No more typing reviews! Try our Samantha, our new voice AI agent.

Tanium vs Trellix Endpoint Detection and Response (EDR) comparison

Tanium and Trellix are both solutions in the Endpoint Detection and Response (EDR) category. Tanium is ranked #21 with an average rating of 8.5, while Trellix is ranked #23 with an average rating of 6.8. Tanium holds a 2.0% mindshare in EDR, compared to Trellix’s 1.1% mindshare. Additionally, 80% of Tanium users are willing to recommend the solution, compared to 82% of Trellix users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 8,057 Comparison Views
96% willing to recommend
Tanium
Read 22 Tanium reviews
  • 11,420 Views
  • 3,997 Comparison Views
80% willing to recommend
Trellix Endpoint Detection ...
Read 25 Trellix Endpoint Detection and Response (EDR) reviews
  • 2,393 Views
  • 2,369 Comparison Views
82% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 18, 2026

Tanium and Trellix Endpoint Detection and Response (EDR) are key competitors in the cybersecurity domain, focusing on endpoint detection and response solutions. Trellix EDR may have a slight advantage due to its sophisticated analytics and automation capabilities.

Features: Tanium provides real-time data visibility, integrated threat detection, and comprehensive endpoint management. Trellix EDR offers behavior-based threat detection, automated responses, and deep forensic capabilities, with a strong focus on intelligence-driven threat mitigation.

Room for Improvement: Tanium could improve its complex setup process, expand integration options with third-party solutions, and enhance user interface for better navigation. Trellix EDR could benefit from streamlining its high initial cost, simplifying its user training requirements, and improving the depth of its reporting capabilities.

Ease of Deployment and Customer Service: Tanium is recognized for straightforward implementation and responsive customer support. Trellix EDR is celebrated for its adaptable deployment model fitting diverse environments, along with strong customer service and technical guidance, offering slight flexibility advantages.

Pricing and ROI: Tanium features a scalable pricing structure with favorable ROI, appealing to organizations seeking budget-friendly security investments. Trellix EDR, despite higher initial setup costs, offers strong ROI validated by its advanced features and operational efficiency, making it a compelling choice for enterprises focused on security.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Tanium vs. Trellix Endpoint Detection and Response (EDR) Report (Updated: March 2026).
Buyer's Guide
Tanium vs. Trellix Endpoint Detection and Response (EDR)
March 2026
Download the complete report
Helped 885,376 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
7th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
Tanium
Ranking in Endpoint Detection and Response (EDR)
21st
Average Rating
7.8
Reviews Sentiment
6.2
Number of Reviews
22
Ranking in other categories
Server Monitoring (3rd), Vulnerability Management (23rd), Endpoint Protection Platform (EPP) (19th), Unified Endpoint Management (UEM) (6th)
Trellix Endpoint Detection ...
Ranking in Endpoint Detection and Response (EDR)
23rd
Average Rating
7.4
Reviews Sentiment
6.8
Number of Reviews
25
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.0% compared to the previous year. The mindshare of Tanium is 2.0%, down from 2.4% compared to the previous year. The mindshare of Trellix Endpoint Detection and Response (EDR) is 1.1%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.4%
Tanium2.0%
Trellix Endpoint Detection and Response (EDR)1.1%
Other93.5%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
MA
Mairajuddin Ahmed
Division Manager, Information Technology at a legal firm with 51-200 employees
Centralized policies have improved remote endpoint control and have simplified data visibility
The integration is not simple and easy. It requires experienced users or people who have done the implementation. When certain policies are applied, they do not immediately push the policies. For example, we manage endpoint device USB access. We set a policy to block it, but it does not come into effect immediately. Sometimes it takes three or four days for it to reflect. That is a pain point. I have raised this issue with support as well, but they said that I need to limit the number of devices in the policy. In terms of application deployment, for us, it was seamless.
Read full review
CESARCASTRO - PeerSpot reviewer
CESARCASTRO
Committee Of IT Cybersececurity at a energy/utilities company with 51-200 employees
Cross-site threat hunting has improved visibility and supports proactive incident response
I believe this is a product in evolution. I do not think it is a final tool to conduct forensics or information forensics of the incidents or information incidents that could arise in our network infrastructure. Trellix Endpoint Detection and Response (EDR) is interesting and is a very good entry point that has been evolving through the last years. In the next two months, I have a new contract, and we are pointing out to have an XDR solution with NDR and EDR together. I do not have enough time to do it because I am the manager. However, my coworkers do not understand it yet. I have a contract with a third-party company that is making reports around that, but also they do not have enough experience or enough utility of this. It would be interesting if I have a notification system from EDR. For example, if I am the manager, it would be interesting to have a warning, alarm, or something around that which could call me to get into the system and the dashboard to see what is happening. For example, if it is a high-level threat. However, most of them are just advisory or warnings. I do not enter the tool frequently. I guess I access it once every three months.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex."
"The normal protection was really effective, and we detected situations that if we didn't have Cortex XDR by Palo Alto Networks, it's highly likely that we would have been affected, but it protected the infrastructure."
"Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."
"Based on my experience, I would recommend Cortex XDR by Palo Alto Networks to other people."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"The solution doesn't need a high level of technical training."
"Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."
"From a single pane of glass, you can easily manage all of your endpoints."
More Cortex XDR by Palo Alto Networks pros
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"The security features are very valuable."
"I find the inventory and compliance features of Tanium to be the most impressive."
"Tanium is stable and it is also lightweight."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."
"Tanium is highly scalable."
"The interrogation piece was the most valuable feature because it was very detailed."
More Tanium pros
"Trellix has done a good job reducing threats."
"The product is user-friendly."
"The most useful features are behavior monitoring, DLP, and access control. The automation has gotten much better in the last two years than when it was McAfee. It works better now and integrates more smoothly."
"The dashboard makes it easier and more effective to analyze data."
"Trellix Endpoint Detection and Response (EDR) does everything; it saves time, it saves money, and of course, it provides peace of mind."
"The investigation and rule detection feature of the solution has proven most useful for our company"
"This is a stable product."
"It is a scalable solution and very easy to use."
More Trellix Endpoint Detection and Response (EDR) pros
 

