No more typing reviews! Try our Samantha, our new voice AI agent.

Morphisec vs TrendAI Vision One – Endpoint Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 26, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
48th
Ranking in Endpoint Detection and Response (EDR)
61st
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (57th), Advanced Threat Protection (ATP) (30th), Cloud Workload Protection Platforms (CWPP) (35th), Threat Deception Platforms (15th)
TrendAI Vision One – Endpoi...
Ranking in Endpoint Protection Platform (EPP)
13th
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
134
Ranking in other categories
Endpoint Compliance (3rd)
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Morphisec is 1.0%, up from 0.4% compared to the previous year. The mindshare of TrendAI Vision One – Endpoint Security is 1.9%, up from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
TrendAI Vision One – Endpoint Security1.9%
Morphisec1.0%
Other93.3%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
Oleksii Pavlyk - PeerSpot reviewer
Head of security of digital systems, electronic databases and networks at Ukreximbank
Centralized console has improved visibility while setup remains quick on diverse environments
I don't know why I find it valuable; my colleague administrated it, but I was the chief of a team of six people, and one of them administered this product, which worked well for defending our servers. I don't know what the best features of Trend Vision One Endpoint Security are; it performs well compared to other products, and I am curious about it, but I cannot think of specific features. Perhaps my colleagues could provide that information, but I do not have that knowledge. The centralized console helps my team greatly; it is very convenient as everything is all in one console, not only EDR but many other products, such as email security and XDR features. Trend Vision One Endpoint Security positively impacts our organization as it is very simple to install on Windows and Linux servers; it is not very difficult to install.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The user interface of the solution is sophisticated and straightforward."
"The tool's use cases are relevant to security."
"The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources."
"The solution doesn't need a high level of technical training."
"What I like about Cortex XDR by Palo Alto Networks is that it is a comprehensive solution that contains everything the organization may need when using endpoints."
"If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex."
"We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities."
"The solution helps find bugs, and it is safe to use to prevent attacks by hackers."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."
"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."
"We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it."
"Since we started using Morphisec, that hasn't happened even once."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"In a month, we are saving the effort of four to five days, and earlier we used to have a dedicated person and now we don't need a dedicated resource, which has reduced our security spending and we are saving approximately $600 a month."
"It's a stable solution, to date we have not had any issues."
"We've found the technical support to be very helpful overall."
"The solution is stable and integrated into the system quite well."
"Trend Micro Apex One has good features and is lightweight."
"Along with the anti-malware, it has a built-in device control and DLP."
"Its ability to detect ransomware and malware is the most valuable. Its protection is also good."
"The most valuable feature is that it's normal, and not for a specific server."
"This is a very good product for our customers, and I use the application control, vulnerability protection, and behavior monitoring which are all great features."
 

Cons

"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"There are some limitations on the Traps agents."
"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"A better pricing plan would make this product more competitive."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"It would be useful for them if they had some kind of network discovery."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
"The only problem is that their support lives in Israel, so the time zones are a bit off, but I've never had any complaint beyond that."
"I haven't been able to get the cloud deployment to work. When there's an update, I'm supposed to be able to roll it out for the cloud solution, but right now I'm continuing to use our SCCM solution to update it."
"Having to have an on-prem server required a lot of administration."
"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."
"The DLP model needs improvement."
"The console can be better in terms of management and viewing the hierarchy of devices. Currently, setting up the hierarchy OU-wise is a bit cumbersome. It can be made a bit easier. If that can be more user-friendly and easier to manage, it would be great."
"The endpoints should be addressed. Occasionally, certain driver versions, such as the original PC drivers and the ones that are HP, would read something as an external threat and this would cause us problems."
"The pricing is very high."
"Trend Micro is a basic solution, but the problem is that it is more exclusive."
"We had a few occasions where we had to temporarily turn off the solution on our clients' computers to upgrade the drivers."
"The only concern that I have is with Trend Micro not having Cloud Proxy integrated into the same agent and the same console."
"They should include easy-to-use connectors to make it easier to connect to SIEM."
 

Pricing and Cost Advice

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"Our customers have expressed that the price is high."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"This is an expensive solution."
"I don't have any issues with the pricing. We are satisfied with the price."
"The price is on the higher side, but it's okay."
"The price of the solution is high for the license and in general."
"The pricing is a little high. It is per user per year."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"The pricing is definitely fair for what it does."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"Licensing costs depend completely on the number of users or licenses. They have a specific pricing structure. For example, if you are looking for 100 users to be on the product, in the Indian market (we're based in India), the cost is nearly $2,500 to $3,000 maximum for one three-year license."
"The price of the solution was expensive in the first year we had it because we were purchasing it locally. This year we have a global discount for the license. There is an additional cost if you want maintenance support."
"Trend Micro Apex One is priced well."
"Its price is reasonable compared to other solutions."
"The price of the solution is fine."
"If I remember correctly, the cost is approximately four and a half thousand per year."
"Compared to other products on the market, I think that the pricing is reasonable."
"There is a license for this solution and it can be paid for monthly or annually."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
903,996 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Outsourcing Company
16%
Manufacturing Company
13%
Construction Company
12%
Financial Services Firm
10%
Financial Services Firm
13%
Construction Company
11%
Manufacturing Company
8%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise35
Large Enterprise61
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What's the difference between Trend Micro Deep Security and Trend Micro Apex One?
Trend Micro Deep Security offers a lot of features. It guarantees security for your data center, cloud, and container...
What is your experience regarding pricing and costs for Trend Micro Apex One?
Regarding the price, there was a tender, and Trend Micro won; the price was good.
What needs improvement with Trend Micro Apex One?
Trend Vision One Endpoint Security can be improved in application control. We have seen that there are multiple ways ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Morphisec, Morphisec Moving Target Defense
Trend Micro Apex One, OfficeScan, Trend Micro OfficeScan
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Atma Jaya Catholic University of Indonesia, A&W Food Services of Canada, Babou, Beth Israel Deaconess Care Organization (BO), DCI Donor Services, Evalueserve, Gulftainer, Hiroshima Prefectural Government, MEDHOST
Find out what your peers are saying about Morphisec vs. TrendAI Vision One – Endpoint Security and other solutions. Updated: June 2026.
903,996 professionals have used our research since 2012.