Try our new research platform with insights from 80,000+ expert users

ThreatLocker Zero Trust Endpoint Protection Platform vs Trellix Advanced Threat Defense comparison

ThreatLocker and Trellix are both solutions in the Advanced Threat Protection (ATP) category. ThreatLocker is ranked #6 with an average rating of 9.2, while Trellix is ranked #22 with an average rating of 9.0. ThreatLocker holds a 2.7% mindshare in ATP, compared to Trellix’s 1.9% mindshare. Additionally, 97% of ThreatLocker users are willing to recommend the solution, compared to 76% of Trellix users who would recommend it.
ThreatLocker Zero Trust End...
Read 40 ThreatLocker Zero Trust Endpoint Protection Platform reviews
  • 3,528 Views
  • 635 Comparison Views
97% willing to recommend
Trellix Advanced Threat Def...
Read 9 Trellix Advanced Threat Defense reviews
  • 559 Views
  • 525 Comparison Views
76% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 5, 2025

Trellix Advanced Threat Defense and ThreatLocker Zero Trust Endpoint Protection Platform are competing cybersecurity solutions, focusing on threat detection and endpoint security. Trellix has an upper hand with cost-effective solutions, while ThreatLocker stands out for its strong security features.

Features: Trellix emphasizes advanced malware detection, deep inspection, and consistent threat analytics. ThreatLocker prioritizes application whitelisting, ring-fencing, and zero-trust strategies for comprehensive endpoint protection.

Room for Improvement: Trellix could enhance its endpoint security features and simplify its alert management. ThreatLocker may need to address its pricing strategy and improve its user interface for broader integration with diverse platforms.

Ease of Deployment and Customer Service: Trellix offers straightforward deployment with dedicated support. ThreatLocker provides intuitive onboarding with an emphasis on customer training and responsive service through its Cyber Hero support.

Pricing and ROI: Trellix presents a cost-effective solution with high ROI for its detection capabilities. ThreatLocker involves higher initial costs but offers substantial value for organizations needing robust endpoint security.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense Report (Updated: December 2025).
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
December 2025
Download the complete report
Helped 879,422 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ThreatLocker Zero Trust End...
Ranking in Advanced Threat Protection (ATP)
6th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
40
Ranking in other categories
Network Access Control (NAC) (4th), Endpoint Protection Platform (EPP) (6th), Application Control (1st), ZTNA (4th), Ransomware Protection (1st)
Trellix Advanced Threat Def...
Ranking in Advanced Threat Protection (ATP)
22nd
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
9
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of January 2026, in the Advanced Threat Protection (ATP) category, the mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 2.7%, up from 1.9% compared to the previous year. The mindshare of Trellix Advanced Threat Defense is 1.9%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP) Market Share Distribution
ProductMarket Share (%)
ThreatLocker Zero Trust Endpoint Protection Platform2.7%
Trellix Advanced Threat Defense1.9%
Other95.4%
Advanced Threat Protection (ATP)
 

Featured Reviews

CL
Charles Loveland
Supervisor, Client Security at a consultancy with 11-50 employees
World-class support and highly effective for application control and elevation
Their product is solid. I have a hard time complaining much about it because when we do find little things, they are usually interface-related or related to things that would be nice to have. Their idea portal, unlike so many other vendors we deal with, shows movement. At least four to eight features of ThreatLocker exist because I made a request in the last five years, and it became a feature of the actual product. When it comes to improvements, we moved the product as customers, and we got to move the product by making suggestions. They seem to be very reactive to it, so there is not a whole lot that they actively need to change right now. It is one of those situations where when we run into something that would be nice to have, it happens. They make it work.
Read full review
PP
Philippe Panardie
RSSI at SDIS49
Ensuring long-term reliability while seeking internal email management enhancements
Prisma is a commercial name of the firewall now, but we don't work with the cloud product. Only our company is using it and we do not recommend it to customers. For us, it's transparent because it's a cloud product, so we don't really know the version as it's always updated. We have not had any problem, but it's difficult to report on what's going on because some days they can wash out perhaps 100 mails, and then it's difficult to say how many attacks you have reached. The right email has been washed out and then nobody has complained. We do not use the Threat Visualization feature; as we are in MX, the mail is washed out before it is in the mail inbox of the user, thus avoiding any problem requiring a reservation. In fact, there is no integration with existing security frameworks. The only problem we can have is that as we have no API interface, there is no inspection of internal mail. I rate Trellix Advanced Threat Defense a nine out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"ThreatLocker stands out because they understand application whitelisting and elevation controls deeply, addressing real issues effectively."
"The most valuable feature is selective elevation, which allows elevating an individual process to admin privilege without granting admin privilege to that user, which has been by far the most useful feature outside of the overall solution itself."
"I really enjoy ringfencing and elevation features. It makes my life easier because I do not have to get on a computer to elevate a prompt to allow users to run something they run every day as an admin."
"The application management on any workstation with the solution is valuable. I find it valuable that it indicates whether the software is part of our pre-approved list, adding a nice layer of protection. It works great because people cannot just install or download any app from the web."
"With ThreatLocker, we don't have shadow IT, and it has reduced ransomware."
"The pre-built policies and the fact that I get notified when a user requests an application are significant."
"The unified alerts are useful."
"It is a comprehensive platform that allows you to do a lot of things."
More ThreatLocker Zero Trust Endpoint Protection Platform pros
"Provides good exfiltration, and is an all-in-one product."
"The most valuable features are the administration console and its detection and response module."
"I recommend this solution because of its ease of use."
"The fact that in 10 years, we have had no problem is the most valuable feature for us; it's really a washing machine, but the only problem we face is that it's difficult to report on this product."
"It stops in excess of twenty-five malware events per month, all of which could be critical to the business."
"It is stable and reliable."
"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server."
"It is very scalable."
 

