Coming October 25: PeerSpot Awards will be announced! Learn more
  • Home
  • CylancePROTECT vs. Trellix Endpoint Security

CylancePROTECT vs Trellix Endpoint Security comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
CylancePROTECT vs. Trellix Endpoint Security
September 2022
Executive Summary

We performed a comparison between CylancePROTECT and Trellix Endpoint Security based on real PeerSpot user reviews.

Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed CylancePROTECT vs. Trellix Endpoint Security report (Updated: September 2022).
Download the complete report
635,162 professionals have used our research since 2012.
Featured Review
Felipe Guimaraes
Helps protect data on user devices
We need to follow many countries' laws about data privacy. This is a requirement that is key for users. Cybersecurity resiliency has been important... Read more →
Sean Muller
Scalable product, needs work on false positives detection and application integration
The solution has broken down the organization by taking down the network about six times in two years.
Milos Tolpa
Provides good visibility, supports drive encryption, and the threat intelligence capability improves overall security
It provides a lot of information and great visibility, with really great options for managing the environment.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see.""Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts.""appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us.""Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source.""The entirety of our network infrastructure is Cisco and the most valuable feature is the integration.""It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it.""Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP.""The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."

More Cisco Secure Endpoint Pros →

"In most cases, the solution's ability to detect in the MITRE framework, and its ability to be able to detect attacks in any one of seven or eight different areas of the life cycle of an attack is very useful.""A user can continue to add endpoints and the solution will continue to perform well.""We are quite security-focused. Blackberry Protect as an endpoint solution for our service really delivers what we are expecting.""CylancePROTECT is very stable - we've had no issues with performance and no errors or bugs.""I like the AI and mathematical components that they use.""One of the best features of the solution is that it's easy to deploy.""It provides good insight into the programs, applications, or websites that may need attention.""I find the actual overall endpoint malware protection the most valuable feature of CylancePROTECT."

More CylancePROTECT Pros →

"The detection is great and the solution is constantly improving.""The DLP and user interface are the most valuable feature.""The most valuable feature is the centralized console where everything can be controlled by the administration.""The solution provides dashboard control, so we can centrally monitor the entire status of our organization.""The installation is pretty straightforward.""Threat prevention is valuable because most clients use other solutions like antivirus as part of web protection. I don't find that kind of solution useful.""The product is quite user-friendly.""The performance is good."

More Trellix Endpoint Security Pros →

Cons
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself.""We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way.""In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through.""I would like to see integration with Cisco Analytics.""They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need.""We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints.""An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number.""The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."

More Cisco Secure Endpoint Cons →

"They could improve on the false positives, reporting and whitelisting features.""It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus.""The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward.""The price for this EPP platform is expensive and could be improved.""CylancePROTECT's dashboard could be more user-friendly.""If they can add more features on top of their Persona feature that would be ideal.""The product does not do a lot of reporting on what it is taking care of. Enhanced reporting would be a welcome improvement.""I'd like them to do software distribution too, but they said that that's architecturally not at the product line."

More CylancePROTECT Cons →

"The software download features could stand improvement.""It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement.""The local technical support could be better.""The solution takes up a high amount of memory and can cause the system to hang.""It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well.""With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint.""Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short.""They can improve its resource consumption, such as memory, and maybe provide better or smaller updates. It always takes a lot of resources, but it has been getting better. I have been using McAfee products for the last 20 years or so, and I know it is getting better."

More Trellix Endpoint Security Cons →

Pricing and Cost Advice
  • "Licensing fees are on a yearly basis and I am happy with the pricing."
  • "We have a license for 3,000 users and if we get up to 3,100 users, it doesn't stop working, but on the next renewal date you're supposed to go in there and add that extra 100 licenses. It's really good that they let you grow and expand and then pay for it. Sometimes, with other products, you overuse a license and they just don't work."
  • "Cisco Secure Endpoint is not too expensive and it's not cheap. It's quite fair."
  • "The price is very fair to the customer."
  • "...the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out."
  • "The pricing and licensing fees are okay."
  • "Because we do see the value of what it's bringing, I think they have priced it well."
  • "The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."

    • More Cisco Secure Endpoint Pricing and Cost Advice →

  • "The product cost is about $5, per user, per month."
  • "This cost of the license is approximately $5 USD monthly per user."
  • "It's not so heavily priced; rather, it's average and decent."
  • "We pay our license on a yearly basis and have just renewed for two years."
  • "The license price for this solution could be better. It's on the expensive side."
  • "CylancePROTECT's pricing is reasonable, at about €18 per user, per year."