Cons

"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"There are some false positives."
"The downside to the solution is that there are a large number of false positives."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"If they had pulse rate detection, it would be better."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
More Cortex XDR by Palo Alto Networks cons
"The solution needs to improve the reporting and tracking capabilities."
"The main issues are the network connection because different customers have issues with their networks."
"Our biggest issue with the solution is its lack of mobility."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
"There are some bugs in the product. The tool needs to improve in the area of reporting."
"The solution can give a lot of false positives."
More Tanium cons
"The endpoints and utilization are too high, which impacts the production activity."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"I need some protection, possibly multi-factor authentication improvements."
"One of their issues is that they were very much based on agents, whereas most of the other solutions are clientless."
"The searching capabilities for the IOCs can be further improved"
"Trellix needs to focus on gaining traction with partners and building trust among users."
"Trellix does not support Linux and Mac."
"The technical support must be improved."
More Trellix Endpoint Detection and Response (EDR) cons
 

Pricing and Cost Advice

"I am using the Community edition."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"I don't recall what the cost was, but it wasn't really that expensive."
"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
"I feel it is fairly priced."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"The solution is expensive but it's a good investment."
"There is an annual license required to use this solution."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"The solution offers value for money."
"It's an expensive solution. It would be nice if the cost were lower."
"It is higher than some competitors in the market."
"Pricing for McAfee MVISION Endpoint Detection and Response is not that expensive, but it's not something that a startup could buy. Pricing for it is for midsized businesses. There's an additional payment if you want data retention for more than thirty days. They gave us data retention for thirty days. Then if you want longer data retention, they have the paid option for a three-month data retention period and for a one-year data retention period."
"Speaking about the price, you must use the product to find the product's cost for you."
"On a scale of one to ten, where one is low and ten is high, I rate the solution's pricing an eight out of ten."
"The pricing is always high."
"McAfee MVISION Endpoint Detection and Response is reasonable in terms of cost. It's a tool my company has been using for a few years now. It costs $25,000 to $30,000 for six hundred users."
"Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand."
"The licensing costs attached to the solution are very easy to manage. There is a need to make yearly payments towards the licensing costs."
"The price is reasonable."
More Trellix Endpoint Detection and Response (EDR) pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
885,376 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Manufacturing Company
8%
Computer Software Company
8%
Financial Services Firm
8%
Financial Services Firm
15%
Government
11%
Manufacturing Company
9%
Healthcare Company
7%
Financial Services Firm
12%
Government
10%
Computer Software Company
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise12
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise3
Large Enterprise11
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
See all answers
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the co...
See all answers
What advice do you have for others considering Tanium?
For smaller companies, Tanium is quite a big investment, and one needs to have a considerable setup to make it econom...
See all answers
What do you like most about McAfee MVISION Endpoint Detection and Response?
Trellix has a user-friendly interface.
See all answers
What is your experience regarding pricing and costs for McAfee MVISION Endpoint Detection and Response?
I pay for what we get. But the service level from my partner company is not enough to overcome a complex case.
See all answers
What needs improvement with McAfee MVISION Endpoint Detection and Response?
I believe this is a product in evolution. I do not think it is a final tool to conduct forensics or information foren...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
