We performed a comparison between IBM Security QRadar and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The product is very easy to use."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"Microsoft Defender XDR is scalable."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"This console gives you the entire view, which makes life easier and allows you to take precautionary measures."
"It protect us from multiple authentication values, unauthorized access and antivirus threats."
"QRadar UBA's most valuable feature is the risk rating of users depending on their behavior."
"Technical support is good overall."
"It allows us to search data both on-premises and on the cloud."
"IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration."
"The initial setup of QRadar is not complex because we have done it before and we are used to the development. It is getting easier all the time."
"It also allows multifunctionality within a single platform."
"The loss prevention feature would be the most valuable."
"We like the management of the ePO, and we like the management console."
"Their malware detection rate is excellent for all type of devices and the anti-theft products are good and easy to use."
"Some of McAfee Endpoint Security's main features are it has benefits over normal conventional antivirus solutions because it works much faster."
"It has improved my organization because it helps with visibility, in terms of security. We can see the actual attack and can contain it. The antivirus can detect that."
"The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security."
"I feel McAfee Endpoint Security to be a good, mature product."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"At times, there may be delays in the execution of certain actions and their effects."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The price of IBM Security QRadar is an area of concern where improvements are required."
"The dashboard and reports are not user-friendly or efficient so are of little help with threat hunting activity."
"The only problem is that if you have too many events that occur, then the storage capacity becomes a problem. We would need to increase the storage capacity."
"While the interface is easy to use, it could be a little more responsive."
"IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"Integration could be better. They should make it easy to integrate with other solutions."
"Technical support could be improved by a bit."
"We experienced some bad behavior when we first installed the product. The system also starts slowly in some instances. If for some reason this solution crashes, we could lose all our data."
"Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short."
"The tool could provide more advanced protection."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"I've encountered minor challenges related to encryption."
"When it runs in the background of the endpoint, the devices get slowed down for some applications."
"There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
IBM Security QRadar is ranked 11th in Extended Detection and Response (XDR) with 198 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. IBM Security QRadar is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our IBM Security QRadar vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.