Try our new research platform with insights from 80,000+ expert users

Morphisec vs Trellix Endpoint Detection and Response (EDR) comparison

Morphisec and Trellix are both solutions in the Endpoint Detection and Response (EDR) category. Morphisec is ranked #61, while Trellix is ranked #22 with an average rating of 7.4. Morphisec holds a 0.6% mindshare in EDR, compared to Trellix’s 1.2% mindshare. Additionally, 100% of Morphisec users are willing to recommend the solution, compared to 83% of Trellix users who would recommend it.
Morphisec
Read 21 Morphisec reviews
  • 1,975 Views
  • 1,126 Comparison Views
100% willing to recommend
Trellix Endpoint Detection ...
Read 23 Trellix Endpoint Detection and Response (EDR) reviews
  • 1,810 Views
  • 1,792 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Morphisec and Trellix Endpoint Detection and Response (EDR) are in the EDR category. Trellix has the upper hand due to its advanced features and comprehensive threat detection and response capabilities

Features: Morphisec offers lightweight and straightforward deployment, effectiveness in preventing advanced threats, and minimal system impact. Trellix provides extensive threat intelligence, automated response capabilities, and a feature-rich platform, making it versatile

Room for Improvement: Morphisec could improve its integration with other security tools, reporting capabilities, and expand its functionality. Trellix needs performance optimization, a more intuitive configuration process, and improved efficiency

Ease of Deployment and Customer Service: Morphisec has a quick, straightforward deployment process with robust customer support. Trellix presents a more complex deployment but offers highly responsive customer service

Pricing and ROI: Morphisec is reasonably priced and delivers a strong return on investment, appealing to budget-conscious buyers. Trellix, while more expensive, is considered worth the investment due to its advanced functionality and value in threat detection and response, offering significant ROI

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Morphisec vs. Trellix Endpoint Detection and Response (EDR) Report (Updated: September 2025).
Buyer's Guide
Morphisec vs. Trellix Endpoint Detection and Response (EDR)
September 2025
Download the complete report
Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Morphisec
Ranking in Endpoint Detection and Response (EDR)
61st
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (64th), Endpoint Protection Platform (EPP) (54th), Advanced Threat Protection (ATP) (34th), Cloud Workload Protection Platforms (CWPP) (31st), Threat Deception Platforms (15th)
Trellix Endpoint Detection ...
Ranking in Endpoint Detection and Response (EDR)
22nd
Average Rating
7.4
Reviews Sentiment
7.2
Number of Reviews
23
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Morphisec is 0.6%, up from 0.4% compared to the previous year. The mindshare of Trellix Endpoint Detection and Response (EDR) is 1.2%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Market Share Distribution
ProductMarket Share (%)
Trellix Endpoint Detection and Response (EDR)1.2%
Morphisec0.6%
Other98.2%
Endpoint Detection and Response (EDR)
 

Featured Reviews

Rick Schibler - PeerSpot reviewer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
Read full review
CESARCASTRO - PeerSpot reviewer
Enhancements needed for security alerts while ongoing training strengthens defenses
This year, I am going to improve some tools to be installed or maybe acquire some services to better manage our web services and work with my coworkers. Application fiber also needs attention. Nowadays I am making applications that are publicly seen on the Internet. I need some protection, possibly multi-factor authentication improvements. I am seeing, for workflows, some sort of ethical hacking to test our environment. Knowledge of everything, not only the product - maybe some kind of alerts - needs to emerge. I see the current ones as very low-tier, and they must improve.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."
"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."
"Morphisec is a straightforward solution that is efficient and very stable."
"Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. It changes the memory locations of where certain applications run. If you think of Excel, opening a PDF, running an Excel macro, or opening a webpage and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
More Morphisec pros
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"Trellix has a user-friendly interface."
"Blocking browser navigation is a feature of the solution with which we have experienced success."
"Trellix has done a good job reducing threats."
"The product is user-friendly."
"The product and the services we have are quite good."
More Trellix Endpoint Detection and Response (EDR) pros
 

Cons

"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."
"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."
"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."
"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."
More Morphisec cons
"The CPU utilization of the product is quite high compared to its competitors."
"The endpoints and utilization are too high, which impacts the production activity."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"The technical support must be improved."
"The console has a lot of bugs, and it creates many issues."
"An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."
More Trellix Endpoint Detection and Response (EDR) cons
 

