Cybereason Endpoint Detection & Response vs Trellix ESM comparison

The compared Cybereason and Trellix solutions aren't in the same category. Cybereason is ranked #23 in EDR , with an average rating of 8.2, and holds a 1.0% mindshare in the category. Trellix is ranked #24 in SIEM , with an average rating of 7.6, and holds a 0.9% mindshare. Additionally, 89% of Cybereason users are willing to recommend the solution, compared to 75% of Trellix users who would recommend it.

Cybereason Endpoint Detecti...

Read 21 Cybereason Endpoint Detection & Response reviews

2,717 Views
1,536 Comparison Views

89% willing to recommend

Trellix ESM

Read 37 Trellix ESM reviews

2,027 Views
858 Comparison Views

75% willing to recommend

Cybereason Endpoint Detecti...

Trellix ESM

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cybereason Endpoint Detection & Response and Trellix ESM based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: January 2025).

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download the complete report

Helped 850,900 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Average Rating

8.0

Reviews Sentiment

7.9

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (34th), Endpoint Detection and Response (EDR) (23rd)

Trellix ESM

Average Rating

7.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (24th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cybereason Endpoint Detection & Response is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 1.0%, down 1.2% compared to last year.
Trellix ESM, on the other hand, focuses on Security Information and Event Management (SIEM), holds 0.9% mindshare, up 0.9% since last year.

Endpoint Detection and Response (EDR)

Security Information and Event Management (SIEM)

Featured Reviews

Chad Kliewer

Information Security Officer at PTCI

We can make more informed decisions on whether an action is malicious

The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.

Read full review

Daniel Durian

Senior Information Security Manager at a real estate/law firm with 10,001+ employees

Helps to monitor and detect cyberattacks

The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It gives all the information in a clear response."

"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."

"The initial setup is not overly complicated."

"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."

"The initial setup was straightforward."

"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."

"The initial setup was easy and straightforward."

"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."

More Cybereason Endpoint Detection & Response pros

"McAfee as a whole is a good solution."

"The strongest part of Trellix ESM is that we get quite good reports."

"Trellix ESM is very user-friendly."

"It is easy to use and deploy. It comes with user-friendly manuals."

"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."

"The most valuable feature is the capability to correlate different events from different platforms that we feed into it."

"It is easy to use."

"It enables us to detect malicious threats, issues, or vulnerabilities in our network."

More Trellix ESM pros

Cons

"There is room for improvement in the product features related to device control, particularly USB management."

"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."

"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."

"The product's reporting isn't great."

"Cybereason does not have sandbox functionality."

"It initially took some time to deploy."

"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."

More Cybereason Endpoint Detection & Response cons

"Product-wise, adding accounts on a single data source by batch would be a really great help."

"Customized reports and alerting functionality could be included in the dashboard."

"The product's stability is an area of concern where improvements are required."

"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."

"Product currently requires Flash."

"We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that."

"The support from McAfee ESM could improve. They could improve the speed."

"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."

More Trellix ESM cons

Pricing and Cost Advice

"The pricing is manageable."

"In terms of cost, this is a good choice for our needs."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"This product is somewhat expensive and should be cheaper."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"I do not have experience with the licensing of the product."

More Cybereason Endpoint Detection & Response pricing and cost advice

"We renew our license annually."

"The price of McAfee ESM is higher than some of the other solutions. There are additional features that can be added at an additional fee."

"The licensing cost is based on EPS."

"It is an inexpensive product. We purchase its yearly license."

"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."

"The cost is dependent on the customer's environment and requirements."

"The product is slightly expensive."

"Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar."

More Trellix ESM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

850,900 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

11%

Manufacturing Company

Government

Educational Organization

70%

Financial Services Firm

Computer Software Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about McAfee ESM?

The solution's technical support is great.

See all answers

What is your experience regarding pricing and costs for McAfee ESM?

Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.

See all answers

What needs improvement with McAfee ESM?

The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.

See all answers

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response

Compared 28% of the time

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 15% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 10% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 9% of the time

Fortinet FortiEDR vs Cybereason Endpoint Detection & Response

Compared 5% of the time

More Cybereason Endpoint Detection & Response Competitors

ArcSight Enterprise Security Manager (ESM) vs Trellix ESM

Compared 26% of the time

Splunk Enterprise Security vs Trellix ESM

Compared 17% of the time

LogRhythm SIEM vs Trellix ESM

Compared 16% of the time

IBM Security QRadar vs Trellix ESM

Compared 10% of the time

Fortinet FortiSIEM vs Trellix ESM

Compared 10% of the time

More Trellix ESM Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

May 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

Trellix ESM

April 2025

Download Trellix ESM product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Trellix

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.

DOWNLOAD NOW

850,900 professionals have used our research since 2012.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.