Try our new research platform with insights from 80,000+ expert users
Trellix Active Response Logo

Trellix Active Response Reviews

Vendor: Trellix
3.5 out of 5
Leave a review

What is Trellix Active Response?

Continuous Visibility into Your Endpoints:
Capture and monitor events, files, host flows, process objects, context, and system state changes that may be indicators of attack or dormant attack components.

Get the Endpoint Detection and Response (EDR) Buyer's Guide and find out what your peers are saying about Trellix Active Response, CrowdStrike Falcon, Microsoft Defender for Endpoint and more!
Trellix Active Response is the #45 ranked solution in EDR tools. PeerSpot users give Trellix Active Response an average rating of 7.0 out of 10. Trellix Active Response is most commonly compared to CrowdStrike Falcon: Trellix Active Response vs CrowdStrike Falcon. Trellix Active Response is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a government, accounting for 18% of all views.
Buyer's Guide
Endpoint Detection and Response (EDR)
January 2025
Get the category report
Helped 865,985 peers since 2012

Featured Trellix Active Response reviews

Read more reviews

Trellix Active Response mindshare

As of August 2025, the mindshare of Trellix Active Response in the Endpoint Detection and Response (EDR) category stands at 0.2%, up from 0.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Market Share Distribution
ProductMarket Share (%)
Trellix Active Response0.2%
CrowdStrike Falcon14.1%
Microsoft Defender for Endpoint10.3%
Other75.4%
Endpoint Detection and Response (EDR)
 
 
Key learnings from peers

Valuable Features

Trellix Active Response offers enhanced analytics, user behavior analysis, and lightweight operation, unlike its CPU-intensive predecessor. Alerts notify of vulnerabilities promptly, aiding swift response deployment and operational efficiency enhancement. It enables network disconnection and system shutdown during incidents. Continuous monitoring supports MDR launch, correlating incidents and providing quick investigation reports. It's valuable for incident detection and response, offering visualization and logging capabilities.
  • "The alerts provided by Trellix Active Response are its most valuable feature."
  • "The alerts provided by Trellix Active Response are its most valuable feature."
  • "We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."

Room for Improvement

Trellix Active Response should enhance its lightweight nature and improve whitelisting and blacklisting capabilities. There is a need for advanced analytics and AI features. Users experience resource consumption issues and seek better cloud and on-prem integration. A more analytical user interface and improved dashboard visibility are desired, along with optimization for operational technology devices. Technical support and performance in handling engineering automation systems could also be improved.
  • "I would rate technical support from Trellix Active Response as a seven because sometimes we face difficulties finding engineers quickly, leading to customer frustration."
  • "The only area for improvement is regarding operational technology devices, specifically the engineering automation systems."
  • "I also expected Active Response 's user interface to be much more analytical."

ROI

Users highlighted significant improvements in threat detection and response times with Trellix Active Response, noting a measurable drop in incident resolution timeframes. Several users observed enhanced operational efficiency and cost savings attributed to proactive threat management capabilities. They also commended the intuitive interface and robust integration features, emphasizing its impact on streamlining cybersecurity workflows. An increase in the security team's productivity and a more effective allocation of resources were frequently mentioned benefits.

Pricing

Trellix Active Response typically offers a transparent pricing model with no setup costs, ensuring a smooth integration process for users. Pricing methods usually involve subscription-based models, accommodating per-user or per-endpoint licensing options. The pricing range varies based on the specific features and level of support required, catering to diverse organizational needs and budgets.

  • "Our costs were somewhere around $600K in Trinidad dollars, which might be about $100K US. We have the ETP plus the EDR. Our recent renewal was 1800 licenses as opposed to the full amount. Our transaction cost was about $600K Trinidad dollars, which is somewhere around $90-100K US."

Popular Use Cases

Organizations utilize Trellix Active Response primarily for endpoint protection on corporate-issued laptops and desktops. It supports remote workers by monitoring tools used daily, ensuring quick incident response. Trellix Active Response collects and correlates logs through the ePO dashboard, providing visibility for threat hunting and defense. Currently, it is replacing older systems, aiming to protect around 1,300 endpoints upon full deployment while maintaining parallel implementations for smoother transitions.

Service and Support

Trellix Active Response technical support is considered satisfactory by users. Engineers managing it report good experiences, although finding engineers quickly can sometimes be challenging. Interaction with partners and resellers usually occurs without issues, though the pandemic has slowed partner visits. Feedback on McAfee's support indicates room for improvement, with one user rating it seven out of ten. Companies handle support issues directly with McAfee and have not experienced significant technical problems.

