Try our new research platform with insights from 80,000+ expert users

ThreatLocker Zero Trust Endpoint Protection Platform vs Trellix Advanced Threat Defense comparison

ThreatLocker and Trellix are both solutions in the Advanced Threat Protection (ATP) category. ThreatLocker is ranked #6 with an average rating of 9.2, while Trellix is ranked #21 with an average rating of 9.0. ThreatLocker holds a 2.8% mindshare in ATP, compared to Trellix’s 1.9% mindshare. Additionally, 97% of ThreatLocker users are willing to recommend the solution, compared to 83% of Trellix users who would recommend it.
ThreatLocker Zero Trust End...
Read 39 ThreatLocker Zero Trust Endpoint Protection Platform reviews
  • 489 Views
  • 42 Comparison Views
97% willing to recommend
Trellix Advanced Threat Def...
Read 8 Trellix Advanced Threat Defense reviews
  • 369 Views
  • 108 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 23, 2025

Trellix Advanced Threat Defense and ThreatLocker Zero Trust Endpoint Protection Platform are competitors in the cybersecurity domain. Trellix has an advantage in threat detection capabilities, yet ThreatLocker's zero trust approach provides a comprehensive method of securing endpoints.

Features: Trellix Advanced Threat Defense combines advanced threat analysis with sandboxing and machine learning, providing robust threat detection. Its machine learning aspect enhances the ability to analyze emerging threats efficiently. Meanwhile, ThreatLocker Zero Trust Endpoint Protection Centers on zero trust principles through application whitelisting and ring-fencing. Its platform enables fine-grained control over application permissions, offering advanced endpoint security beyond mere detection.

Room for Improvement: Trellix could enhance its zero trust capabilities to compete with ThreatLocker's comprehensive control features. It may also benefit from integrating its machine learning enhancements across more modules. ThreatLocker could improve initial setup ease, particularly for businesses with limited IT resources, and extend integration capabilities to work seamlessly with a broader range of security tools. Additionally, a more intuitive user interface could simplify its robust settings.

Ease of Deployment and Customer Service: Trellix presents streamlined deployment with strong support services for rapid adaptation. Its integration with existing infrastructures can be effortless. ThreatLocker, while requiring more setup due to its complex zero trust configurations, balances this with helpful customer support, providing extensive guidance and training that simplifies post-deployment operations.

Pricing and ROI: Trellix offers a cost-efficient setup with a promising return on investment, leveraging its effective threat detection capabilities for optimal business security economics. Conversely, ThreatLocker, despite its higher initial cost, promises significant long-term security benefits. Businesses emphasizing thorough endpoint protection principles might find its cost justified by reduced risk and potential savings from minimized breaches.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense Report (Updated: June 2025).
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
June 2025
Download the complete report
Helped 859,129 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ThreatLocker Zero Trust End...
Ranking in Advanced Threat Protection (ATP)
6th
Average Rating
9.2
Reviews Sentiment
7.6
Number of Reviews
39
Ranking in other categories
Network Access Control (NAC) (5th), Endpoint Protection Platform (EPP) (7th), Application Control (1st), ZTNA (4th), Ransomware Protection (2nd)
Trellix Advanced Threat Def...
Ranking in Advanced Threat Protection (ATP)
21st
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2025, in the Advanced Threat Protection (ATP) category, the mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 2.8%, up from 1.8% compared to the previous year. The mindshare of Trellix Advanced Threat Defense is 1.9%, up from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP)
 

