Try our new research platform with insights from 80,000+ expert users

Morphisec vs TrendAI Vision One – Endpoint Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 26, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
5th
Ranking in Endpoint Detection and Response (EDR)
8th
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
105
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
52nd
Ranking in Endpoint Detection and Response (EDR)
60th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (54th), Advanced Threat Protection (ATP) (32nd), Cloud Workload Protection Platforms (CWPP) (34th), Threat Deception Platforms (20th)
TrendAI Vision One – Endpoi...
Ranking in Endpoint Protection Platform (EPP)
9th
Ranking in Endpoint Detection and Response (EDR)
9th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
134
Ranking in other categories
Endpoint Compliance (3rd)
 

Mindshare comparison

As of February 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.1% compared to the previous year. The mindshare of Morphisec is 0.6%, up from 0.4% compared to the previous year. The mindshare of TrendAI Vision One – Endpoint Security is 1.7%, down from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks3.4%
Trend Vision One Endpoint Security1.7%
Morphisec0.6%
Other94.3%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
reviewer1739325 - PeerSpot reviewer
CISO at a media company with 10,001+ employees
Easy to deploy and configure, stable, and has good support
The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not. It blocks the behavior automatically but it is quite difficult to check the reason for this, and it is something that we are discussing with Morphisec. We need to have better reporting features that are able to produce KPIs that we can show to management. Improved analytics reports would help us to understand what type of attack it is and how it was able to reach a particular computer.
Oleksii Pavlyk - PeerSpot reviewer
Head of security of digital systems, electronic databases and networks at Ukreximbank
Centralized console has improved visibility while setup remains quick on diverse environments
I don't know why I find it valuable; my colleague administrated it, but I was the chief of a team of six people, and one of them administered this product, which worked well for defending our servers. I don't know what the best features of Trend Vision One Endpoint Security are; it performs well compared to other products, and I am curious about it, but I cannot think of specific features. Perhaps my colleagues could provide that information, but I do not have that knowledge. The centralized console helps my team greatly; it is very convenient as everything is all in one console, not only EDR but many other products, such as email security and XDR features. Trend Vision One Endpoint Security positively impacts our organization as it is very simple to install on Windows and Linux servers; it is not very difficult to install.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution allows control over the user and his machine through Cortex XDR security policies."
"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."
"Cortex is the best tool for endpoint detection, with playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."
"What I like about Cortex XDR by Palo Alto Networks is that it is a comprehensive solution that contains everything the organization may need when using endpoints."
"The initial setup isn't too bad."
"The tool's use cases are relevant to security."
"Based on my experience, I would recommend Cortex XDR by Palo Alto Networks to other people."
"We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it."
"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"What's valuable is really the whole kit and caboodle of the Morphisec agent. What it does is genius, in a way, until the bad guys get wise to it. You set it up and then you watch the dashboard. There isn't really much tinkering."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."
"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."
"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."
"I have found Trend Micro Apex One to be secure."
"The solution offers great visibility into their IT infrastructure and uses industry-leading threat intelligence strategies."
"One of the better features, in my opinion, is that it also makes use of a web reputation. For example, if someone accidentally clicks on a link in an email that leads to a malicious website, they will block it."
"This solution protects us from virus attacks before they affect the organization."
"The most valuable feature is the antivirus."
"The number of accessories included is the most valuable feature."
"The most valuable feature of Trend Micro Apex One is the response time and detection module."
"The solution can scale."
 

Cons

"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"It is an enterprise-level solution. Its price could be less expensive."
"Impact on system performance is horrible, adding a lot of delays for users."
"The main issue I could point out is the offline agents and the way that it is missing."
"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."
"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."
"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
"It might be a bit much to ask, but we are now beginning to use Morphisec Scout, which provides vulnerability information. At this time, it's recognizing vulnerabilities and reporting them to us, but it's not necessarily resolving them. There's still a separate manual process to resolve those vulnerabilities, primarily through upgrades. We have to do that outside of Morphisec. If Morphisec could somehow have that capability built into it, that would be very effective."
"Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet."
"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"Some of our customers need to add cache file signatures in Trend Micro Apex One, but it is currently not a supported feature."
"Apex One uses a lot of RAM and other physical resources, and I also don't like the web interface."
"Apex One could improve endpoint patching. For example, Kaspersky can download Microsoft updates and install them. Having that feature in the cloud application would help a lot."
"We had a few occasions where we had to turn off our clients' computers to upgrade the drivers."
"Trend Micro Apex One could include more in-depth endpoint protection."
"We had some problems with Trend Micro Apex One doing the updates and patches. Some of the other vendor's support has said that Trend Micro Apex One receives database signatures updates too late."
"I would like to see better reporting."
"We have found that this product is a bit heavy on the endpoints."
 

Pricing and Cost Advice

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"Its pricing is kind of in line with its competitors and everybody else out there."
"The price was fine."
"Cortex XDR’s pricing is very reasonable."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"It has reasonable pricing for the use cases it provides to the company."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"It has a per-user license."
"Apex One has a high cost."
"The SaaS version is competitively priced and amazingly easy to set up."
"If I compare Trend Micro Apex One with other solutions there are a few challenges for customers who have do not need more licenses. Sometimes the customers struggle because this product is totally an enterprise solution, and the price for the licenses can be expensive for individuals or small organizations."
"When compared with other solutions, the price could be better."
"The licensing fee and support are bundled together."
"Licensing costs depend completely on the number of users or licenses. They have a specific pricing structure. For example, if you are looking for 100 users to be on the product, in the Indian market (we're based in India), the cost is nearly $2,500 to $3,000 maximum for one three-year license."
"Trend Micro Apex One's pricing is good."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
882,886 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
10%
Financial Services Firm
10%
Manufacturing Company
8%
Government
6%
Outsourcing Company
18%
Manufacturing Company
10%
Financial Services Firm
8%
Computer Software Company
7%
Computer Software Company
12%
Financial Services Firm
9%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business42
Midsize Enterprise21
Large Enterprise47
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise36
Large Enterprise60
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What's the difference between Trend Micro Deep Security and Trend Micro Apex One?
Trend Micro Deep Security offers a lot of features. It guarantees security for your data center, cloud, and container...
What do you like most about Trend Micro Apex One?
It is updated automatically without much intervention from our side. We can also get some reports easily.
What is your experience regarding pricing and costs for Trend Micro Apex One?
Regarding the price, there was a tender, and Trend Micro won; the price was good.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Morphisec, Morphisec Moving Target Defense
Trend Micro Apex One, OfficeScan, Trend Micro OfficeScan
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Atma Jaya Catholic University of Indonesia, A&W Food Services of Canada, Babou, Beth Israel Deaconess Care Organization (BO), DCI Donor Services, Evalueserve, Gulftainer, Hiroshima Prefectural Government, MEDHOST
Find out what your peers are saying about Morphisec vs. TrendAI Vision One – Endpoint Security and other solutions. Updated: January 2026.
882,886 professionals have used our research since 2012.