    • More CylancePROTECT Pricing and Cost Advice →

  • "It is not that expensive. There is no additional cost. We got the entire bundle together."
  • "The price of this product is good."
  • "The price of McAfee is pretty similar to Symantec, and there are no costs in addition to the standard licensing fees."
  • "Its price is very high. It is higher than its competitors, and it should be less."
  • "The pricing is great and licensing fees are billed on a yearly basis."
  • "Since the maintenance is done by our own team, the price of the subscription should really be cheaper."
  • "We pay 650 Rand for a license. It is a perpetual license which we normally run for two years."
  • "There is a one-year and a three-year license available for this solution, we are currently on a three-year license."

    • More Trellix Endpoint Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which EPP (Endpoint Protection for Business) solutions are best for your needs.
    See Recommendations
    635,162 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Cisco AMP for Endpoints?
    Top Answer:The most valuable feature is signature-based malware detection.
    Read all 19 answers   →
    What is your experience regarding pricing and costs for Cisco AMP for End...
    Top Answer:Licensing fees are on a yearly basis and I am happy with the pricing.
    Read all 12 answers   →
    What needs improvement with Cisco AMP for Endpoints?
    Top Answer:The GUI needs improvement, it's not good. There are false positives in emails. At times, the emails are blocked and… more »
    Read all 20 answers   →
    What do you like most about CylancePROTECT?
    Top Answer:A user can continue to add endpoints and the solution will continue to perform well.
    Read all 18 answers   →
    What is your experience regarding pricing and costs for CylancePROTECT?
    Top Answer:I don't have any information in relation to the pricing or the licensing. it's not an aspect of the solution I deal… more »
    Read all 8 answers   →
    What needs improvement with CylancePROTECT?
    Top Answer:Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's… more »
    Read all 18 answers   →
    How does McAfee Endpoint Security compare with MVISION?
    Top Answer:The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy… more »
    Read all 2 answers   →
    What do you like most about McAfee Endpoint Security?
    Top Answer:We really like the dashboard from Trellix and we've found that it's pretty informative.
    Read all 41 answers   →
    What is your experience regarding pricing and costs for McAfee Endpoint S...
    Top Answer:I think Trellix is more on the higher side of the market, just on a general scale, but I also think it depends on what… more »
    Read all 22 answers   →
    Comparisons
    Also Known As
    Cisco AMP for Endpoints
    Blackberry Protect
    McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
    Learn More
    Cisco
    BlackBerry
    Trellix
    Overview

    Cisco Secure Endpoint is a cloud-managed endpoint security solution that provides advanced protection against viruses, malware, and other cyber threats by detecting, preventing, and responding to threats. Cisco Secure Endpoint is managed online via a web-based management console and can be deployed on a variety of platforms. It protects endpoints, networks, emails, and web traffic.

    In a world of evolving threats, it’s necessary to put security above everything. Cisco Secure Endpoint provides you with the scope, scale, and capabilities to attain effective security with its integrated portfolio and industry-leading threat intelligence. Cisco Secure Endpoint continuously tracks and analyzes files and file activities across your systems - both remote and on premises - and compares these events to other events that occurred before or during past attacks. If a file exhibits malicious behavior, the tool sends an alert which enables you to stop a potential threat from succeeding.

    Key Capabilities of Cisco Secure Endpoint

    • Multi-layered protection: Cisco Secure Endpoint combines behavioral analytics, machine learning, and signature-based techniques to prevent threats from compromising your endpoints.

    • Powerful EDR capabilities: Reduce attack surface using advanced endpoint and extended detection and response, threat hunting, and endpoint isolation.

    • Dynamic malware analysis: Identify and block attacks in real time.

    • Simplified investigations: Advanced search capabilities help you get the information you need about your endpoints fast.

    Reviews from Real Users

    Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

    Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

    Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

    Blackberry Protect is a next generation artificial intelligence (AI) based endpoint protection platform (EPP) that prevents breaches and provides added controls for safeguarding against sophisticated cyberthreats. It uses predictive analysis to quickly and accurately find even the most advanced threats before they ever take place. Blackberry Protect’s cloud-based supercomputer mines hundreds of millions of files from all over the cloud, allowing it to predict and stop any hacker dead in their tracks.

    Blackberry Protect runs on a lightweight agent and requires no internet connection. Instead of taking up massive amounts of computing power, it typically requires less than 1% of a system’s available computing resources. In addition, it only needs to be upgraded if the model is improved, which means that you can run it on your local servers and have constant and uninterrupted access to it.

