Try our new research platform with insights from 80,000+ expert users

Morphisec vs Trellix Network Detection and Response comparison

Morphisec and Trellix are both solutions in the Advanced Threat Protection (ATP) category. Morphisec is ranked #34, while Trellix is ranked #12 with an average rating of 7.8. Morphisec holds a 1.3% mindshare in ATP, compared to Trellix’s 3.9% mindshare. Additionally, 100% of Morphisec users are willing to recommend the solution, compared to 97% of Trellix users who would recommend it.
Morphisec
Read 21 Morphisec reviews
  • 2,420 Views
  • 290 Comparison Views
100% willing to recommend
Trellix Network Detection a...
Read 40 Trellix Network Detection and Response reviews
  • 2,271 Views
  • 1,113 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 1, 2024

Trellix Network Detection and Response and Morphisec compete in the network security category. Morphisec seems to have the upper hand due to its adaptability and lower resource impact.

Features: Trellix Network Detection and Response is known for its robust threat detection capabilities, including zero-day attack detection, application filtering, and real-time response. The integration with CM, deep malware analysis, and incident response are significant strengths. Morphisec stands out with its signatureless approach, in-memory attack protection, and Moving Target Defense. It provides seamless integration with Microsoft Defender.

Room for Improvement: Trellix faces challenges with high false positives and lacks certain advanced features like granular reporting and better integration capabilities. Users desire improved cloud connection, more customization, and simplified VM management. Morphisec could enhance its reporting functionality and reduce false positives. Users also seek better customer interaction and improved cloud deployment efficiency.

Ease of Deployment and Customer Service: Trellix primarily utilizes on-premises deployment, which can be less flexible compared to Morphisec's options ranging from public and private cloud to hybrid cloud configurations. This flexibility gives Morphisec an edge in adaptability. In terms of customer service, Trellix is praised for global support, while Morphisec is recognized for educational pricing and customer accommodation.

Pricing and ROI: Trellix is perceived as pricier, justified by its comprehensive threat detection capabilities and is seen as a high-value investment by some users. Morphisec is competitively priced, offering significant cost benefits, especially compared to more expensive solutions like CrowdStrike. Both products report strong ROI, with Morphisec noted for preventing breaches efficiently.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Morphisec vs. Trellix Network Detection and Response Report (Updated: December 2025).
Buyer's Guide
Morphisec vs. Trellix Network Detection and Response
December 2025
Download the complete report
Helped 879,422 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Morphisec
Ranking in Advanced Threat Protection (ATP)
34th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (53rd), Endpoint Protection Platform (EPP) (52nd), Endpoint Detection and Response (EDR) (60th), Cloud Workload Protection Platforms (CWPP) (34th), Threat Deception Platforms (19th)
Trellix Network Detection a...
Ranking in Advanced Threat Protection (ATP)
12th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
40
Ranking in other categories
Network Detection and Response (NDR) (10th)
 

Mindshare comparison

As of January 2026, in the Advanced Threat Protection (ATP) category, the mindshare of Morphisec is 1.3%, up from 0.7% compared to the previous year. The mindshare of Trellix Network Detection and Response is 3.9%, up from 3.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP) Market Share Distribution
ProductMarket Share (%)
Trellix Network Detection and Response3.9%
Morphisec1.3%
Other94.8%
Advanced Threat Protection (ATP)
 

Featured Reviews

Rick Schibler - PeerSpot reviewer
Rick Schibler
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
Read full review
Jose Vargas - PeerSpot reviewer
Jose Vargas
Agente De Servicios Técnicos at a computer software company with 11-50 employees
Has improved threat detection workflows and supports seamless customer monitoring
The best features Trellix Network Detection and Response offers include very good threat detection, and I believe that it is one of the best XDR tools. For example, ePO and XDR components are very comfortable and similar to many other tools for this type of monitoring, and I have received very good feedback for this tool. What makes Trellix Network Detection and Response stand out for me compared to other tools is the way you can detect threats. It is very easy and comfortable to use, and the detection shows clearly on the screen, which is very easy to understand. Regarding the features, I think that the integration with other platforms is very comfortable with the customer because we can integrate it with any switch or firewall, and it is comfortable to add this tool. Trellix Network Detection and Response has positively impacted my organization as I have improved my knowledge about detection and response. I have already used some other tools such as CrowdStrike and Umbrella, but Trellix is one of the best that I have tested. I believe that for my organization, Trellix has helped a lot with detection and supported our customers effectively. Trellix Network Detection and Response is a great tool that integrates with a lot of security tools such as Palo Alto, which is a good firewall. If you have these types of tools, your organization would benefit greatly.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"Morphisec is a straightforward solution that is efficient and very stable."
"We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it."
More Morphisec pros
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The installation phase was easy."
"Very functional and good for detecting malicious traffic."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The most valuable feature is the network security module."
More Trellix Network Detection and Response pros
 

