Trellix Endpoint Detection and Response (EDR) Reviews

Name: Trellix Endpoint Detection and Response (EDR)
Brand: Trellix
Rating: 3.7 (23 reviews)

3.7 out of 5

23 reviews
83% willing to recommend

What is Trellix Endpoint Detection and Response (EDR)?

Reduce Alert Noise

Reduce the time to detect and respond to threats. Trellix EDR helps security analysts quickly prioritize threats and minimize potential disruption.

Get the Trellix Endpoint Detection and Response (EDR) Buyer's Guide and find out what your peers are saying about Trellix Endpoint Detection and Response (EDR), CrowdStrike Falcon, Microsoft Defender for Endpoint and more!

Trellix Endpoint Detection and Response (EDR) is the #22 ranked solution in EDR tools. PeerSpot users give Trellix Endpoint Detection and Response (EDR) an average rating of 7.4 out of 10. Trellix Endpoint Detection and Response (EDR) is most commonly compared to CrowdStrike Falcon: Trellix Endpoint Detection and Response (EDR) vs CrowdStrike Falcon. Trellix Endpoint Detection and Response (EDR) is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.

Buyer's Guide

Trellix Endpoint Detection and Response (EDR)

June 2025

Get the report

Helped 859,687 peers since 2012

Featured Trellix Endpoint Detection and Response (EDR) reviews

CESARCASTRO

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

This year, I am going to improve some tools to be installed or maybe acquire some services to better manage our web services and work with my coworkers. Application fiber also needs attention. Nowadays I am making applications that are publicly seen on the Internet. I need some protection, possibly multi-factor authentication improvements. I am seeing, for workflows, some sort of ethical hacking to test our environment. Knowledge of everything, not only the product - maybe some kind of alerts - needs to emerge. I see the current ones as very low-tier, and they must improve.

Read full review

ObaseunAwoyinfa

Security Consultant at Trinexia

Trellix EDR is designed to scale seamlessly, leveraging cloud infrastructure that eliminates traditional hardware limitations. This allows scalability up to fifteen thousand nodes or even two hundred thousand nodes, depending on the licensing. The cloud-based architecture enables centralized management from anywhere globally, facilitating comprehensive coverage across different geographical locations. In essence, it offers robust scalability and management capabilities. For SMBs and enterprises, Trellix EDR typically recommends environments with more than fifty computers. The rationale is that the more computers there are, the greater the likelihood of being targeted by malicious actors. With an EDR solution, there's a better chance of detecting and mitigating malicious activities on your systems.

Read full review

Hung-LE

Group IT Manager at Discova

Trellix purchased McAfee two years ago. At this moment, it may seem a bit difficult if I explain Trellix and McAfee separately. Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint provide endpoint protection. In the future, if Trellix can compile both the products, Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint, into one solution, our company need not install multiple agents, which can reduce the workload for IT and make the tool easy to manage. The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution. If both tools are combined into a single solution, it will become easier for a user to manage and deploy such a product.

Read full review

Trellix Endpoint Detection and Response (EDR) mindshare

As of July 2025, the mindshare of Trellix Endpoint Detection and Response (EDR) in the Endpoint Detection and Response (EDR) category stands at 1.2%, up from 0.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

PeerResearch reports based on Trellix Endpoint Detection and Response (EDR) reviews

Type	Title	Date
Category	Endpoint Detection and Response (EDR)	Jul 1, 2025	Download
Product	Reviews, tips, and advice from real users	Jul 1, 2025	Download
Comparison	Trellix Endpoint Detection and Response (EDR) vs CrowdStrike Falcon	Jul 1, 2025	Download
Comparison	Trellix Endpoint Detection and Response (EDR) vs SentinelOne Singularity Complete	Jul 1, 2025	Download
Comparison	Trellix Endpoint Detection and Response (EDR) vs Microsoft Defender for Endpoint	Jul 1, 2025	Download

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	14.4%	96%	132 interviews Add to research
Microsoft Defender for Endpoint	4.1	10.5%	94%	197 interviews Add to research

Valuable Features

Trellix Endpoint Detection and Response (EDR) is valued for its guided EDR investigation, scalability, ransomware detection, isolation capabilities, and user-friendly interface. Its integrated approach combines EDR and antivirus functionalities. Features like one-click recovery, visualization of cyberattacks, behavior monitoring, advanced threat protection, and threat hunting are vital. It excels in real-time monitoring, incident reports, and dashboard analytics. Its comprehensive threat detection and investigative capabilities ensure effective response and coverage.

"Trellix has done a good job reducing threats."
"The product and the services we have are quite good."
"The most valuable feature of the solution is its area for threat detection."

