• Home
  • Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security

Cortex XDR by Palo Alto Networks vs Trellix Endpoint Security comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Defender XDR

Read 75 Microsoft Defender XDR reviews
5,744 views|4,276 comparisons
98% willing to recommend
Palo Alto Networks Logo

Cortex XDR by Palo Alto Networks

Read 80 Cortex XDR by Palo Alto Networks reviews
31,048 views|17,576 comparisons
94% willing to recommend
Trellix Logo

Trellix Endpoint Security

Read 94 Trellix Endpoint Security reviews
17,582 views|10,401 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security
March 2024
Executive Summary
Updated on Jul 7, 2023

We performed a comparison between Trellix Endpoint Security and Cortex XDR by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Trellix Endpoint Security is highly valued for its easy administration options and reliability. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness. Cortex XDR by Palo Alto Networks presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. However, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education.

  • Service and Support: Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems. Some customers were impressed with Palo Alto support, while others reported mixed experiences. 

  • Ease of Deployment: The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise. Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning.

  • Pricing: Some find Trellix’s price reasonable and competitive, while others believe it could be lowered. Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers.

  • ROI: Trellix Endpoint Security provides significant time savings. Cortex XDR creates value by ensuring system and data security rather than a financial return on investment.


Comparison Results: Trellix Endpoint Security is preferred over Cortex XDR. Users said Trellix's comprehensive management capabilities enable effortless administration of all programs from a single console. Cortex XDR received mixed reviews for its initial setup, customer service, and pricing. 

To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security Report (Updated: March 2024).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
Benjamin Van Der Westhuyzen
Provides us with better insight into what's going on across our platform
It provides us with better insight into what's going on across our platform. It has also given us a very easy way to respond when threats or alerts... Read more →
Amjad Khan
Researched Trellix Endpoint Security but chose Cortex XDR by Palo Alto Networks: You can see the value for your money and sleep peacefully at night, not worrying about ransomware attacks
After deploying Traps, we saw the performance of the network improve by 65 to 70 percent. There was a drop in the latency rate over the... Read more →
Anonymous User
Researched Cortex XDR by Palo Alto Networks but chose Trellix Endpoint Security: A good combination of features for both signature and signature-less detection
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints.""The integration, visibility, vulnerability management, and device identification are valuable.""The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update.""Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing.""It has great stability.""The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions.""Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment.""I have found the ability to delete unwanted threats beneficial."

More Microsoft Defender XDR Pros →

"It'll not slow down your system when compared to others.""Stability is a primary factor, and then there's the ease of distribution and policy management.""The management capabilities, allow an IT organization to get quite a good picture of attempted cyber attacks.""Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised.""The stability of this product is very good.""The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service.""The product's most valuable features are massive user and feature intelligence exploit detection.""We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."

More Cortex XDR by Palo Alto Networks Pros →

"Some of McAfee Endpoint Security's main features are it has benefits over normal conventional antivirus solutions because it works much faster.""The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security.""It can be deployed quickly, and it's scalable. Those are the two advantages of it.""The product helps us by contacting us if there are any virus attacks on our system.""Trellix Endpoint Security offers robust access protection, addressing major concerns in prevention. It provides both application control and user access control within its access protection features.""It's quite easy to install agents.""The most valuable features are the prevention layer that detects the signature value and prevents threats in the network.""One valuable feature is Threat Prevention with the on-demand scan."

More Trellix Endpoint Security Pros →

Cons
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform.""A simple dashboard without having to use MS Sentinel would be a welcome improvement.""There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups.""Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team.""The tool gives inconsistent answers and crashes a lot.""Stability could be improved by avoiding frequent changes to the interface.""While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience.""I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."

More Microsoft Defender XDR Cons →

"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it.""Impact on system performance is horrible, adding a lot of delays for users.""In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution.""The solution needs better reports. I think they should let the customer go in and customize the reports.""Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it.""Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer.""The solution could improve by providing better integration with their own products and others.""If they had pulse rate detection, it would be better."

More Cortex XDR by Palo Alto Networks Cons →

"The vendor should simplify the way they bundle the products because it's very hard to explain to customers what products contain which features.""There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging.""McAfee GW Security and McAfee Child Safety need some improvement as they are relatively new.""An area of improvement for this solution is to make it easier to manage.""The resolution time should be faster.""It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement.""They can make it free, but that's not going to happen.""I would like this solution to do what Palo Alto traps does because I would only need to run this one product."

