh vs Microsoft Defender XDR Logo
Wazuh vs Microsoft Defender XDR
Compared 4% of the time
Microsoft Purview Data Governance vs Microsoft Defender XDR Logo
Microsoft Purview Data Governance vs Microsoft Defender XDR
Compared 1% of the time
More Microsoft Defender XDR Competitors
CrowdStrike Falcon vs Mandiant Advantage Logo
CrowdStrike Falcon vs Mandiant Advantage
Compared 15% of the time
Cortex Xpanse vs Mandiant Advantage Logo
Cortex Xpanse vs Mandiant Advantage
Compared 13% of the time
Cymulate vs Mandiant Advantage Logo
Cymulate vs Mandiant Advantage
Compared 11% of the time
Microsoft Defender External Attack Surface Management vs Mandiant Advantage Logo
Microsoft Defender External Attack Surface Management vs Mandiant Advantage
Compared 11% of the time
More Mandiant Advantage Competitors
Microsoft Defender for Endpoint vs Trellix Endpoint Security Logo
Microsoft Defender for Endpoint vs Trellix Endpoint Security
Compared 21% of the time
Trellix Endpoint Security (ENS) vs Trellix Endpoint Security Logo
Trellix Endpoint Security (ENS) vs Trellix Endpoint Security
Compared 17% of the time
CrowdStrike Falcon vs Trellix Endpoint Security Logo
CrowdStrike Falcon vs Trellix Endpoint Security
Compared 7% of the time
Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security Logo
Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security
Compared 5% of the time
Trend Micro Deep Security vs Trellix Endpoint Security Logo
Trend Micro Deep Security vs Trellix Endpoint Security
Compared 5% of the time
More Trellix Endpoint Security Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender XDR
May 2024
Microsoft Defender XDR reportDownload Microsoft Defender XDR product report
Buyer's Guide
Extended Detection and Response (XDR)
May 2024
Mandiant Advantage reportDownload Mandiant Advantage product report
Buyer's Guide
Trellix Endpoint Security
May 2024
Trellix Endpoint Security reportDownload Trellix Endpoint Security product report
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
Mandiant Threat Intelligence
McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
 

Learn More

Microsoft
Mandiant
Trellix
 

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Mandiant Advantage is a multi-vendor XDR platform that provides security teams of all sizes with frontline intelligence. Mandiant Advantage aims to speed up operational as well as strategic security and risk decision making. Mandiant Advantage provides security teams with an early knowledge advantage through the Mandiant Intel Grid, which provides platform modules with current and relevant threat data and analysis capabilities. Organizations are better protected from cyber attacks and more confident in their readiness when they have access to continuous security validation, detection, and response.

Mandiant Advantage Features

Mandiant Advantage has many valuable key features. Some of the most useful ones include:

  • Threat intelligence: Front-line intelligence that enables a defender to be aware of the strategies and tactics that opponents are employing at this moment. Organizations will be able to contextualize, prioritize, and implement the most pertinent new intelligence by fusing ASM and threat intelligence.
  • Security validation: This allows security teams to optimize, rationalize, and prioritize their security activities from a budget and manpower viewpoint. It measures the effectiveness of security controls applied within an organization. Controls can be evaluated against the most recent TTPs actively used by threat actors by incorporating information into the security validation procedure. Organizations can determine whether their security policies are successfully thwarting or detecting attacks against their external attack surface by integrating ASM and security validation.
  • Automated Defense: In order to fuel SOC event/alert correlation and triage, Automated Defense combines knowledge and intelligence with machine learning. This is similar to integrating a machine-based Mandiant analyst into your security program. By merging ASM and Automated Defense, more context is given to Automated Defense, enhancing the relevance and usefulness of alarms.
  • Attack surface management: ASM offers a continuous, scalable method for locating hundreds of different asset and exposure types within on-premises, cloud, and SaaS application environments. In addition to assets being found, technologies in use are also identified, and vulnerabilities are confirmed rather than just speculated. Cyber defenders are able to effectively and efficiently limit their external exposures by integrating the full Mandiant Advantage suite into ASM, which prioritizes and validates the information regarding the attack surface.

Mandiant Advantage Benefits

There are many benefits to implementing Mandiant Advantage. Some of the biggest advantages the solution offers include:

  • Boost your current security investments: No matter what security policies you have implemented, you may improve your security capabilities by automating Mandiant's expertise as a virtual extension of your team.
  • Improve your visibility and priority: View the threats Mandiant is continuously monitoring across your attack surface and internal controls in order to prioritize and drive focus.
  • Flexible deployment: Depending on your needs, Mandiant Advantage can be supplied as technology, along with support, or as a fully managed contract.
  • Scale efficiently: Without the need for time-consuming and expensive human labor, a SaaS-based strategy deploys in hours, scales with your environment, and provides constant expert analysis.

Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

Trellix Endpoint Security Benefits

  • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

  • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

  • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

Trellix Endpoint Security Top Features

  • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

  • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
  • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

Reviews from Real Users

“It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

“There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Stater Bros. Markets, Rush Copley, Blackboat, CapWealth
inHouseIT, Seagate Technology
Buyer's Guide
Mandiant Advantage vs. Trellix Endpoint Security
May 2024
Free Report: Mandiant Advantage vs. Trellix Endpoint Security
Find out what your peers are saying about Mandiant Advantage vs. Trellix Endpoint Security and other solutions. Updated: May 2024.
DOWNLOAD NOW
787,061 professionals have used our research since 2012.
See our Mandiant Advantage vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.