No more typing reviews! Try our Samantha, our new voice AI agent.

Trellix Helix Connect Room for Improvement

reviewer2840397 - PeerSpot reviewer
reviewer2840397
Associate Cybersecurity Analyst at a tech vendor with 10,001+ employees

Trellix Helix Connect can definitely be improved, especially regarding cloud and SaaS telemetry gaps. It could enhance its native cloud and SaaS telemetry integration. Additionally, sometimes when we open the details of a file, it lacks meta fields altogether, and we must manually ask the user for the meta fields, such as when the file was created, last opened, last updated, and its hash value. Helix does not perform as expected in this regard. There are also many false positives flagged that should not be, and there is no on-premises option for FireEye Helix. Lastly, the GUI and dashboard feel very old-school and legacy, needing improvement, as all competitors have far superior GUIs and UI/UX interfaces.

I would add that we have experienced specific problems with session timeouts where we randomly log out from the system after some time and face issues in logging back in. This required us to contact customer service frequently, which is also not very reliable or prompt.

View full review »
Caramel Moana - PeerSpot reviewer
Caramel Moana
Senior Business Analyst at Target

There is little training available for technology teams to master the key features of Trellix Helix Connect, and that could be improved.

Reports can be difficult to customize and adapt, and analyzing them is also not easy, indicating an improvement opportunity.

View full review »
Hitesh Singh Thakur - PeerSpot reviewer
Hitesh Singh Thakur
Mentor Operations at eClinicalWorks

Trellix Helix Connect is a powerful tool, and while I don't see any major issues, I would like to see additional dashboard customization options and more advanced reporting capability. Overall, the platform is reliable and everything is perfect regarding the needed improvements.

View full review »
Buyer's Guide
Trellix Helix Connect
June 2026
Learn what your peers think about Trellix Helix Connect. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,807 professionals have used our research since 2012.
Melih Karasu - PeerSpot reviewer
Melih Karasu
Director at Natica IT Consulting

There is room for improvement for Trellix Helix Connect; I see some direction that they still could improve.

The most problematic part was the integration part because in their catalog, they have so many third-party vendors, but some of them were not fully supported, so we requested some development and feature requests. Sometimes we saw that some documentation was not enough to integrate the third-party vendor's product. However, they improved their documentation, so it was a good experience.

Everyone expected that we could use an XDR solution as on-premises; they could make some improvement on this point, which is a priority for some institutions.

I am not sure what additional functionalities I would like to see in the future for Trellix Helix Connect; they could add some AI features, basically machine learning capabilities, and also improvements in the chatbot feature, but it was at the first stage an average.

View full review »
Sheikh Abdul Hannan - PeerSpot reviewer
Sheikh Abdul Hannan
Technical Manager at Jlogic Innovations

The weak point of Trellix Helix Connect is the data storage capacity; more storage must be purchased as the data grows, which is a disadvantage because the cost increases when more space is needed on the cloud.

It is quite costly, especially if the events are increasing daily. The overall solution is fine but requires purchasing more space on the cloud, which can be expensive.

View full review »
Abdullah Al Hadi - PeerSpot reviewer
Abdullah Al Hadi
Information Security Engineer at Nhq Distribution Ltd
I would assess the effectiveness of Trellix Helix Connect's threat detection capabilities as improved nowadays. Some aspects of Trellix are improved using the AI technological sector, particularly EDR, which is Extended Detection and Response, capable of visualizing the incidents and the response. However, from my perspective, compared to other products, we need to improve the integration of detection and response in the product. For example, if I consider CrowdStrike, they provide their EDR capabilities, the scanning report, and vulnerability in the product, and they have provided third parties to analyze the report. Trellix has not provided their actual report on whether there is any vulnerability on the cloud side or not. This is the type of thing that customers sometimes recommend, in that they need a report showing clear visualization and that AI has detected something on the cloud service which needs to be reported. These types of things are required for customers nowadays.

Trellix Helix Connect can be improved in various ways. There are some issues such as high CPU utilization that we have experienced in the past whenever we were using Trellix Endpoint Security in the cloud system, which prevented anyone from working properly. I think they are reducing this with the upgradation of the Endpoint Security product and other products, but the main concern is sometimes the client cannot work properly when using Endpoint Security because it takes high CPU utilization. We also sometimes face issues with encryption. We are worried about this because sometimes some systems are taking the encryption as inactive. The encryption is happening, but it is not active and is showing as inactive. However, for reporting purposes in the EPO, it is showing that it is active when it is not actually active. These types of mismatches between the customer and Trellix platform side need to be improved.

View full review »
reviewer2646834 - PeerSpot reviewer
reviewer2646834
Presales Lead at a outsourcing company with 11-50 employees

To improve Trellix Helix Connect, I think it is possible to enhance the dashboard to share more information about the incidents. For example, if I want to check a MITRE technique, maybe it is necessary to have a quick link to check this technique in the dashboard.

