We performed a comparison between Trellix Endpoint Security and Cortex XDR by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security is highly valued for its easy administration options and reliability. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness. Cortex XDR by Palo Alto Networks presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. However, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education.
Service and Support: Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems. Some customers were impressed with Palo Alto support, while others reported mixed experiences.
Ease of Deployment: The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise. Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning.
Pricing: Some find Trellix’s price reasonable and competitive, while others believe it could be lowered. Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers.
ROI: Trellix Endpoint Security provides significant time savings. Cortex XDR creates value by ensuring system and data security rather than a financial return on investment.
Comparison Results: Trellix Endpoint Security is preferred over Cortex XDR. Users said Trellix's comprehensive management capabilities enable effortless administration of all programs from a single console. Cortex XDR received mixed reviews for its initial setup, customer service, and pricing.
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"It has great stability."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"I have found the ability to delete unwanted threats beneficial."
"It'll not slow down your system when compared to others."
"Stability is a primary factor, and then there's the ease of distribution and policy management."
"The management capabilities, allow an IT organization to get quite a good picture of attempted cyber attacks."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"The stability of this product is very good."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"The product's most valuable features are massive user and feature intelligence exploit detection."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"Some of McAfee Endpoint Security's main features are it has benefits over normal conventional antivirus solutions because it works much faster."
"The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security."
"It can be deployed quickly, and it's scalable. Those are the two advantages of it."
"The product helps us by contacting us if there are any virus attacks on our system."
"Trellix Endpoint Security offers robust access protection, addressing major concerns in prevention. It provides both application control and user access control within its access protection features."
"It's quite easy to install agents."
"The most valuable features are the prevention layer that detects the signature value and prevents threats in the network."
"One valuable feature is Threat Prevention with the on-demand scan."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The tool gives inconsistent answers and crashes a lot."
"Stability could be improved by avoiding frequent changes to the interface."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"Impact on system performance is horrible, adding a lot of delays for users."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"The solution needs better reports. I think they should let the customer go in and customize the reports."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"The solution could improve by providing better integration with their own products and others."
"If they had pulse rate detection, it would be better."
"The vendor should simplify the way they bundle the products because it's very hard to explain to customers what products contain which features."
"There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."
"McAfee GW Security and McAfee Child Safety need some improvement as they are relatively new."
"An area of improvement for this solution is to make it easier to manage."
"The resolution time should be faster."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"They can make it free, but that's not going to happen."
"I would like this solution to do what Palo Alto traps does because I would only need to run this one product."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Trellix Endpoint Security is ranked 12th in Endpoint Protection Platform (EPP) with 94 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Kaspersky Endpoint Security for Business, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.