We performed a comparison between Trellix Endpoint Security and CrowdStrike Falcon based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say CrowdStrike Falcon would benefit from adding a sandbox feature and more detailed firewall management options.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. CrowdStrike Falcon's customer service is considered prompt and helpful.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive.
ROI: Users reported saving time by implementing Trellix Endpoint Security. CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers.
Comparison Results: Trellix Endpoint Security is preferred over CrowdStrike Falcon. Users appreciate Trellix for its unified management capabilities, including a robust central console that enables simplified administration of all programs. They also value its stability, reliability, and resource efficiency. Users faulted CrowdStrike Falcon for its lack of specific features like sandboxing and granular firewall controls.
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The integration with other Microsoft solutions is the most valuable feature."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"Microsoft 365 Defender is simple to upgrade."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The solution is silent and sits on your system as one single agent."
"Scalability is good. We have had no issues with it."
"I like the Overwatch feature the most."
"The EDR and XDR features have been most valuable."
"The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM."
"The initial setup was straightforward."
"The thing that I like is that they have gathered almost all the products in one management server, the ePolicy Orchestrator."
"The reporting capabilities are a valuable feature. In enables more visibility on our network."
"We like the management of the ePO, and we like the management console."
"It is a stable solution...The solution's technical support is good."
"The product is fairly reliable."
"McAfee Complete Endpoint Protection is stable. We don't have any bugs being reported."
"Tech support is responsive. They're good, the very best."
"I feel McAfee Endpoint Security to be a good, mature product."
"There could be a way to proactively monitor unusual activity ."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The solution does not offer a unified response and standard data."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"Tighter integration around XDR could be included."
"I have worked with their technical support on several problems that were never fully resolved."
"The detection time has room for improvement."
"CrowdStrike Falcon needs to improve their host management system."
"We can't do scanning audits or device blocking or application control."
"The management of log aggregation is in need of improvement."
"CrowdStrike should add support for ransomware protection."
"Tech support is not as helpful as they were in the past."
"The solution could provide open XDR in addition to EDR."
"Its pricing needs to be improved."
"There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."
"The DAC (Dynamic Application Containment) component of this product needs improvement."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
"McAfee Endpoint Protection could improve the word control feature."
"The solution has problematic encryption, which needs reforming."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 104 reviews while Trellix Endpoint Security is ranked 12th in Endpoint Protection Platform (EPP) with 94 reviews. CrowdStrike Falcon is rated 8.6, while Trellix Endpoint Security is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and SentinelOne Singularity Complete, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our CrowdStrike Falcon vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.