I think the usability of hyperautomation is something to improve in the solution because it is expensive regarding the needed improvements.

View full review »
Sourabh Pardhi - PeerSpot reviewer
Sourabh Pardhi
Senior Information Security Analyst at Everbridge

Regarding areas for improvement with Trellix Helix, I believe that if the integration with AWS and GCP environments could be improved, that would be beneficial.

View full review »
Daniel_Martins - PeerSpot reviewer
Daniel_Martins
Head of Management Security Services at NetSafe Corp

The timeout of the tenant is an area that needs improvement. When investigating and gathering information from the Helix tenant for extended periods, disconnections occur. This results in lost work and the need to restart investigations due to disconnected sessions.

It is problematic when progress is lost and investigations must be restarted, resulting in lost information and significant time wastage.

The capability to integrate with other TIPs or cybersecurity intelligence sources could be improved to determine whether IOCs are malicious, similar to Mandiant's functionality.

The capacity to reduce false positives needs improvement as we receive many alerts from Helix that turn out to be false positives upon investigation. Enhanced capability in this area would make the system more efficient and easier to use.

The dashboards could be improved as customers frequently request real-time SOC dashboard displays for Helix.

View full review »
reviewer2406618 - PeerSpot reviewer
reviewer2406618
Senior Value Engineering at a tech vendor with 5,001-10,000 employees
I have just released this solution to the market, and my customers' response has been great. While Trellix Wise is seen as a top vendor with its AI implementation for accelerating incident investigation, there have been some support issues due to a recent fusion and merger in the company, which could be improved. View full review »
KB
KarimBondok
Cyber security team lead at a financial services firm with 1,001-5,000 employees

There is room for improvement in the integration capabilities of third-party tools.

It has no problem connecting all solutions to Helix. Right now, we only connect one of Trellix's appliances to the Helix solution, the EDR solution. That's it.

We faced many problems regarding integrating some with Helix or integrating the ITSM with Helix; the system refused that. 

So, it depends on the customer's environment and regulations. 

View full review »
KB
Kumaresan B
Senior Technical Support Engineer at Digitaltrack

Trellix needs to address the price for the product to be more appealing to customers. 

View full review »
Daniel_Martins - PeerSpot reviewer
Daniel_Martins
Head of Management Security Services at NetSafe Corp

We often rely on Martins to create logs and provide professional threat services rather than basic support. However, accessing these services can be inconsistent. Sometimes, responses are quick and valuable, but other times, they are delayed. For example, I've waited up to seven months for Martins to resolve an issue with Azure WAF in Helix. It can also be challenging to get timely responses from partners regarding updates and new features

View full review »
BiswabhanuPanda - PeerSpot reviewer
BiswabhanuPanda
Senior technical consultant at Hitachi Systems Micro Clinic

Integrations could be improved, and the dashboard could be a little better. I've seen Splunk and Securonix; their dashboards are definitely better than Helix.

View full review »
Abanoub Alfy - PeerSpot reviewer
Abanoub Alfy
Information Technology Security Analyst at EBC

Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains.

Backup capturing should be included in the solution's next release.

View full review »
Melih Karasu - PeerSpot reviewer
Melih Karasu
Director at Natica IT Consulting

FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer. It's also not always easy to integrate Helix with other products as they mostly use API integration, and not every third party has a prepared API.

View full review »
reviewer1660641 - PeerSpot reviewer
reviewer1660641
SOC Services Manager at a healthcare company with 10,001+ employees

It should have more cloud connectors. It could also be cheaper.

View full review »
reviewer1581882 - PeerSpot reviewer
reviewer1581882
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees

Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing. 

View full review »
reviewer1362132 - PeerSpot reviewer
reviewer1362132
CTO & CISO at a tech vendor with 51-200 employees

The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution. 

View full review »
BiswabhanuPanda - PeerSpot reviewer
BiswabhanuPanda
Senior technical consultant at Hitachi Systems Micro Clinic

Helix will do well after the pandemic because everybody will be looking for a cloud solution and it is cloud-native. There are certain changes we are bringing onto our endpoint and our ETP network security. So everything makes an impact on Helix because every log and every change you can manage through Helix. Helix is directly integrated into a single sign-on platform, which is free FireEye customers. They can log into any of their incentives like if they want to log into the ETP, email security, they use a third-party sandbox and intel and FireEye integrates nicely into it. There are a lot of issues because of GDPR but otherwise, it is a very good platform.

View full review »
Buyer's Guide
Trellix Helix Connect
June 2026
Learn what your peers think about Trellix Helix Connect. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,807 professionals have used our research since 2012.