Share your experience using Trellix XDR

I am working with EDR and XDR, focusing on migrating on-premises solutions to cloud-based solutions. We are utilizing XDR for cyber threat detection and response.

The analytics assessment and flexibility of the platform are valuable. Trellix XDR integrates with other systems like SIEM, improving forensic analysis and visualization of cyber activities. It features embedded machine learning and cyber intelligence capabilities.

The EdgeGear solution is an area that requires attention, specifically regarding AI solutions and intelligence features. We are still investigating how XDR performs and will identify areas for improvement as we deploy it further.

I have been working with Trellix solutions for eight and a half years.

Trellix XDR is highly stable, and I would rate it a ten out of ten for stability.

I would rate the scalability of Trellix XDR as eight out of ten.

Technical support is crucial, especially when facing critical issues. It's rated six out of ten. Improvements are needed in the support sector, with a focus on providing expert assistance during production periods.

Neutral

The initial setup is not complex. Every solution needs an initial analysis to understand the features, simplifying the eventual deployment.

Since I'm a technical engineer, I don't deal with pricing or licensing. Our sales team handles those aspects.

Trellix XDR is an excellent solution that is continually improving. Given the evolving nature of cyber threats, it is essential to update the solution regularly. 

I rate the solution overall an eight out of ten.

We utilize the platform for airborne protection and redirection to enhance the environment's environment and that of our clients. Our primary focus is on this solution, and I am looking for more coverage for our security framework, particularly for our CGP program. Currently, HSA only covers host information, leaving us with limited visibility of system and network activity. Therefore, we need another SIEM solution to understand our system and network activities comprehensively.

The product's threat intelligence integration is extremely important. It enhances our ability to anticipate and respond to threats effectively, improving our security posture.

The solution's detection capabilities are very efficient. It contributes to our system's robust event detection and analysis, enabling us to respond effectively to incidents.

The platform should enhance compatibility with all other SIEM solutions. Customers should not feel constrained to using only Trellix products due to integration challenges, as this limits their options.

Future updates should prioritize enhanced integration features with third-party SIEMs and broader threat intelligence capabilities to improve the platform's adaptability in diverse environments.

I have been using Trellix XDR for at least two years.

The technical support team is responsive and helpful, particularly when addressing technical issues during deployment or usage.

Positive

The deployment is straightforward, and the interface is user-friendly, making it easy for security analysts and engineers to adapt to the platform. However, the functionality is not significantly different from other vendors' offerings.

From my perspective, Trellix XDR is competitively priced, given its detection capabilities, but the added cost for compatibility with other platforms can be a consideration for budget-conscious organizations.

We are exploring additional SIEM solutions to complement this platform, especially to gain insights into system and network activities.

Trellix provided initial training sessions and documentation. However, more comprehensive training resources could further enhance the team's proficiency in utilizing the platform effectively.

Its automated response is effective but has some limitations regarding integrating other platforms. Our agents are not fully compatible with other solutions, which restricts our ability to respond to threats across different systems.

I recommend this solution, particularly its robust detection capabilities and user-friendly interface. However, organizations should evaluate their specific integration needs to ensure compatibility with existing solutions.

Overall, I rate the product an eight out of ten.