    Benefits of Blackberry Protect

    Some of the benefits of using Blackberry Protect include:

    • The use of advanced AI analytics to provide extremely fast protection. The solution scans any and all applications that attempt to execute commands in your system. If it determines that the application is a threat, then it will respond to the threatening action within milliseconds. The anti-viral software will cancel or disallow any actions that the application attempts to initiate.
    • Minimizing of potential threats by cutting off the access of unauthorized devices. Blackberry Protect allows users to determine which devices are allowed to run on their network. It enforces the security rules that your system administrators set and denies hackers the ability to penetrate your system through unapproved devices.
    • Uses less computing power while still providing your system with a robust level of protection. Blackberry Protect runs on a lightweight agent that requires you to devote a fraction of the computing power that similar solutions require. This ensures that your system does not have to sacrifice security for processing power.

    Reviews from Real Users

    The Blackberry Protect software stands out among its competitors for a number of reasons. Two major ones are the artificial intelligence and machine learning algorithms that the solution uses to detect and deal with threats and the ability to scale your level of protection according to your needs.

    PeerSpot user Donald D., the owner of Terra Controls, notes the value of having both artificial intelligence and machine learning in a single product when he writes, “The most valuable feature is the AI and ML-based virus protection that does not rely on signature-based detection methods. The way this product works is that it does not go to a central server to pick up the latest virus definitions. Instead, it's a processor-powered search that checks to see if anything out of the ordinary is running on your machine. It looks for anomalies and cancels processes that do not look normal. For example, if a program tries to read the registry and then make a change, but it hasn't been authorized, then it is assumed to be a bad actor and the process is canceled or the action is disallowed.”

    PeerSpot user Orlando B., Head of Systems at SKN Caribecafe Ltda, noted how this program is not a one-size-fits-all solution when he writes, “The solution is very good at quickly and easily changing the levels of protection for each computer and server. It's very easy to control and to see what is happening with each computer. It's very easy to choose which computer I can look at and check.”

    Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

    Trellix Endpoint Security Benefits

    • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

    • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

    • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

    Trellix Endpoint Security Top Features

    • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

    • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
    • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

    Reviews from Real Users

    “It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

    “There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

    Offer
    Learn more about Cisco Secure Endpoint
    Learn More
    Learn more about CylancePROTECT
    Learn More
    Learn more about Trellix Endpoint Security
    Learn More
    Sample Customers
    Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
    Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
    inHouseIT, Seagate Technology
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Healthcare Company11%
    Government11%
    Manufacturing Company11%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider16%
    Government8%
    Financial Services Firm6%
    REVIEWERS
    Manufacturing Company28%
    Financial Services Firm17%
    Construction Company11%
    Energy/Utilities Company11%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider16%
    Manufacturing Company7%
    Government7%
    REVIEWERS
    Financial Services Firm24%
    Computer Software Company15%
    Government12%
    Comms Service Provider10%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider15%
    Government10%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business34%
    Midsize Enterprise23%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise18%
    Large Enterprise56%
    REVIEWERS
    Small Business61%
    Midsize Enterprise12%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise20%
    Large Enterprise52%
    REVIEWERS
    Small Business36%
    Midsize Enterprise23%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise16%
    Large Enterprise65%
    Buyer's Guide
    CylancePROTECT vs. Trellix Endpoint Security
    September 2022
    Free Report: CylancePROTECT vs. Trellix Endpoint Security
    Find out what your peers are saying about CylancePROTECT vs. Trellix Endpoint Security and other solutions. Updated: September 2022.
    DOWNLOAD NOW
    635,162 professionals have used our research since 2012.

    CylancePROTECT is ranked 18th in EPP (Endpoint Protection for Business) with 15 reviews while Trellix Endpoint Security is ranked 17th in EPP (Endpoint Protection for Business) with 37 reviews. CylancePROTECT is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of CylancePROTECT writes "An outstanding product that is pretty spot on and easy to deploy and use". On the other hand, the top reviewer of Trellix Endpoint Security writes "An informative dashboard and immediate reporting and notifications ". CylancePROTECT is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne, Carbon Black CB Defense and Malwarebytes, whereas Trellix Endpoint Security is most compared with McAfee MVISION Endpoint, Microsoft Defender for Endpoint, Symantec Endpoint Security, Cortex XDR by Palo Alto Networks and CrowdStrike Falcon. See our CylancePROTECT vs. Trellix Endpoint Security report.

    See our list of best EPP (Endpoint Protection for Business) vendors.

    We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.