Room for Improvement

Trellix Endpoint Detection and Response (EDR) requires improvement in several areas. Resource consumption is high, straining CPU and RAM. The alert system lacks efficiency, requiring users to manually check alerts. The interface and dashboard need enhancements for user-friendliness. Integration with external platforms is limited. Historical search and automation features are inadequate. Compatibility with macOS is insufficient, and technical support is lacking. Endpoint detection relies too heavily on a signature base.

"I remember doing many tickets for Trellix support, and my EDR was not properly functioning. I didn't feel the detection or the real protection."
"I need some protection, possibly multi-factor authentication improvements."
"When it comes to some unknown fileless attacks, the tool is not able to detect them properly, making it an area where improvements are required."

ROI

Users have varied experiences with ROI from Trellix Endpoint Detection and Response (EDR). Some observe a positive return, integrating it into services, while others see it merely as a security policy. Trellix EDR offers AI-like capabilities, enhancing investigation speed, avoiding compliance issues, and protecting brand reputation. Despite the cost-effective nature and need for technical oversight, users find value in its comprehensive visibility and security enhancement. Ratings vary, with some rating it four out of ten.

Pricing

Trellix Endpoint Detection and Response (EDR) pricing suits midsized businesses but may not be ideal for startups. Costs range from $25,000 to $30,000 for 600 users, generally perceived as reasonable. Pricing involves annual licensing with additional charges for data retention beyond thirty days, and a minimum three-year contract. Some rate it moderately expensive compared to other solutions, especially due to exchange rates and advanced features. Flexibility and ease in managing licensing costs are appreciated.

"Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand."
"The price is reasonable."
"The pricing is always high."

Popular Use Cases

Trellix Endpoint Detection and Response (EDR) is primarily used for endpoint protection, threat hunting, and incident response. Organizations utilize it for identifying and managing threats, analyzing suspicious files, and integrating with Trellix SIEM. It supports advanced threat intelligence, early attack detection, and forensic investigations. Trellix EDR scans network activities, provides endpoint and server security, and aids in malware detection, making it valuable for banking and government sectors.

Service and Support

Customers express mixed opinions about Trellix Endpoint Detection and Response (EDR) support. Some find it satisfactory or comparable to competitors like Symantec Broadcom, while others report issues such as language barriers and slow response times. OEM support is deemed crucial but sometimes ineffective. Ratings vary, with some giving high scores and others suggesting room for improvement. Multiple support channels are available, though certain users experience delays and inefficiencies.

Deployment

Users found Trellix Endpoint Detection and Response initial setup varied in complexity. Some experienced straightforward installations, often rating it highly, while others faced challenges with policy aggregation and resource demands. Deployment times ranged from a few days to several months, influenced by cloud or on-premises preferences. Admin tasks were complex for some users, requiring additional support. Despite difficulties, many noted ease with proper guidance and tools, while organizations with endpoint management systems found deployment simplified.

Scalability

Trellix Endpoint Detection and Response (EDR) exhibits strong scalability, deploying without traditional hardware constraints. Many entities appreciate its seamless expansion, capable of supporting thousands of users and robust centralized management through cloud infrastructure. It's ideal for varied business sizes, from small firms to large enterprises. While some have noted occasional performance challenges, on the whole, users find it well-suited for extensive environments and highly adaptable to different organizational needs.

Stability

Trellix Endpoint Detection and Response (EDR) is regarded as having good stability. Many rate it highly, mentioning it as stable with improved versions resolving past performance issues. A few have noted that browser-related issues remain. Stability ratings vary, with several users giving it eight or nine out of ten. Some problems arise from incorrect deployments, not from Trellix EDR itself. Stability can require knowledgeable handling for optimal performance.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Trellix Endpoint Detection and Response (EDR) Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

14%

Government

12%

Financial Services Firm

12%

Manufacturing Company

10%

University

Insurance Company

Educational Organization

Comms Service Provider

Energy/Utilities Company

Construction Company

Transportation Company

Real Estate/Law Firm

Healthcare Company

Performing Arts

Wholesaler/Distributor

Retailer

Outsourcing Company

Aerospace/Defense Firm

Recreational Facilities/Services Company

Consumer Goods Company

Pharma/Biotech Company

Non Profit

Legal Firm

Media Company

Hospitality Company

International Affairs Institute

Logistics Company

Leisure / Travel Company

Compare Trellix Endpoint Detection and Response (EDR) with alternative products

Learn more about Trellix Endpoint Detection and Response (EDR)

Do More with Existing Resources

Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources—reducing the need for more SOC resources.

Low-Maintenance Cloud Solution

Cloud-based deployment and analytics enables your skilled security analysts to focus on strategic defense, instead of tool maintenance. Benefit from implementing the right solution for you.

Trellix Endpoint Detection and Response (EDR) was previously known as McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response.