Deployment

Trellix Active Response's initial setup was considered straightforward by various companies. Organizations used global policies and a combination of scans for deployment. Challenges included handling older versions, which required uninstalling before updates. Deployment was typically phased, with some using Microsoft SCCM. Teams often included engineers and specialists for managing operations. The separation of on-premises and cloud components simplified configuration, and the setup process generally lasted three to six months with user acceptance tests before production.

Scalability

Users mention Trellix Active Response as highly effective in handling large volumes of data with seamless integration. They appreciate its ability to easily scale for growing business requirements, noting strong performance and reliability. Some also highlight quick setup and straightforward deployment, making it a valuable tool for extensive security frameworks.

Stability

Users feel Trellix Active Response provides reliable performance and remains stable even under heavy use. They appreciate its consistent uptime and note that it rarely crashes. Some find it performs well in complex environments, handling large datasets efficiently. However, a few mention occasional delays during peak usage. The general sentiment emphasizes its robustness and dependability in various operational contexts.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Endpoint Detection and Response (EDR) Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Government
18%
Comms Service Provider
13%
Financial Services Firm
11%
University
8%
Aerospace/Defense Firm
5%
Non Profit
5%
Construction Company
5%
Performing Arts
5%
Energy/Utilities Company
3%
Educational Organization
3%
Logistics Company
3%
Manufacturing Company
3%
Recreational Facilities/Services Company
3%
Transportation Company
3%
Insurance Company
2%
Pharma/Biotech Company
2%
Real Estate/Law Firm
2%
Import And Exporter
2%
Media Company
2%
Legal Firm
2%

Compare Trellix Active Response with alternative products

Go!

Learn more about Trellix Active Response

Identify and Remediate Breaches Faster:
Access tools you need to quickly correct security issues. Send intelligence to analytics, operations, and forensic teams.

Target Critical Threats:
Get preconfigured and customizable actions when triggered, so you can target and eliminate threats.

Trellix Active Response was previously known as McAfee Active Response.

Trellix Active Response customers

Liquor Control Board of Ontario

Related questions

  • 839
What is the biggest difference between EPP and EDR products?
  • 134
What is the difference between EDR and traditional antivirus?
  • 24
What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
  • 24
Which is the best EDR for a logistics company with 500-1000 employees?
  • 55
What is the best EDR or XDR product for a company with 9000 employees?
  • 99
What to choose: an endpoint antivirus, an EDR solution or both?
  • 250
Do we need to use both EDR and Antivirus (AV) solutions for better protection of IT assets?
  • 71
How does EternalBlue work?
  • 94
What are the best on-premise Endpoint Security solutions for a Tech Services company with 10,000 employees?
  • 88
Which is better for Endpoint Security: EDR or XDR solutions?

Product Categories

Product Categories
Endpoint Detection and Response (EDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Trellix Active Response Logo
CrowdStrike Falcon vs Trellix Active Response
Microsoft Defender for Endpoint vs Trellix Active Response Logo
Microsoft Defender for Endpoint vs Trellix Active Response
Trellix Endpoint Security Platform vs Trellix Active Response Logo
Trellix Endpoint Security Platform vs Trellix Active Response
Trellix Endpoint Detection and Response (EDR) vs Trellix Active Response Logo
Trellix Endpoint Detection and Response (EDR) vs Trellix Active Response
See all alternatives
 
Trellix Active Response Reviews Summary
Author infoRatingReview Summary
Senior Manager Operational Technology and Cyber Security at Eskom Ltd4.0We use Trellix Active Response primarily for desktop endpoints, benefiting from its alerts that enhance threat detection and response efficiencies. Improvement is needed for operational technology devices. We see an ROI but didn't evaluate alternatives or use prior solutions.
Information Security Engineer at Nhq Distribution Ltd4.0I've used Trellix Active Response for nine years; it offers strong incident response, quick investigation reporting, and threat visualization, though the dashboard could be clearer. Setup has improved, and I rate it an eight out of ten.
IT Security Manager at Telecommunications Services of Trinidad & Tobago Limited (TSTT)3.0No summary available
IT Security Manager at Telecommunications Services of Trinidad & Tobago Limited (TSTT)3.5No summary available
Senior Manager Information Technology at a pharma/biotech company with 10,001+ employees3.0No summary available