Cons

"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"I haven't been able to get the cloud deployment to work. When there's an update, I'm supposed to be able to roll it out for the cloud solution, but right now I'm continuing to use our SCCM solution to update it."
"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."
"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."
More Morphisec cons
"I would like to see in Trellix Network Detection and Response more explanation about some details of the threat, and I wish it had more actions that you can take to contain the host or move it somewhere else."
"We'd like the potential for better scaling."
"The Trellix solution could be improved by enhancing the Central Management Console for faster visibility, which would help in network detection response."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"Technical support needs improvement as sometimes engineers are not available promptly, especially during high-severity incidents."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
More Trellix Network Detection and Response cons
 

Pricing and Cost Advice

"The pricing is definitely fair for what it does."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
More Morphisec pricing and cost advice
"The tool is a bit pricey."
"When you purchase FireEye Network Security NX, will need to purchase a megabit per second package. You must know your needs from day one."
"Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
"It's an expensive solution."
"We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
"There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."
"The pricing is a little high."
"Pricing and licensing are reasonable compared to competitors."
More Trellix Network Detection and Response pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
879,422 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Outsourcing Company
16%
Manufacturing Company
11%
Computer Software Company
9%
Financial Services Firm
8%
Comms Service Provider
13%
Manufacturing Company
12%
Financial Services Firm
12%
Government
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise8
Large Enterprise19
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about FireEye Network Security?
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement an...
See all answers
What is your experience regarding pricing and costs for FireEye Network Security?
My experience with pricing, setup cost, and licensing for Trellix Network Detection and Response is very great.
See all answers
What needs improvement with FireEye Network Security?
I would like to see in Trellix Network Detection and Response more explanation about some details of the threat, and I wish it had more actions that you can take to contain the host or move it some...
See all answers
 

Comparisons

Halcyon vs Morphisec Logo
Halcyon vs Morphisec
Compared 18% of the time
CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 14% of the time
Deep Instinct Prevention Platform vs Morphisec Logo
Deep Instinct Prevention Platform vs Morphisec
Compared 11% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 8% of the time
Hyver vs Morphisec Logo
Hyver vs Morphisec
Compared 8% of the time
More Morphisec Competitors
Palo Alto Networks WildFire vs Trellix Network Detection and Response Logo
Palo Alto Networks WildFire vs Trellix Network Detection and Response
Compared 9% of the time
Fortinet FortiSandbox vs Trellix Network Detection and Response Logo
Fortinet FortiSandbox vs Trellix Network Detection and Response
Compared 8% of the time
Darktrace vs Trellix Network Detection and Response Logo
Darktrace vs Trellix Network Detection and Response
Compared 5% of the time
Zabbix vs Trellix Network Detection and Response Logo
Zabbix vs Trellix Network Detection and Response
Compared 5% of the time
Trend Micro Deep Discovery vs Trellix Network Detection and Response Logo
Trend Micro Deep Discovery vs Trellix Network Detection and Response
Compared 5% of the time
More Trellix Network Detection and Response Competitors
 

Product Reports

Buyer's Guide
Morphisec
December 2025
Morphisec reportDownload Morphisec product report
Buyer's Guide
Trellix Network Detection and Response
December 2025
Trellix Network Detection and Response reportDownload Trellix Network Detection and Response product report
 

Also Known As

Morphisec, Morphisec Moving Target Defense
FireEye Network Security, FireEye
 

Overview

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

  • Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
  • Memory Morphing: Hides processes to reduce attack surfaces
  • Signatureless Protection: Prevents threats without impacting performance
  • Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
  • Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

  • Quick Deployment: Fast setup without disrupting operations
  • Enhanced Protection: Provides an additional defense layer against advanced threats
  • Cost-Effectiveness: Works with existing licenses, minimizing extra investments
  • Improved Compatibility: Integrates smoothly with current antivirus systems
  • Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec

Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.

Trellix
 

Sample Customers

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
Buyer's Guide
Morphisec vs. Trellix Network Detection and Response
December 2025
Free Report: Morphisec vs. Trellix Network Detection and Response
Find out what your peers are saying about Morphisec vs. Trellix Network Detection and Response and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,422 professionals have used our research since 2012.
See our Morphisec vs. Trellix Network Detection and Response report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.