CrowdStrike Falcon vs Tanium Logo
CrowdStrike Falcon vs Tanium
Compared 7% of the time
Microsoft Defender for Endpoint vs Tanium Logo
Microsoft Defender for Endpoint vs Tanium
Compared 5% of the time
BigFix vs Tanium Logo
BigFix vs Tanium
Compared 4% of the time
NinjaOne vs Tanium Logo
NinjaOne vs Tanium
Compared 4% of the time
Tenable Security Center vs Tanium Logo
Tenable Security Center vs Tanium
Compared 2% of the time
More Tanium Competitors
Trellix Endpoint Security Platform vs Trellix Endpoint Detection and Response (EDR) Logo
Trellix Endpoint Security Platform vs Trellix Endpoint Detection and Response (EDR)
Compared 20% of the time
CrowdStrike Falcon vs Trellix Endpoint Detection and Response (EDR) Logo
CrowdStrike Falcon vs Trellix Endpoint Detection and Response (EDR)
Compared 10% of the time
TrendAI Vision One vs Trellix Endpoint Detection and Response (EDR) Logo
TrendAI Vision One vs Trellix Endpoint Detection and Response (EDR)
Compared 8% of the time
SentinelOne Singularity Complete vs Trellix Endpoint Detection and Response (EDR) Logo
SentinelOne Singularity Complete vs Trellix Endpoint Detection and Response (EDR)
Compared 6% of the time
Sangfor Endpoint Secure vs Trellix Endpoint Detection and Response (EDR) Logo
Sangfor Endpoint Secure vs Trellix Endpoint Detection and Response (EDR)
Compared 3% of the time
More Trellix Endpoint Detection and Response (EDR) Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Tanium
March 2026
Tanium reportDownload Tanium product report
Buyer's Guide
Trellix Endpoint Detection and Response (EDR)
March 2026
Trellix Endpoint Detection and Response (EDR) reportDownload Trellix Endpoint Detection and Response (EDR) product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Tanium Inc Cloud, Tanium XEM
McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Tanium offers robust endpoint protection, patching, and inventory management, consolidating the functions of tools like BigFix with capabilities in incident response, network security, and cloud or on-premise deployments.

Known for real-time capabilities, Tanium provides detailed analytics, security features, and device management. Users benefit from quick implementation, real-time updates, and patching campaigns. Despite its strengths, integration and custom plugin expansion remain areas to improve, along with data visualization and network optimization. Reporting enhancements and user training could advance its usability, and some UI elements may require updates for clarity and security.

What are the essential features of Tanium?
  • Detailed Analytics: Provides actionable insights for better decision-making.
  • Security Capabilities: Offers strong defense measures against threats.
  • Real-Time Queries: Facilitates immediate information access.
  • Patch Management: Streamlines software updates across devices.
  • Device Management: Efficiently handles comprehensive inventory and monitoring tasks.
What benefits should users expect?
  • Ease of Use: Simplifies complex IT tasks.
  • Scalability: Adapts to growing IT infrastructure needs.
  • Integration Flexibility: Merges with existing systems effortlessly.
  • Real-Time Updates: Ensures current data availability for informed actions.

Tanium's deployment spans industries focusing on endpoint protection and compliance, ensuring reliable device and server management in settings where safety and quick adaptation are critical. Organizations use it for application deployment, compliance checks, and integrating it as an EDR solution, enhancing overall security and operational efficiencies.

Tanium

Reduce Alert Noise

Reduce the time to detect and respond to threats. Trellix EDR helps security analysts quickly prioritize threats and minimize potential disruption.

Do More with Existing Resources

Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources—reducing the need for more SOC resources.

Low-Maintenance Cloud Solution

Cloud-based deployment and analytics enables your skilled security analysts to focus on strategic defense, instead of tool maintenance. Benefit from implementing the right solution for you.

Trellix
 

Sample Customers

CBI Health Group, University Honda, VakifBank
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Sutherland Global Services
Buyer's Guide
Tanium vs. Trellix Endpoint Detection and Response (EDR)
March 2026
Free Report: Tanium vs. Trellix Endpoint Detection and Response (EDR)
Find out what your peers are saying about Tanium vs. Trellix Endpoint Detection and Response (EDR) and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,376 professionals have used our research since 2012.
See our Tanium vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.