We performed a comparison between Mandiant Advantage and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The product is very easy to use."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"The most valuable feature is the network security."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The threat intelligence is excellent."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security."
"I have found the most valuable features to be the ability to manage the solution from anywhere and having an overview of the companies security."
"Initially, the DLP was very valuable for disabling access to USB drives."
"The thing that I like is that they have gathered almost all the products in one management server, the ePolicy Orchestrator."
"The product is fairly reliable."
"This is a good solution for antivirus and malware protection."
"I like trap prevention DNS and threat prevention."
"The product is easy to use."
"We should be able to use the product on devices like Apple, Linux, etc."
"There could be a way to proactively monitor unusual activity ."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The data recovery and backup could be improved."
"Intrusion detection and prevention would be great to have with 365 Defender."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting."
"McAfee Endpoint Protection could improve the word control feature."
"The solution consumes a lot of end user memory and CPU. Trellix doesn't really focus much on the anti-malware side."
"The vendor should simplify the way they bundle the products because it's very hard to explain to customers what products contain which features."
"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."
"The local technical support could be better."
"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."
"Sometimes, while installing the ePO, we were getting so many errors and I don't know why it happened."
Mandiant Advantage is ranked 20th in Extended Detection and Response (XDR) with 3 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Mandiant Advantage is rated 8.6, while Trellix Endpoint Security is rated 8.0. The top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Microsoft Defender External Attack Surface Management, Cymulate and SnapAttack, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Mandiant Advantage vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.