Try our new research platform with insights from 80,000+ expert users

BlackBerry Cylance Cybersecurity vs TrendAI Vision One – Endpoint Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 26, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
5th
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
105
Ranking in other categories
Endpoint Detection and Response (EDR) (8th), Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
24th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
TrendAI Vision One – Endpoi...
Ranking in Endpoint Protection Platform (EPP)
9th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
134
Ranking in other categories
Endpoint Compliance (3rd), Endpoint Detection and Response (EDR) (9th)
 

Mindshare comparison

As of February 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.1% compared to the previous year. The mindshare of BlackBerry Cylance Cybersecurity is 1.3%, up from 1.2% compared to the previous year. The mindshare of TrendAI Vision One – Endpoint Security is 1.7%, down from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks3.4%
Trend Vision One Endpoint Security1.7%
BlackBerry Cylance Cybersecurity1.3%
Other93.6%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Sooraj Makkancherrry - PeerSpot reviewer
Security Operations Manager at Philips
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
Oleksii Pavlyk - PeerSpot reviewer
Head of security of digital systems, electronic databases and networks at Ukreximbank
Centralized console has improved visibility while setup remains quick on diverse environments
I don't know why I find it valuable; my colleague administrated it, but I was the chief of a team of six people, and one of them administered this product, which worked well for defending our servers. I don't know what the best features of Trend Vision One Endpoint Security are; it performs well compared to other products, and I am curious about it, but I cannot think of specific features. Perhaps my colleagues could provide that information, but I do not have that knowledge. The centralized console helps my team greatly; it is very convenient as everything is all in one console, not only EDR but many other products, such as email security and XDR features. Trend Vision One Endpoint Security positively impacts our organization as it is very simple to install on Windows and Linux servers; it is not very difficult to install.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable aspect of Cortex XDR by Palo Alto Networks for me is its integration with AI detection, where we get to know the behavioral detection based on users, traffic patterns, and different services that we consume."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"My advice for others looking into using Cortex is that it is very easy to use and very useful for the customer environment, whether it's a public or private one."
"After installing this solution, it identified, blocked, and provided the complete attack chain, which was very helpful."
"The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources."
"Provides behavior-based detection which offers many benefits over signature-based detection."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"You can manage all the threats and everything from a centralized dashboard."
"I like the AI and mathematical components that they use."
"It provides good insight into the programs, applications, or websites that may need attention."
"The Application Guard and ByteGuard are useful features."
"I rate the tool a ten out of ten when it comes to the ease of use or management part."
"Even if an endpoint loses connection to the Internet, I know that endpoint is protected against 99.99% of the threats in the wild today."
"The initial setup of CylancePROTECT is very easy."
"​Very easy to deploy. It can be done one by one or deployed by customizing an MSI file for GPO push.​"
"The behavior analytics feature is very useful, and its threat detection based on AI is very strong."
"The solution can scale."
"I like Apex One's DLP and EDR features. The DLP is a good solution because it allows you to push policies. Source detection is another one. It automatically detects malicious IPs, domains, and URLs. Most of the time, it works automatically, but sometimes it doesn't quarantine or block, so we have to perform remediation manually and delete the file or application through Power Shell."
"It's reduced administrative overhead."
"The number of accessories included is the most valuable feature."
"The most favorable features have been behavior monitoring and zero-day threat protection."
"Before Apex One, we used OfficeScan, which Trend Micro acquired, but it was on-prem. We were managing three or four anti-virus solutions. Apex One's cloud model allowed us to decommission the on-prem servers and consolidate. We get all the same features, and everything is upgraded automatically, so we only need to use the software."
"The ease of deployment is one of its most valuable features."
 

