We performed a comparison between IBM Security QRadar and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"It is stable and scalable."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The most valuable feature is the analysis, because of the beta structure."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is incredibly easy to deploy. All the appliances are flexible in the roles that they serve and are all managed the in the same way."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want."
"The solution is flexible and easy to use."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"The most valuable feature is the machine learning module."
"It has a good integration with the artificial intelligence engine of Watson."
"I like that it's easy to use and the performance is good."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"The biggest strength of the solution is that it's an integrated product that includes EDR and antivirus."
"Trellix has a user-friendly interface."
"The product's initial setup phase was very straightforward since you just need to install it, and it works."
"The product is user-friendly."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"The product provides a one-click recovery of encrypted files."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The only minor concern is occasional interference with desired programs."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The support needs improvement."
"ZTNA can improve latency."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"They should speed up the incident response and also, at the same time, reduce the amount of manual effort that is required."
"The technical support can be improved a little bit, and the price could be cheaper."
"Ideally we would like a mobile version so that any alert that comes in will notify us in a mobile app, or by using SMS integration."
"The solution lacks vendor support."
"In a future release, the solution could provide malware analysis."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"Right now, if you look at the compatibility, if you need to deploy QRadar in a physical appliance you have only two choices of server, their own or a Lenovo server. In today's world, you cannot keep something tied to such a big brand. Clients want to be able to use whatever type of server they want."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement."
"An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."
"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"Trellix does not support Linux and Mac."
"The console has a lot of bugs, and it creates many issues."
"The graphical view for nodes must be increased."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. IBM Security QRadar is rated 8.0, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Microsoft Defender for Endpoint. See our IBM Security QRadar vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.