No more typing reviews! Try our Samantha, our new voice AI agent.

SanerNow CyberHygiene Platform vs Trellix Endpoint Security Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 22, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
SanerNow CyberHygiene Platform
Ranking in Endpoint Detection and Response (EDR)
42nd
Average Rating
9.6
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
Vulnerability Management (49th), Patch Management (17th), Risk-Based Vulnerability Management (19th)
Trellix Endpoint Security P...
Ranking in Endpoint Detection and Response (EDR)
8th
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
168
Ranking in other categories
Endpoint Protection Platform (EPP) (7th), Extended Detection and Response (XDR) (8th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of SanerNow CyberHygiene Platform is 0.7%, up from 0.1% compared to the previous year. The mindshare of Trellix Endpoint Security Platform is 3.1%, down from 4.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Trellix Endpoint Security Platform3.1%
SanerNow CyberHygiene Platform0.7%
Other92.6%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JU
Information Technology Supervisor at DMCI Homes, Inc.
Can automate updates and manage software licenses more effectively
Our team uses the SanerNow CyberHygiene Platform for threat detection, focusing on features like vulnerabilities and asset exposure. The asset exposure feature is packaged with software licenses and machines. We get the latest updates and patches for Windows workstations and applications for remediation. We can automate these updates, which greatly improves our previous manual and scripting-based tools. Before, we struggled with setting policies and making changes to workstations. Now, we can automate updates and manage software licenses more effectively. We monitor who's using various licenses like Office, CAD, Visio, and Lumion.
AmitKumar22 - PeerSpot reviewer
Product Manager at Frontier Business systems
Strong endpoint protection has simplified compliance and reduced effort for large user environments
One of the best features of Trellix Endpoint Security Platform is its endpoint security, and I have been using it for the last four and a half to five years, so I can say this is one of the best EDR endpoint security solutions I have ever seen. The features that make Trellix Endpoint Security Platform stand out for me are ease of use and analytics, which I really appreciate the most. Trellix Endpoint Security Platform positively impacts my organization, ensuring we are compliant with SOC 2, HIPAA, and all other compliance requirements, so there are no issues with that.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The behavior-based detection feature is valuable."
"Threat identification and detection are the most valuable features of this solution."
"If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"I generally believe that Cortex XDR by Palo Alto Networks is probably the best in the market right now."
"The solution's most valuable feature is its ability to rapidly detect certain hardware files."
"I like that the product has behavior-based detection which offers many benefits over signature-based detection."
"I've found the solution to be highly scalable for enterprises."
"Our team uses the SanerNow CyberHygiene Platform for threat detection, focusing on features like vulnerabilities and asset exposure. The asset exposure feature is packaged with software licenses and machines. We get the latest updates and patches for Windows workstations and applications for remediation. We can automate these updates, which greatly improves our previous manual and scripting-based tools."
"Although it is, in fact, a complete vulnerability management solution, the most valuable feature is the patch management functionality. Most of our customers give preference to this tool over other tools when it comes to patch management."
"This gives us a more secure and completely scalable zero-day model security product to the endpoint."
"The features of Trellix Endpoint Security Platform have greatly improved my day-to-day work; I no longer lose sleep over potential data breaches or ransomware attacks as the solution gives me peace of mind, allowing my users to work from various locations with less concern about security."
"The endpoint protection and disk encryption features are the most valuable."
"The technical support services are good."
"It provides a lot of information and great visibility, with really great options for managing the environment."
"For those who can't afford expensive cybersecurity professionals but are responsible for configuring the security of the organization, MVISION Endpoint is a good product to go with."
"I recommend Trellix Endpoint Security to others as it seems like one of the industry standards and is fairly stable."
"The installation is pretty straightforward."
 

Cons

"Dashboards do not allow everyone to see what's happening."
"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."
"As an improvement, I would like to see enhanced connection speeds."
"The negative aspect I see is the economic model used by Palo Alto."
"I think sometimes Cortex XDR agent automatically stops event capturing from the device, and then even the dashboard does not get any notifications from the agent."
"Based on our experience so far, its implementation is quite complex."
"A little bit more automation would be nice."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"SanerNow CyberHygiene Platform needs to incorporate more documentation."
"SanerNow has good integration with the more well known ITSM tools, but at the same time there are many other ITSM (IT Service Management) tools available in the market, including local tools here in India, and I'm not sure how SanerNow plans to integrate with them all out of the box."
"The solution is not stable and the ecosystem enters the picture for those responsible."
"I give it a seven because in today's scenario, the portal is complicated to handle."
"The customization capabilities of the solution are an area where it lacks, so it would be great if our company could customize the solution to meet the demands of our customers."
"We'd like better UI on the management screen."
"The initial setup isn't so easy. You need to know what you are doing."
"It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
"The software download features could stand improvement."
"An area in need of improvement involves the overview, which usually does not enable one to get the value in reports."
 

Pricing and Cost Advice

"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"The price of the solution is high for the license and in general."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"It has a yearly renewal."
"Very costly product."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"It's about $55 per license on a yearly basis."
"The pricing is reasonable - we paid about 2.5 million for 3,500 nodes."
"As with several other solutions such as Microsoft MECM and SCCM, the licensing for SanerNow involves per-device pricing for each kind of product or service on offer."
"It was an annual fee. There was just one overall fee."
"We had a discount when purchasing the solution because of the size of our company and we are happy with the price."
"The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license."
"The pricing is great and licensing fees are billed on a yearly basis."
"The price of this product is good."
"It is not so cheap in comparison to Sophos and other solutions."
"I don't think there are any extra expenses besides its licensing costs."
"No comment."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Outsourcing Company
14%
Construction Company
8%
Retailer
8%
Financial Services Firm
8%
Manufacturing Company
11%
Financial Services Firm
11%
Government
9%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business68
Midsize Enterprise39
Large Enterprise67
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for SanerNow?
The pricing is reasonable - we paid about 2.5 million for 3,500 nodes.
What needs improvement with SanerNow?
SanerNow CyberHygiene Platform needs to incorporate more documentation.
What is your primary use case for SanerNow?
We use the tool for patch, application, and vulnerability management.
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deplo...
How does Crowdstrike Falcon compare with FireEye Endpoint Security?
The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effec...
What is your experience regarding pricing and costs for McAfee Endpoint Security?
I don't have visibility on pricing because it is negotiated by a different team, as I look after the technical side.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
SecPod SanerNow, SanerNow RP
McAfee Endpoint Security, McAfee Endpoint Protection, Intel Security Total Protection for Endpoint, McAfee Complete Endpoint Protection, Trellix Endpoint Security (ENS)
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Siemens, Aruba, SironLabs, POS Aviation, Kotak, Kaizen Automotive, Amagi, McNeilus Steel, Claremont, Glassbeam, Marlabs, Amazon Web Services
inHouseIT, Seagate Technology
Find out what your peers are saying about SanerNow CyberHygiene Platform vs. Trellix Endpoint Security Platform and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.