Cons

"It has not reduced helpdesk tickets. It has probably increased them by blocking applications and doing its job, resulting in people raising more tickets to know why they cannot use certain things."
"ThreatLocker would benefit from incorporating an antivirus feature or comprehensive 24-hour log monitoring, a valuable enhancement for both business and enterprise-level users."
"ThreatLocker could offer more flexible training, like online or offline classes after hours. The fact that they even provide weekly training makes it seem silly to suggest, but some people can't do it during the day, so they want to train after work. They could also start a podcast about issues they see frequently and what requires attention. A podcast would be helpful to keep us all apprised about what's going on and/or offline training for those people who can't train during the week."
"It would be beneficial if it became more recognized in the EU to gain respect."
"The support could be quicker."
"Some reporting areas need improvement. We need to generate more reports."
"Their product is solid. I have a hard time complaining much about it because when we do find little things, they are usually interface-related or related to things that would be nice to have."
"Adding applications to the allowlist can sometimes feel overwhelming."
More ThreatLocker Zero Trust Endpoint Protection Platform cons
"Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version."
"I would like to see future versions of the solution incorporate artificial intelligence technology."
"The only problem we can have is that as we have no API interface, there is no inspection of internal mail."
"This solution needs to be made "cloud ready"."
"Lacks remote capabilities not dependent on the internet."
"We'd like them to be better at dealing with script threats."
"The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."
"There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client."
 

Pricing and Cost Advice

"The pricing is reasonable and normal. I do not have any problems with the cost."
"I believe ThreatLocker's pricing model is fair and flexible, allowing account managers to offer customized deals based on our specific needs."
"Its price is fair. They have added some additional things to it beyond allowlisting. They are up-charging for them, but in terms of the value we get and the way it impacts us, we get a bang for our buck with ThreatLocker than a lot of our other security tools."
"I find ThreatLocker's pricing to be reasonable for the services it provides."
"I do not know about the licensing and price as it comes bundled from our MSP. However, it seems fairly reasonable for us, which is why we chose it."
"The pricing is fair and there is no hard sell."
"We have encountered a few challenges regarding pricing, contract renewals, and additions. As we explored adding features like Cyber Hero, it proved to be an increased expense for our clients. This was primarily a mistake on our part due to how we initially priced it to clients."
"So far, it has been great. I have no complaints. Of course, everybody wishes it was cheaper."
More ThreatLocker Zero Trust Endpoint Protection Platform pricing and cost advice
"Our licensing fees for this solution are approximately one million dollars per year."
"The product is expensive, but it is better than the rest of them in the industry."
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
879,422 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
25%
Retailer
8%
Manufacturing Company
8%
Financial Services Firm
7%
Government
14%
Comms Service Provider
13%
Performing Arts
11%
University
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business32
Midsize Enterprise4
Large Enterprise3
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise4
Large Enterprise5
 