Cons

"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"I think sometimes Cortex XDR agent automatically stops event capturing from the device, and then even the dashboard does not get any notifications from the agent."
"I recommend adding a data loss prevention (DLP) solution to Cortex XDR by Palo Alto Networks. The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"I'd like them to do software distribution too, but they said that that's architecturally not at the product line."
"The company that sells us the licenses sometimes doesn't know how to do certain things."
"The initial deployment was quite complicated."
"The high price of the product is an area of concern where improvements are required. The product's price should be more competitive."
"rom my experience interacting with the primary or the central administrative console, it's quite complex. You would need a fair bit of technical experience to set it up, implement and maintain it. That would be one area for improvement."
"The product must make the interface a little more user-friendly."
"Additionally, their channel management has been lacking, with a notable disregard for small and medium-sized businesses, focusing primarily on large enterprises and very large MSPs."
"I would say one thing that they might need to bring in is protection for mobile devices."
"The policies tend to be a bit more complex to set up, so we do need some expertise in setting up the policies."
"The technical support should be more proactive."
"The integration is lacking in Trend Micro Apex One. It does not integrate well with Microsoft p solutions. For example, with Office 365, we have to buy another solution for mail protection. That's why we are assessing Microsoft Defender 365 because we have an email from Microsoft, an endpoint from Microsoft, and we use Windows systems."
"The only thing that I would like to see changed or improved in the next release is when it reports C&C callbacks, to make it easier to trace, to see what's doing that, whether it's a program checking for updates or a malicious program."
"The time required for Apex One to notify us of detection in the central console should be reduced."
"Trend Vision One Endpoint Security should have a DLP (Data loss prevention) module."
"The integration could improve in this solution."
"Some of our customers need to add cache file signatures in Trend Micro Apex One, but it is currently not a supported feature."
 

Pricing and Cost Advice

"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"Our customers have expressed that the price is high."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"I am using the Community edition."
"The pricing is a little high. It is per user per year."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"The price of the product is not very economical."
"The price is reasonable for us at the moment. I rate the overall solution an eight out of ten."
"Currently, we have competitive pricing for Cylance, which is affordable enough to consider."
"It's not so heavily priced; rather, it's average and decent."
"Our licensing cost for the solution is around $4,000 for six months. There are no costs in addition to the standard licensing fees."
"The initial end-point cost may seem a little high (~$55/device/year) but when you look at the total peace of mind that the solution provides, with no reboots for updates, and negligible performance impact, it is well worth it."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten."
"Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice."
"The product cost is about $5, per user, per month."
"The pricing is reasonable and depends on user count."
"Its pricing was good. It is very competitive with all the other vendors."
"Compared to other products on the market, I think that the pricing is reasonable."
"It has a per-user license."
"Opting for cloud solutions can provide a more cost-effective and efficient alternative, with fewer dependencies on physical setups and unexpected costs associated with on-premises tasks."
"The price of the solution is fine."
"On a yearly basis, it's about $50,000. There are no costs in addition to the standard licensing fees."
"The SaaS version is competitively priced and amazingly easy to set up."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
882,886 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
10%
Financial Services Firm
10%
Manufacturing Company
8%
Government
6%
Computer Software Company
9%
Manufacturing Company
8%
Government
6%
Comms Service Provider
6%
Computer Software Company
12%
Financial Services Firm
9%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business42
Midsize Enterprise21
Large Enterprise47
By reviewers
Company SizeCount
Small Business33
Midsize Enterprise5
Large Enterprise13
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise36
Large Enterprise60
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What do you like most about Blackberry Protect?
It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessa...
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we conta...
What's the difference between Trend Micro Deep Security and Trend Micro Apex One?
Trend Micro Deep Security offers a lot of features. It guarantees security for your data center, cloud, and container...
What do you like most about Trend Micro Apex One?
It is updated automatically without much intervention from our side. We can also get some reports easily.
What is your experience regarding pricing and costs for Trend Micro Apex One?
Regarding the price, there was a tender, and Trend Micro won; the price was good.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Blackberry Protect
Trend Micro Apex One, OfficeScan, Trend Micro OfficeScan
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
Atma Jaya Catholic University of Indonesia, A&W Food Services of Canada, Babou, Beth Israel Deaconess Care Organization (BO), DCI Donor Services, Evalueserve, Gulftainer, Hiroshima Prefectural Government, MEDHOST
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. TrendAI Vision One – Endpoint Security and other solutions. Updated: February 2026.
882,886 professionals have used our research since 2012.