Symantec XDR vs Trellix XDR comparison

Broadcom and Trellix are both solutions in the Extended Detection and Response (XDR) category. Broadcom is ranked #46, while Trellix is ranked #33 with an average rating of 8.0. Broadcom holds a 0.4% mindshare in XDR, compared to Trellix’s 0.6% mindshare. Additionally, 100% of Broadcom users are willing to recommend the solution, compared to 100% of Trellix users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Symantec XDR and Trellix XDR based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, TrendAI and others in Extended Detection and Response (XDR).

To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: February 2026).

Buyer's Guide

Extended Detection and Response (XDR)

February 2026

Download the complete report

Helped 885,728 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

As of April 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.9%, down from 5.6% compared to the previous year. The mindshare of Symantec XDR is 0.4%, up from 0.1% compared to the previous year. The mindshare of Trellix XDR is 0.6%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR) Mindshare Distribution
Product	Mindshare (%)
Cortex XDR by Palo Alto Networks	4.9%
Trellix XDR	0.6%
Symantec XDR	0.4%
Other	94.1%

Extended Detection and Response (XDR)

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

BILALRAZA

Cyber Security Consultant at I(TS)² Saudi Arabia

A scalable and stable solution with straightforward deployment

We can generate maps from the environment. For example, suppose there is a virus that has a zero-day attack and is publicly unknown. We can block that and keep it away from the network so it is not further replicated. It also has custom white and black lists. We can add a good reputation on both lists and use the sonar technology for Symantec and the online network for advanced reports.

Read full review

PankajKumar24

IT Manager at Gigabit Technologies Pvt Ltd

Centralized security console has unified threat telemetry and automated investigation playbooks

The CPU utilization is very high with Trellix XDR. We are getting multiple types of CPU utilization from the EPP solution, with the EPP agent reaching as high as 80 percent CPU utilization. This creates big challenges for us. The support experience is also concerning. When we require support from Trellix immediately with high priority, we receive multiple emails requesting logs of various types. After that, we have to escalate to Trellix higher management, and then their agent will come in for a remote session to resolve any issues. I would give them eight out of ten points because of the high CPU utilization and the delayed support we experience.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"We think that this product will help us grow, as it meets our needs currently and we can grow with it over time."

"It's a perfect solution. It integrates well into the environment."

"Traps pays for itself within the first 16 months of a three-year subscription."

"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."

"The normal protection was really effective, and we detected situations that if we didn't have Cortex XDR by Palo Alto Networks, it's highly likely that we would have been affected, but it protected the infrastructure."

"The solution allows control over the user and his machine through Cortex XDR security policies."

"Stability is one of the features we like the most."

"The initial setup isn't too bad."

More Cortex XDR by Palo Alto Networks pros

"You can advise the solution and protect your environment."

"We can block a virus that has a zero-day attack and is publicly unknown and keep it away from the network so it is not further replicated."

"Trellix XDR is an excellent solution that is continually improving."

"It contributes to our system's robust event detection and analysis, enabling us to respond effectively to incidents."

"Because Trellix gives us multiple types of modules, we are using a single ePO console for multiple solutions including application control, DLP, and XDR."

"The analytics assessment and flexibility of the platform are valuable."

Cons

"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."

"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."

"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."

"We would also like to have advanced tech protection and email scanning."

"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."

"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."

"It is not easy to sell Cortex XDR, not because it isn't a good tool."

"One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well."

More Cortex XDR by Palo Alto Networks cons

"The solution should have better reporting."

"The CPU utilization is very high with Trellix XDR; we are getting multiple types of CPU utilization from the EPP solution, with the EPP agent reaching as high as 80 percent CPU utilization, which creates big challenges for us."

"The platform should enhance compatibility with all other SIEM solutions."

"Technical support is crucial, especially when facing critical issues. It's rated six out of ten. Improvements are needed in the support sector, with a focus on providing expert assistance during production periods."

"The EdgeGear solution is an area that requires attention, specifically regarding AI solutions and intelligence features."

Pricing and Cost Advice

"The price was fine."

"This is an expensive solution."

"I am using the Community edition."

"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."

"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."

"Compared to CrowdStrike, Cortex XDR is an expensive solution."

"Cortex XDR by Palo Alto Networks is quite an expensive solution."

"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."

More Cortex XDR by Palo Alto Networks pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

885,728 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Construction Company

15%

Manufacturing Company

Comms Service Provider

Computer Software Company

No data available

Computer Software Company

20%

Healthcare Company

Government

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	20
Large Enterprise	48

No data available

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

See all answers

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for Trellix XDR?

Since I'm a technical engineer, I don't deal with pricing or licensing. Our sales team handles those aspects.

See all answers

What needs improvement with Trellix XDR?

The CPU utilization is very high with Trellix XDR. We are getting multiple types of CPU utilization from the EPP solu...

See all answers

What is your primary use case for Trellix XDR?

We are selling Trellix XDR products including DLP and EPP solutions. We sell Trellix XDR for endpoint protection. We ...

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 8% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 6% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

Wazuh vs Symantec XDR

Compared 38% of the time

Trellix Endpoint Security Platform vs Symantec XDR

Compared 33% of the time

Microsoft Defender XDR vs Symantec XDR

Compared 29% of the time

More Symantec XDR Competitors

CrowdStrike Falcon vs Trellix XDR

Compared 41% of the time

SentinelOne Singularity Complete vs Trellix XDR

Compared 32% of the time

Trellix Endpoint Security Platform vs Trellix XDR

Compared 14% of the time

Mandiant Advantage vs Trellix XDR

Compared 13% of the time

More Trellix XDR Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

March 2026

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Extended Detection and Response (XDR)

February 2026

Download Symantec XDR product report

Buyer's Guide

Extended Detection and Response (XDR)

February 2026

Download Trellix XDR product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

No data available

MVision XDR, MVision eXtended Detection and Response

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Symantec Enterprise Security Products are now part of Broadcom. The consumer division of Symantec Corp. is now NortonLifeLock Inc. -- a standalone company dedicated to consumer cyber safety.

Broadcom

Gain greater visibility and superior detection with Trellix XDR. This constantly evolving cybersecurity platform defends against today’s and tomorrow’s most sophisticated threats with advanced capabilities such as machine learning and embedded cyber intelligence.

Trellix

Sample Customers

CBI Health Group, University Honda, VakifBank

Information Not Available

Buyer's Guide

Extended Detection and Response (XDR)

February 2026

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, TrendAI and others in Extended Detection and Response (XDR). Updated: February 2026.

DOWNLOAD NOW

885,728 professionals have used our research since 2012.

See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.