Questions from the Community

What do you like most about ThreatLocker Allowlisting?
The interface is clean and well-organized, making it simple to navigate and find what we need.
See all answers
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
Pricing, setup costs, and licensing have been pretty accessible and manageable. It was not too expensive to get started, especially at a small scale for a smaller MSP. It is very accessible, easy t...
See all answers
What needs improvement with ThreatLocker Allowlisting?
Going with the theme of ThreatLocker Zero Trust Endpoint Protection Platform being a one-stop shop where they have just about everything, and they have a really good product stack as is. However, t...
See all answers
What do you like most about McAfee Advanced Threat Defense?
I recommend this solution because of its ease of use.
See all answers
What needs improvement with McAfee Advanced Threat Defense?
I would like to see an API interface for internal email and control of outgoing email to make it closer to 10. It's necessary; today we have an MX interface, and it would be interesting to have an ...
See all answers
What is your primary use case for McAfee Advanced Threat Defense?
We are working with Palo Alto products, specifically firewalls. We are only using Palo Alto Firewalls and not Cortex. With FireEye and Trellix, we only work with ETP now because the NDR function wh...
See all answers
 

Comparisons

CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 10% of the time
Airlock Digital Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Airlock Digital Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 8% of the time
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
ManageEngine Application Control Plus vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
ManageEngine Application Control Plus vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 5% of the time
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 4% of the time
More ThreatLocker Zero Trust Endpoint Protection Platform Competitors
Fortinet FortiSandbox vs Trellix Advanced Threat Defense Logo
Fortinet FortiSandbox vs Trellix Advanced Threat Defense
Compared 30% of the time
Check Point Infinity vs Trellix Advanced Threat Defense Logo
Check Point Infinity vs Trellix Advanced Threat Defense
Compared 22% of the time
Microsoft Defender for Identity vs Trellix Advanced Threat Defense Logo
Microsoft Defender for Identity vs Trellix Advanced Threat Defense
Compared 20% of the time
Microsoft Defender for Office 365 vs Trellix Advanced Threat Defense Logo
Microsoft Defender for Office 365 vs Trellix Advanced Threat Defense
Compared 15% of the time
Palo Alto Networks WildFire vs Trellix Advanced Threat Defense Logo
Palo Alto Networks WildFire vs Trellix Advanced Threat Defense
Compared 13% of the time
More Trellix Advanced Threat Defense Competitors
 

Product Reports

Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform
December 2025
ThreatLocker Zero Trust Endpoint Protection Platform reportDownload ThreatLocker Zero Trust Endpoint Protection Platform product report
Buyer's Guide
Trellix Advanced Threat Defense
December 2025
Trellix Advanced Threat Defense reportDownload Trellix Advanced Threat Defense product report
 

Also Known As

Protect, Allowlisting, Network Control, Ringfencing
McAfee Advanced Threat Defense
 

Overview

ThreatLocker Zero Trust Endpoint Protection Platform empowers organizations with application control, selective elevation, and ring-fencing to enhance security and prevent unauthorized access.

ThreatLocker provides comprehensive security management using application allowlisting to ensure only approved software operates across servers and workstations. The platform's centralized management simplifies security processes by consolidating multiple tools, and its robust capabilities align with zero-trust strategies by actively blocking unauthorized applications and ensuring compliance. Users note intuitive features such as mobile access, helpful training resources, and responsive support, which effectively reduce operational costs and help desk inquiries. The managed service providers prefer ThreatLocker to maintain network integrity by preventing malicious scripts and unauthorized access attempts. However, users identify room for growth in training and support flexibility, the interface, and certain technical challenges like network saturation from policy updates.

What are the most important features?
  • Application Control: Ensures only approved applications can be executed, minimizing security risks.
  • Selective Elevation: Provides granular control over application permissions without compromising security.
  • Ring-Fencing: Isolates applications to limit possible damage from compromised software.
  • Comprehensive Blocking: Blocks unauthorized applications, supporting zero-trust strategies.
  • Centralized Management: Offers a unified platform for managing security tools efficiently.
What benefits should users look for in reviews?
  • Intuitive Interface: Simplifies complex security processes, making them manageable for non-expert users.
  • Reduced Operational Costs: Minimizes resource expenditure through effective security management.
  • Enhanced Security: Provides robust protection against unauthorized access and malicious scripts.
  • Responsive Support: Offers quick and effective assistance to minimize downtime and issues.

Organizations utilize ThreatLocker for application allowlisting, ensuring only authorized software operates to prevent unauthorized access efficiently. Deployed across servers and workstations, its features support zero-trust principles and are favored by managed service providers for application management and network integrity.

ThreatLocker

Powerful advanced threat detection

Uncover Hidden Threats

Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.

Threat Intelligence Sharing

Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.

Enable Investigation

Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.

Trellix
 

Sample Customers

Information Not Available
The Radicati Group, Florida International University, MGM Resorts International, County Durham andDarlington NHS Foundation Trust
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
December 2025
Free Report: ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
Find out what your peers are saying about ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,422 professionals have used our research since 2012.
See our ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.