Try our new research platform with insights from 80,000+ expert users

ThreatLocker Zero Trust Endpoint Protection Platform vs Trellix Advanced Threat Defense comparison

ThreatLocker and Trellix are both solutions in the Advanced Threat Protection (ATP) category. ThreatLocker is ranked #6 with an average rating of 9.2, while Trellix is ranked #22 with an average rating of 9.0. ThreatLocker holds a 2.6% mindshare in ATP, compared to Trellix’s 2.1% mindshare. Additionally, 97% of ThreatLocker users are willing to recommend the solution, compared to 76% of Trellix users who would recommend it.
ThreatLocker Zero Trust End...
Read 40 ThreatLocker Zero Trust Endpoint Protection Platform reviews
  • 3,919 Views
  • 705 Comparison Views
97% willing to recommend
Trellix Advanced Threat Def...
Read 9 Trellix Advanced Threat Defense reviews
  • 675 Views
  • 635 Comparison Views
76% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 11, 2026

Trellix Advanced Threat Defense and ThreatLocker Zero Trust Endpoint Protection Platform are both competing in the cybersecurity space, with Trellix having a pricing and support edge, while ThreatLocker excels in feature offerings, making it a noteworthy investment.

Features: Trellix Advanced Threat Defense utilizes malware detection with advanced machine learning, and offers detailed forensic analysis and seamless integration with existing security infrastructures. ThreatLocker emphasizes proactive threat prevention with a zero-trust model, providing granular application control, default deny approach, and highlights reducing the attack surface to safeguard endpoints.

Room for Improvement: Trellix can enhance its machine learning adaptability, integration options, and user interface. ThreatLocker could improve its initial configuration requirements, refine its training modules, and reduce the complexity of its zero-trust policy implementation.

Ease of Deployment and Customer Service: Trellix Advanced Threat Defense streamlines deployment with comprehensive support, facilitating quick implementation, and smooth network integration. ThreatLocker, while demanding more initial setup effort due to its granular requirements, offers substantial training and support to mitigate deployment challenges, effectively meeting varied organizational needs.

Pricing and ROI: Trellix Advanced Threat Defense provides a competitive setup cost with solid ROI through efficient threat detection and low maintenance costs. ThreatLocker Zero Trust Endpoint Protection may incur higher initial costs but delivers significant ROI with its comprehensive security approach, reducing potential damage and downtime, hence proving valuable in long-term strategic security investments.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense Report (Updated: February 2026).
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
February 2026
Download the complete report
Helped 881,821 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ThreatLocker Zero Trust End...
Ranking in Advanced Threat Protection (ATP)
6th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
40
Ranking in other categories
Network Access Control (NAC) (4th), Endpoint Protection Platform (EPP) (6th), Application Control (1st), ZTNA (4th), Ransomware Protection (1st)
Trellix Advanced Threat Def...
Ranking in Advanced Threat Protection (ATP)
22nd
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
9
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of February 2026, in the Advanced Threat Protection (ATP) category, the mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 2.6%, up from 2.0% compared to the previous year. The mindshare of Trellix Advanced Threat Defense is 2.1%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP) Market Share Distribution
ProductMarket Share (%)
ThreatLocker Zero Trust Endpoint Protection Platform2.6%
Trellix Advanced Threat Defense2.1%
Other95.3%
Advanced Threat Protection (ATP)
 

