HP Wolf Security vs Trellix Endpoint Detection and Response (EDR) comparison

"The most valuable feature is the process isolation because it simply stops malware from infecting the machines."

"Our overall security posture has absolutely improved as a result of adding Bromium to our security stack. We continue to have less user impact through a significantly reduced amount of malware infections. It's become a non-event."

"We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact."

"The isolation feature is the most important because it prevents attacks."

"The feature that stands out the most is that when someone clicks on a link in an email... [if] that link is malicious and it has some malware or keylogger attached to it, when it opens up in that Bromium virtualized browser, there's no chance of it actually being on the machine and running, because as soon as they click that "X" in the upper right-hand side of the browser, everything just vanishes. That is an added plus."

"Now, instead of us having to go through that analysis, they actually give us a monthly report that shows us: "Here's what you got hit with, here's what would have happened, here are the forensics behind the attack," and, obviously, Bromium stopped it."

"It has prevented thousands of potential threats by encapsulating them within its own vSentry container, thus providing overall protection and integrity of the operating system."

"I use HP Wolf Security to add a layer of safety, especially for laptops operating in various environments."

"The product is user-friendly."

"Trellix has a user-friendly interface."

"It is a stable solution. Stability-wise, I rate the solution a nine out of ten...I rate the solution's technical support team a nine and a half or ten out of ten."

"The product's initial setup phase was very straightforward since you just need to install it, and it works."

"The product and the services we have are quite good."

"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."

"The investigation and rule detection feature of the solution has proven most useful for our company"

"Blocking browser navigation is a feature of the solution with which we have experienced success."

"After a major release, there's always a lot of "dust settling." You have to work through all those issues and then you're fine for a while. The problem is, it's stable, it's fine, until the next major release comes out. Then you go back into the cycle again of uncertainty, instability, working through issues until they have patched and remediated all the problems that you're having. It's not unlike any other vendor though"

"The tool behaves differently when I ported to Windows 11."

"Initially, when we came in contact with Bromium a few years ago, it had a nice threat analyst, or a LAVA Pop, which is what they used to call it. Once it detected malware, it would show us the malware's path... I don't see that on the computers now. We only get to see that in the console. I would like to still see that on the individual machines because when we go out to look at a machine, we don't necessarily have access to the console."

"They need to improve the compatibility with other applications and its stability. It works well with attacks, but it doesn't work well with all software on the clients. There is a lot of troubleshooting and a lot of things that need to be tuned to make it work and not break things."

"Room for improvement would be keeping up with the rate of change, specifically on Windows platforms. There are a lot of updates that come out for Microsoft Windows operating systems and the Bromium product needs to be able to keep up quickly with those updates and all the browser updates that are coming out. It's hard to do, but that's really where they need to be more responsive because we end up with problems and then we have to call support to get patches, etc."

"Reporting is one of the shortcomings of the product. We do mine the data that's in there from a forensics perspective... It becomes very difficult because you have to spend a lot of time digging through the volumes of data. Reporting is absolutely the biggest shortcoming."

"They have always struggled with usability. The protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents."

"I did not find this to be an out-of-the-box solution, it required planning and alignment across many groups."

"I'd like the tool to become more like an XDR, with one management system and endpoint activation."

"The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."

"The console has a lot of bugs, and it creates many issues."

"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."

"Trellix needs to focus on gaining traction with partners and building trust among users."

"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."

"The graphical view for nodes must be increased."

"Some modules that are doing machine learning and artificial intelligence are blocking our processes."

"The pricing is very fair compared to the competition. The licensing is straightforward."

"The product came as a bundle with the machine."

"Pricing is reasonable."

"I think the pricing is a good value. All of these security products are always going to be very expensive, but I don't think Bromium is unreasonable. I think Bromium is decently priced. It’s a tiered licensing platform. The more you buy, the cheaper gets per unit, and I think their tiers are very well defined. I think they're fair."

"The product's pricing is a good value. We only run it on our internet-facing workstations, we don't run it on everything in our environment. We are very selective. Some organizations may want to consider doing something like that to reduce their license count."

"The pricing is always high."

"The price is reasonable."

"The product’s pricing is reasonable."

"The cost is okay, compared to other products."

"Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand."

"McAfee MVISION Endpoint Detection and Response is reasonable in terms of cost. It's a tool my company has been using for a few years now. It costs $25,000 to $30,000 for six hundred users."

"On a scale of one to ten, where one is low and ten is high, I rate the solution's pricing an eight out of ten."

"Speaking about the price, you must use the product to find the product's cost for you."