More Trellix Endpoint Security Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "I feel it is fairly priced."
  • "The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
  • "We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
  • "It is "expensive" and flexible."
  • "Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
  • "I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
  • "It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
  • "The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."

    • More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →

  • "The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license."
  • "Pricing is fair."
  • "No comment."
  • "The pricing is comparable to other solutions on the market."
  • "This product is costly."
  • "It's fairly priced compared to other products on the market."
  • "Pricing is reasonable and runs at a cost per user per year."
  • "It is not that expensive. There is no additional cost. We got the entire bundle together."

    • More Trellix Endpoint Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an… more »
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Read all 29 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Defender XDR has good threat visibility, but it could be better in some areas, like when we are hunting for a specific… more »
    Read all 37 answers   →
    Cortex XDR by Palo Alto vs. Sentinel One
    Top Answer:Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks.… more »
    Read all 3 answers   →
    Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that… more »
    How is Cortex XDR compared with Microsoft Defender?
    Top Answer:Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface… more »
    How does McAfee Endpoint Security compare with MVISION?
    Top Answer:The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy… more »
    Read all 2 answers   →
    What do you like most about McAfee Endpoint Security?
    Top Answer:It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and… more »
    Read all 53 answers   →
    What is your experience regarding pricing and costs for McAfee Endpoint S...
    Top Answer:I would emphasize its affordability rather than merely focusing on cheapness. It provides good value by striking a… more »
    Read all 32 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Cyvera, Cortex XDR, Palo Alto Networks Traps
    McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
    Learn More
    Microsoft
    Palo Alto Networks
    Trellix
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs simply cannot offer. This level of transparency lends itself to both quick identification of problems that arise and the equally quick development of a potential solution.

    Cortex XDR’s machine learning works on many different levels to detect and prevent threats. It is constantly scanning for threats and vulnerabilities. The solution can scan up to 5.4 billion IP addresses in three-quarters of an hour. This allows it to spot weak points in the system and notify administrators long before hackers can take advantage of vulnerabilities. Once the Artificial Intelligence (AI) discovers an issue or an area where an issue could potentially take place the system creates a log of the information and subsequently sends an alert to system administrators. The AI takes the information that it has gathered and uses it to assign threat levels to the issues that it detects. Following this, a human analyst will be assigned to manually assess the issue and deal with it accordingly. You can set it to automatically respond to the threat by isolating the issue while analysts investigate it.

    Benefits of Cortex XDR

    Some of Cortex XDR’s benefits include:

    • The use of advanced AI analytics, behavior analytics, and custom-made detection to detect advanced threats before they occur.
    • The ability to group similar threat alerts, reducing incoming alerts by as much as 98%. This allows analysts to avoid being overwhelmed by the volume of incoming alerts.
    • The ability to investigate threats as much as 8 times faster than would be possible with other software. The machine learning, when coupled with the unified data stream that Cortex XDR collects, significantly increases the ability to more quickly discover the root cause of a threat.

    Reviews from Real Users

    Cortex XDR by Palo Alto Networks software stands out among its competitors for a number of reasons. Two major ones are its ability to isolate threats while enabling them to be studied and the way that the software combines all of the data that it gathers into a single, more complete picture than other solutions offer.

    PeerSpot users note the effectiveness of these features. A network designer at a computer software company wrote, “The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.”

    Jeff W., Vice President/CTO at Sinnott Wolach Technology Group, noted, “The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.”



    Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

    Trellix Endpoint Security Benefits

    • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

    • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

    • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

    Trellix Endpoint Security Top Features

    • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

    • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
    • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

    Reviews from Real Users

    “It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

    “There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    CBI Health Group, University Honda, VakifBank
    inHouseIT, Seagate Technology
    Top Industries
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Government11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company17%
    Financial Services Firm13%
    Security Firm9%
    Consumer Goods Company7%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Government8%
    Financial Services Firm8%
    Comms Service Provider6%
    REVIEWERS
    Computer Software Company23%
    Financial Services Firm21%
    Comms Service Provider9%
    Government9%
    VISITORS READING REVIEWS
    Educational Organization37%
    Government9%
    Computer Software Company8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business41%
    Midsize Enterprise22%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise19%
    Large Enterprise56%
    REVIEWERS
    Small Business42%
    Midsize Enterprise23%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise45%
    Large Enterprise42%
    Buyer's Guide
    Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security
    March 2024
    Free Report: Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security
    Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    767,847 professionals have used our research since 2012.

    Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Trellix Endpoint Security is ranked 12th in Endpoint Protection Platform (EPP) with 94 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Kaspersky Endpoint Security for Business, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security report.

    See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.

    We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.