Featured Reviews

CL
Charles Loveland
Supervisor, Client Security at a consultancy with 11-50 employees
World-class support and highly effective for application control and elevation
Their product is solid. I have a hard time complaining much about it because when we do find little things, they are usually interface-related or related to things that would be nice to have. Their idea portal, unlike so many other vendors we deal with, shows movement. At least four to eight features of ThreatLocker exist because I made a request in the last five years, and it became a feature of the actual product. When it comes to improvements, we moved the product as customers, and we got to move the product by making suggestions. They seem to be very reactive to it, so there is not a whole lot that they actively need to change right now. It is one of those situations where when we run into something that would be nice to have, it happens. They make it work.
Read full review
PP
Philippe Panardie
RSSI at SDIS49
Ensuring long-term reliability while seeking internal email management enhancements
Prisma is a commercial name of the firewall now, but we don't work with the cloud product. Only our company is using it and we do not recommend it to customers. For us, it's transparent because it's a cloud product, so we don't really know the version as it's always updated. We have not had any problem, but it's difficult to report on what's going on because some days they can wash out perhaps 100 mails, and then it's difficult to say how many attacks you have reached. The right email has been washed out and then nobody has complained. We do not use the Threat Visualization feature; as we are in MX, the mail is washed out before it is in the mail inbox of the user, thus avoiding any problem requiring a reservation. In fact, there is no integration with existing security frameworks. The only problem we can have is that as we have no API interface, there is no inspection of internal mail. I rate Trellix Advanced Threat Defense a nine out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are seeing a return on investment, especially with our managers and customers."
"Unified Audit is excellent for identifying our denies and using those to dynamically create rules, as opposed to manually observing the logs and creating them. It saves so much time."
"I really enjoy ringfencing and elevation features. It makes my life easier because I do not have to get on a computer to elevate a prompt to allow users to run something they run every day as an admin."
"The great thing is that if you get a malicious email and you try to run something, ThreatLocker is not going to let it do anything. It is not going to let anything infect your network."
"Using ThreatLocker is effortless because I can access it from an app on my phone, so I can help clients after hours. My client had an issue while I was at dinner, and I didn't have a tech on the problem, but I could deal with it from my phone. I can see what the client is doing and approve or deny it. It helps me deliver better service to my clients when they need it."
"We use it most heavily for elevation control, blocking and giving rights only to certain people or devices, and not allowing the rest to access the software. Elevation control has been second to none for me."
"The deployment is very easy."
"It is a comprehensive platform that allows you to do a lot of things."
More ThreatLocker Zero Trust Endpoint Protection Platform pros
"It is very scalable."
"Provides good exfiltration, and is an all-in-one product."
"It stops in excess of twenty-five malware events per month, all of which could be critical to the business."
"The most valuable features are the administration console and its detection and response module."
"The fact that in 10 years, we have had no problem is the most valuable feature for us; it's really a washing machine, but the only problem we face is that it's difficult to report on this product."
"I recommend this solution because of its ease of use."
"It is stable and reliable."
"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server."
 

Cons

"ThreatLocker University offers many good training modules, but more in-depth training for advanced platforms would be beneficial."
"ThreatLocker Allowlisting needs to improve its user interface and overall workflow."
"From my point of view, logging could be improved. Logging should be easier."
"It has not reduced helpdesk tickets. It has probably increased them by blocking applications and doing its job, resulting in people raising more tickets to know why they cannot use certain things."
"I have no complaints, but a little bit more Mac support would be great."
"I was discussing with someone the other day, and it seems there is currently no solution for mobile users."
"A valuable addition to ThreatLocker would be a column in the audit page displaying a VirusTotal score for each file."
"The Cyber Hero certification exam could use a bit of love, but overall, I have been very satisfied with the platform."
More ThreatLocker Zero Trust Endpoint Protection Platform cons
"The only problem we can have is that as we have no API interface, there is no inspection of internal mail."
"I would like to see future versions of the solution incorporate artificial intelligence technology."
"There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client."
"We'd like them to be better at dealing with script threats."
"Lacks remote capabilities not dependent on the internet."
"Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version."
"The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."
"This solution needs to be made "cloud ready"."
 

Pricing and Cost Advice

"The price is very reasonable, and we have been able to integrate ThreatLocker with all of our clients."
"The pricing works fine for me. It's very reasonably priced."
"The pricing is reasonable and normal. I do not have any problems with the cost."
"The price of ThreatLocker Allowlisting is reasonable in the market, but it is not fantastic."
"We have encountered a few challenges regarding pricing, contract renewals, and additions. As we explored adding features like Cyber Hero, it proved to be an increased expense for our clients. This was primarily a mistake on our part due to how we initially priced it to clients."
"The pricing is pretty fair, considering other solutions. Licensing-wise, it did not take long."
"ThreatLocker's pricing seems justifiable."
"I do not deal with pricing, but I assume it is cost-effective for us. We choose a solution based on functionality and affordability."
More ThreatLocker Zero Trust Endpoint Protection Platform pricing and cost advice
"The product is expensive, but it is better than the rest of them in the industry."
"Our licensing fees for this solution are approximately one million dollars per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
881,821 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
21%
Retailer
8%
Manufacturing Company
7%
Financial Services Firm
7%
Government
14%
Comms Service Provider
13%
Performing Arts
11%
University
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business32
Midsize Enterprise4
Large Enterprise3
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise4
Large Enterprise5
 