Pricing and Cost Advice

"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"The pricing is definitely fair for what it does."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
More Morphisec pricing and cost advice
"The pricing is always high."
"The cost is okay, compared to other products."
"Speaking about the price, you must use the product to find the product's cost for you."
"The licensing costs attached to the solution are very easy to manage. There is a need to make yearly payments towards the licensing costs."
"Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand."
"On a scale of one to ten, where one is low and ten is high, I rate the solution's pricing an eight out of ten."
"The product’s pricing is reasonable."
"The price is reasonable."
More Trellix Endpoint Detection and Response (EDR) pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
869,566 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Outsourcing Company
16%
Manufacturing Company
12%
Computer Software Company
9%
Financial Services Firm
9%
Computer Software Company
12%
Financial Services Firm
12%
Government
11%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise3
Large Enterprise9
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about McAfee MVISION Endpoint Detection and Response?
Trellix has a user-friendly interface.
See all answers
What is your experience regarding pricing and costs for McAfee MVISION Endpoint Detection and Response?
I haven't had any really great problems with pricing in the past two or three years.
See all answers
What needs improvement with McAfee MVISION Endpoint Detection and Response?
This year, I am going to improve some tools to be installed or maybe acquire some services to better manage our web services and work with my coworkers. Application fiber also needs attention. Nowa...
See all answers
 

Comparisons

CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 22% of the time
Halcyon vs Morphisec Logo
Halcyon vs Morphisec
Compared 19% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 11% of the time
Hyver vs Morphisec Logo
Hyver vs Morphisec
Compared 11% of the time
Deep Instinct Prevention Platform vs Morphisec Logo
Deep Instinct Prevention Platform vs Morphisec
Compared 11% of the time
More Morphisec Competitors
Trellix Endpoint Security Platform vs Trellix Endpoint Detection and Response (EDR) Logo
Trellix Endpoint Security Platform vs Trellix Endpoint Detection and Response (EDR)
Compared 42% of the time
CrowdStrike Falcon vs Trellix Endpoint Detection and Response (EDR) Logo
CrowdStrike Falcon vs Trellix Endpoint Detection and Response (EDR)
Compared 18% of the time
SentinelOne Singularity Complete vs Trellix Endpoint Detection and Response (EDR) Logo
SentinelOne Singularity Complete vs Trellix Endpoint Detection and Response (EDR)
Compared 9% of the time
Trend Vision One vs Trellix Endpoint Detection and Response (EDR) Logo
Trend Vision One vs Trellix Endpoint Detection and Response (EDR)
Compared 9% of the time
Trellix Active Response vs Trellix Endpoint Detection and Response (EDR) Logo
Trellix Active Response vs Trellix Endpoint Detection and Response (EDR)
Compared 5% of the time
More Trellix Endpoint Detection and Response (EDR) Competitors
 

Product Reports

Buyer's Guide
Morphisec
September 2025
Morphisec reportDownload Morphisec product report
Buyer's Guide
Trellix Endpoint Detection and Response (EDR)
September 2025
Trellix Endpoint Detection and Response (EDR) reportDownload Trellix Endpoint Detection and Response (EDR) product report
 

Also Known As

Morphisec, Morphisec Moving Target Defense
McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response
 

Overview

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

  • Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
  • Memory Morphing: Hides processes to reduce attack surfaces
  • Signatureless Protection: Prevents threats without impacting performance
  • Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
  • Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

  • Quick Deployment: Fast setup without disrupting operations
  • Enhanced Protection: Provides an additional defense layer against advanced threats
  • Cost-Effectiveness: Works with existing licenses, minimizing extra investments
  • Improved Compatibility: Integrates smoothly with current antivirus systems
  • Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec

Reduce Alert Noise

Reduce the time to detect and respond to threats. Trellix EDR helps security analysts quickly prioritize threats and minimize potential disruption.

Do More with Existing Resources

Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources—reducing the need for more SOC resources.

Low-Maintenance Cloud Solution

Cloud-based deployment and analytics enables your skilled security analysts to focus on strategic defense, instead of tool maintenance. Benefit from implementing the right solution for you.

Trellix
 

Sample Customers

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Sutherland Global Services
Buyer's Guide
Morphisec vs. Trellix Endpoint Detection and Response (EDR)
September 2025
Free Report: Morphisec vs. Trellix Endpoint Detection and Response (EDR)
Find out what your peers are saying about Morphisec vs. Trellix Endpoint Detection and Response (EDR) and other solutions. Updated: September 2025.
DOWNLOAD NOW
869,566 professionals have used our research since 2012.
See our Morphisec vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.