Featured Reviews

Johnathan Bodily - PeerSpot reviewer
Ensures ransomware protection and reduces phishing chaos
The application control has been great so far, and while I am still exploring the network access controls, I unfortunately don't have access to one module I would love to have due to licensing restrictions. It's easy to use in regard to reducing attack surfaces. For me, it's a piece of cake. We can have something approved within 30 seconds, thanks to the mobile app. We haven't eliminated security solutions. We just add to it, and ThreatLocker has been a great addition. We also have Kaseya and ThreatLocker as a supplement to that. It's useful. They have overlap, and we look at the overlap as a good thing. It's helped your organization save on operational costs or expenses by ensuring that many fewer hours are spent dealing with ransomware nonsense. I cannot count the amount of hours that I personally have not had to put in to recovering an environment from a ransomware event. The last big one took us about three weeks to completely recover from. Since we've grouped ThreatLocker in, the management of that whole setup has gone down to just daily help desk tasks and general server maintenance instead of having the whole system on fire. There are probably thousands of hours of saved time between our teams. It's been great so far. ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications is great. It's my biggest protection, the blocked applications. In a lot of cases, you go to install something yourself that you need for management, and it comes in and says, nope. And then I have to log into the portal and approve it. I get our other guys saying, hey, why are you trying to approve something? Any of the tools that I'm using on a day-to-day basis that haven't been in the environment during the whole learning mode initially, I could go through and set extensions and all that. So, while it's a headache on that end, the amount of saved time I can't even count. It is a little frustrating on my end since I like to go as quickly as I possibly can, and it slows me down. However, that's a really good thing. Depending on the site, it can save a lot of time and cut down headaches. It's likely saved a week's worth of time. It's cut down the amount of sever help desk tickets. Those have become minimal.
Read full review
HS
Easy to set up and use with a nice interface
The scalability could be better. We'd like them to be better at dealing with script threats. In sandboxing, the time to respond is slower than we would like. We'd like them to be able to process faster. For example, Fortinet, they are doing 18,000 files per hour. For Wildfire, it is elastic. It can support as many files as you get. McAfee doesn't react like that. It does not support interfaces with HTTPS.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Ringfencing is a valuable feature."
"ThreatLocker Protect has improved my organization greatly."
"The biggest improvement has been knowing that something unauthorized isn't going to get installed on anyone’s machines."
"The unified alerts are useful."
"The time saved from dealing with ransomware nonsense is invaluable."
"Overall, I would rate ThreatLocker Zero Trust Endpoint Protection Platform a ten out of ten."
"The most valuable feature is selective elevation, which allows elevating an individual process to admin privilege without granting admin privilege to that user, which has been by far the most useful feature outside of the overall solution itself."
"It is a comprehensive platform that allows you to do a lot of things."
More ThreatLocker Zero Trust Endpoint Protection Platform pros
"The most valuable features are the administration console and its detection and response module."
"It is stable and reliable."
"It is very scalable."
"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server."
"I recommend this solution because of its ease of use."
"It stops in excess of twenty-five malware events per month, all of which could be critical to the business."
"Provides good exfiltration, and is an all-in-one product."
 

Cons

"ThreatLocker Allowlisting needs to improve its user interface and overall workflow."
"I find that the learning mode is too accessible. Technicians sometimes default to it instead of manually building policy controls. I would prefer the learning mode to be harder to access, ideally hidden behind a layer that requires creating at least one policy first before using the learning mode as a supplement."
"More visibility in the built-ins would be nice."
"From a reporting perspective, enhancing the ability to customize reports would be beneficial."
"ThreatLocker could offer more flexible training, like online or offline classes after hours. The fact that they even provide weekly training makes it seem silly to suggest, but some people can't do it during the day, so they want to train after work. They could also start a podcast about issues they see frequently and what requires attention. A podcast would be helpful to keep us all apprised about what's going on and/or offline training for those people who can't train during the week."
"Some reporting areas need improvement."
"ThreatLocker's technical support process could be streamlined by reducing the number of steps required to reach a human agent."
"Some reporting areas need improvement. We need to generate more reports."
More ThreatLocker Zero Trust Endpoint Protection Platform cons
"The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."
"Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version."
"We'd like them to be better at dealing with script threats."
"I would like to see future versions of the solution incorporate artificial intelligence technology."
"There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client."
"Lacks remote capabilities not dependent on the internet."
"This solution needs to be made "cloud ready"."
 

Pricing and Cost Advice

"I believe ThreatLocker's pricing model is fair and flexible, allowing account managers to offer customized deals based on our specific needs."
"I can't complain. Cheaper would always be nice, but I think it's reasonable compared to other software in the cybersecurity market."
"The pricing is reasonable and normal. I do not have any problems with the cost."
"I find ThreatLocker's pricing to be reasonable for the services it provides."
"I do not deal with pricing, but I assume it is cost-effective for us. We choose a solution based on functionality and affordability."
"The pricing is fair and there is no hard sell."
"We have encountered a few challenges regarding pricing, contract renewals, and additions. As we explored adding features like Cyber Hero, it proved to be an increased expense for our clients. This was primarily a mistake on our part due to how we initially priced it to clients."
"Considering what this product does, ThreatLocker is very well-priced, if not too nicely priced for the customer."
More ThreatLocker Zero Trust Endpoint Protection Platform pricing and cost advice
"The product is expensive, but it is better than the rest of them in the industry."
"Our licensing fees for this solution are approximately one million dollars per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
859,129 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
35%
Retailer
8%
Manufacturing Company
5%
Financial Services Firm
5%
Government
17%
Manufacturing Company
15%
Financial Services Firm
13%
Computer Software Company
11%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ThreatLocker Allowlisting?
The interface is clean and well-organized, making it simple to navigate and find what we need.
See all answers
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
Pricing, setup costs, and licensing have been pretty accessible and manageable. It was not too expensive to get started, especially at a small scale for a smaller MSP. It is very accessible, easy t...
See all answers
What needs improvement with ThreatLocker Allowlisting?
For the space that it's in, it's already there. I don't know of another product that compares to its level. Even recently, with the addition of the detect module is a very nice add-on to the packet...
See all answers
What do you like most about McAfee Advanced Threat Defense?
I recommend this solution because of its ease of use.
See all answers
What needs improvement with McAfee Advanced Threat Defense?
There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client.
See all answers
What is your primary use case for McAfee Advanced Threat Defense?
We use the solution for client management and security. We used the whole suite for client Firewall, antivirus, and everything provided by Trellix.
See all answers
 