Questions from the Community

What do you like most about ThreatLocker Allowlisting?
The interface is clean and well-organized, making it simple to navigate and find what we need.
See all answers
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
Pricing, setup costs, and licensing have been pretty accessible and manageable. It was not too expensive to get started, especially at a small scale for a smaller MSP. It is very accessible, easy t...
See all answers
What needs improvement with ThreatLocker Allowlisting?
Going with the theme of ThreatLocker Zero Trust Endpoint Protection Platform being a one-stop shop where they have just about everything, and they have a really good product stack as is. However, t...
See all answers
What do you like most about McAfee Advanced Threat Defense?
I recommend this solution because of its ease of use.
See all answers
What needs improvement with McAfee Advanced Threat Defense?
I would like to see an API interface for internal email and control of outgoing email to make it closer to 10. It's necessary; today we have an MX interface, and it would be interesting to have an ...
See all answers
What is your primary use case for McAfee Advanced Threat Defense?
We are working with Palo Alto products, specifically firewalls. We are only using Palo Alto Firewalls and not Cortex. With FireEye and Trellix, we only work with ETP now because the NDR function wh...
See all answers
 

Comparisons

CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 8% of the time
Airlock Digital Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Airlock Digital Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 7% of the time
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 5% of the time
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 4% of the time
ManageEngine Application Control Plus vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
ManageEngine Application Control Plus vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 4% of the time
More ThreatLocker Zero Trust Endpoint Protection Platform Competitors
Fortinet FortiSandbox vs Trellix Advanced Threat Defense Logo
Fortinet FortiSandbox vs Trellix Advanced Threat Defense
Compared 17% of the time
Check Point Infinity vs Trellix Advanced Threat Defense Logo
Check Point Infinity vs Trellix Advanced Threat Defense
Compared 17% of the time
Microsoft Defender for Identity vs Trellix Advanced Threat Defense Logo
Microsoft Defender for Identity vs Trellix Advanced Threat Defense
Compared 14% of the time
Anomali vs Trellix Advanced Threat Defense Logo
Anomali vs Trellix Advanced Threat Defense
Compared 10% of the time
Trend Micro Deep Discovery vs Trellix Advanced Threat Defense Logo
Trend Micro Deep Discovery vs Trellix Advanced Threat Defense
Compared 9% of the time
More Trellix Advanced Threat Defense Competitors
 

Product Reports

Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform
January 2026
ThreatLocker Zero Trust Endpoint Protection Platform reportDownload ThreatLocker Zero Trust Endpoint Protection Platform product report
Buyer's Guide
Trellix Advanced Threat Defense
January 2026
Trellix Advanced Threat Defense reportDownload Trellix Advanced Threat Defense product report
 

Also Known As

Protect, Allowlisting, Network Control, Ringfencing
McAfee Advanced Threat Defense
 

Overview

ThreatLocker Zero Trust Endpoint Protection Platform empowers organizations with application control, selective elevation, and ring-fencing to enhance security and prevent unauthorized access.

ThreatLocker provides comprehensive security management using application allowlisting to ensure only approved software operates across servers and workstations. The platform's centralized management simplifies security processes by consolidating multiple tools, and its robust capabilities align with zero-trust strategies by actively blocking unauthorized applications and ensuring compliance. Users note intuitive features such as mobile access, helpful training resources, and responsive support, which effectively reduce operational costs and help desk inquiries. The managed service providers prefer ThreatLocker to maintain network integrity by preventing malicious scripts and unauthorized access attempts. However, users identify room for growth in training and support flexibility, the interface, and certain technical challenges like network saturation from policy updates.

What are the most important features?
  • Application Control: Ensures only approved applications can be executed, minimizing security risks.
  • Selective Elevation: Provides granular control over application permissions without compromising security.
  • Ring-Fencing: Isolates applications to limit possible damage from compromised software.
  • Comprehensive Blocking: Blocks unauthorized applications, supporting zero-trust strategies.
  • Centralized Management: Offers a unified platform for managing security tools efficiently.
What benefits should users look for in reviews?
  • Intuitive Interface: Simplifies complex security processes, making them manageable for non-expert users.
  • Reduced Operational Costs: Minimizes resource expenditure through effective security management.
  • Enhanced Security: Provides robust protection against unauthorized access and malicious scripts.
  • Responsive Support: Offers quick and effective assistance to minimize downtime and issues.

Organizations utilize ThreatLocker for application allowlisting, ensuring only authorized software operates to prevent unauthorized access efficiently. Deployed across servers and workstations, its features support zero-trust principles and are favored by managed service providers for application management and network integrity.

ThreatLocker

Powerful advanced threat detection

Uncover Hidden Threats

Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.

Threat Intelligence Sharing

Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.

Enable Investigation

Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.

Trellix
 

Sample Customers

Information Not Available
The Radicati Group, Florida International University, MGM Resorts International, County Durham andDarlington NHS Foundation Trust
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
February 2026
Free Report: ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
Find out what your peers are saying about ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense and other solutions. Updated: February 2026.
DOWNLOAD NOW
881,821 professionals have used our research since 2012.
See our ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.