Comparisons

CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 17% of the time
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 17% of the time
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 15% of the time
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
Huntress Managed EDR vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Huntress Managed EDR vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 5% of the time
More ThreatLocker Zero Trust Endpoint Protection Platform Competitors
Microsoft Defender for Identity vs Trellix Advanced Threat Defense Logo
Microsoft Defender for Identity vs Trellix Advanced Threat Defense
Compared 31% of the time
Fortinet FortiSandbox vs Trellix Advanced Threat Defense Logo
Fortinet FortiSandbox vs Trellix Advanced Threat Defense
Compared 21% of the time
Palo Alto Networks WildFire vs Trellix Advanced Threat Defense Logo
Palo Alto Networks WildFire vs Trellix Advanced Threat Defense
Compared 16% of the time
Check Point Infinity vs Trellix Advanced Threat Defense Logo
Check Point Infinity vs Trellix Advanced Threat Defense
Compared 16% of the time
Microsoft Defender for Office 365 vs Trellix Advanced Threat Defense Logo
Microsoft Defender for Office 365 vs Trellix Advanced Threat Defense
Compared 16% of the time
More Trellix Advanced Threat Defense Competitors
 

Product Reports

Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform
May 2025
ThreatLocker Zero Trust Endpoint Protection Platform reportDownload ThreatLocker Zero Trust Endpoint Protection Platform product report
Buyer's Guide
Advanced Threat Protection (ATP)
June 2025
Trellix Advanced Threat Defense reportDownload Trellix Advanced Threat Defense product report
 

Also Known As

Protect, Allowlisting, Network Control, Ringfencing
McAfee Advanced Threat Defense
 

Overview

ThreatLocker Zero Trust Endpoint Protection Platform offers robust endpoint security through application control and allowlisting, safeguarding servers and workstations from unauthorized software execution.

ThreatLocker Zero Trust Endpoint Protection Platform provides extensive application control with features like ring-fencing and selective elevation, ensuring meticulous execution management. Offering learning mode and extensive support, it integrates threat detection and activity monitoring to enhance compliance, reduce costs, and bolster cybersecurity through alerts and approvals. Despite its strengths, there are areas for improvement in training flexibility, policy updates, and interface enhancements, along with challenges in handling non-digitally signed software. Deployed across environments, it works well with existing cybersecurity instruments for real-time threat prevention.

What are the top features of ThreatLocker?
  • Intuitive Interface: User-friendly design simplifies endpoint protection management.
  • Application Blocking: Prevents unauthorized applications from running.
  • Selective Elevation: Grants control over application permissions.
  • Ring-Fencing: Isolates applications to limit interactions.
  • Allowlisting: Ensures only trusted software can execute.
  • Learning Mode: Facilitates configuration by observing user behavior.
  • Real-Time Support: Access to assistance and training resources.
What benefits should reviewers seek?
  • Compliance: Meets regulatory standards.
  • Operational Cost Reduction: Consolidated alerts and approvals.
  • Enhanced Cybersecurity: Prevention of unauthorized applications.
  • Regulatory Alignment: Helps ensure adherence to legal requirements.

ThreatLocker Zero Trust Endpoint Protection Platform is widely implemented to safeguard IT infrastructures against unauthorized access and application use. In sectors where data security is paramount, this platform enables users to prevent unauthorized software installations and control device applications, ensuring real-time threat prevention and compliance with industry regulations.

ThreatLocker

Powerful advanced threat detection

Uncover Hidden Threats

Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.

Threat Intelligence Sharing

Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.

Enable Investigation

Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.

Trellix
 

Sample Customers

Information Not Available
The Radicati Group, Florida International University, MGM Resorts International, County Durham andDarlington NHS Foundation Trust
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
June 2025
Free Report: ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense
Find out what your peers are saying about ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense and other solutions. Updated: June 2025.
DOWNLOAD NOW
859,129 professionals have used our research since 2012.
See our ThreatLocker Zero Trust Endpoint Protection Platform vs. Trellix Advanced Threat Defense report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.