Trellix Active Response Reviews

Name: Trellix Active Response
Brand: Trellix
Rating: 3.4 (4 reviews)

3.4 out of 5

4 reviews
33% willing to recommend

What is Trellix Active Response?

Continuous Visibility into Your Endpoints:
Capture and monitor events, files, host flows, process objects, context, and system state changes that may be indicators of attack or dormant attack components.

Get the Endpoint Detection and Response (EDR) Buyer's Guide and find out what your peers are saying about Trellix Active Response, CrowdStrike Falcon, Microsoft Defender for Endpoint and more!

Trellix Active Response is the #46 ranked solution in EDR tools. PeerSpot users give Trellix Active Response an average rating of 6.8 out of 10. Trellix Active Response is most commonly compared to CrowdStrike Falcon: Trellix Active Response vs CrowdStrike Falcon. Trellix Active Response is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a government, accounting for 17% of all views.

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Get the category report

Helped 856,873 peers since 2012

Featured Trellix Active Response reviews

Ezzard De Lange

Senior Manager Operational Technology and Cyber Security at Eskom Ltd

We use Trellix Active Response primarily for our endpoints, including desktop computers. It monitors all the tools that our users use for their day-to-day work The alerts provided by Trellix Active Response are its most valuable feature. They notify us immediately of any vulnerabilities on the…

Read full review

LeonWessels

IT Security Manager at Telecommunications Services of Trinidad & Tobago Limited (TSTT)

We're still in the early stages of evaluating the solution because I haven't yet fully deployed all my endpoints. At this point, I would rate Active Response six out of 10. My advice to those considering Active Response is to do proper data testing. You should run scenarios and use cases to determine whether this solution fits your organization's needs. Make sure you do those things first because you could do a POC, but it looks different in production.

Read full review

LeonWessels

IT Security Manager at Telecommunications Services of Trinidad & Tobago Limited (TSTT)

It's still not lightweight enough and not as light as they claim to be with the McAfee area of a next-gen AV. They can do some improvements along that line. There needs to be some improvement around the white-listing or black-listing. The product could improve aspects around the removal of blacklisted applications, et cetera. This was an exercise to centralize the AV cell, and that's how we ended up upgrading. The truth, however, is that I was really looking for something much more advanced with user behavior analytics and some AI features that the other competitor's next-gen AV does offer. It is okay for what it's doing now, however, it's not the ultimate software. There are some components on the cloud that should also reside in the on-prem deployment models but don't. They should ensure they are doing parallel development for cloud and on-prem when they are doing R&D.

Read full review

Trellix Active Response mindshare

As of June 2025, the mindshare of Trellix Active Response in the Endpoint Detection and Response (EDR) category stands at 0.2%, up from 0.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Key learnings from peers

Valuable Features

Trellix Active Response receives praise for its real-time monitoring capabilities, efficient threat detection, and robust automated response features. Users appreciate its intuitive dashboard and comprehensive reporting tools. Enhanced endpoint visibility and effective integration with other security tools are highlighted as key strengths.

"The alerts provided by Trellix Active Response are its most valuable feature."
"The alerts provided by Trellix Active Response are its most valuable feature."
"We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."

Room for Improvement

Trellix Active Response requires improvement in areas such as reducing its heaviness and enhancing white-listing and black-listing capabilities. Users desire centralized components in both cloud and on-premise deployments with improved user behavior analytics and AI features. There are concerns about support quality and EDR-related slowdown issues. The interface could be more analytical. Resource consumption should be lower. There's a need for optimization in operational technology and engineering automation systems similar to normal endpoints.

"The only area for improvement is regarding operational technology devices, specifically the engineering automation systems."
"I also expected Active Response 's user interface to be much more analytical."
"While the product is good, we are currently facing support issues."

ROI

Users highlighted significant improvements in threat detection and response times with Trellix Active Response, noting a measurable drop in incident resolution timeframes. Several users observed enhanced operational efficiency and cost savings attributed to proactive threat management capabilities. They also commended the intuitive interface and robust integration features, emphasizing its impact on streamlining cybersecurity workflows. An increase in the security team's productivity and a more effective allocation of resources were frequently mentioned benefits.

Pricing

Trellix Active Response typically offers a transparent pricing model with no setup costs, ensuring a smooth integration process for users. Pricing methods usually involve subscription-based models, accommodating per-user or per-endpoint licensing options. The pricing range varies based on the specific features and level of support required, catering to diverse organizational needs and budgets.

"Our costs were somewhere around $600K in Trinidad dollars, which might be about $100K US. We have the ETP plus the EDR. Our recent renewal was 1800 licenses as opposed to the full amount. Our transaction cost was about $600K Trinidad dollars, which is somewhere around $90-100K US."

Popular Use Cases

Organizations utilize Trellix Active Response chiefly for endpoint protection on corporate laptops and desktops. This replaces existing McAfee on-prem solutions, focusing on workstations rather than servers. Trellix monitors tools used by employees during daily tasks, ensuring security for remote workers and enabling coverage of approximately 1,300 endpoints once fully deployed. Its application is geared predominantly toward safeguarding remote operations and facilitating a secure digital environment in professional settings.

Service and Support

Users report satisfaction with Trellix Active Response's customer support. Technical support is considered reliable and issues are resolved without problems, though interactions have reduced since the pandemic. Users work with partners and McAfee, finding assistance satisfactory but noting some delays. Previous experiences suggest room for improvement. Technical support receives a score of seven out of ten, indicating users see potential for enhanced service. Relationships with partners remain stable despite the current global situation.

Deployment

Trellix Active Response's initial setup was facilitated by on-site engineers, using global policies and training for a smooth process. Challenges involved outdated versions needing manual updates. Deployment occurred in phases, initially covering a sample of one hundred, then expanding organization-wide over two weeks. Dedicated staff manage operations and governance. Another team managed the setup with Microsoft SCCM. Rated between eight and nine in ease, the deployment took three to six months, including user acceptance tests.

Scalability

Users mention Trellix Active Response as highly effective in handling large volumes of data with seamless integration. They appreciate its ability to easily scale for growing business requirements, noting strong performance and reliability. Some also highlight quick setup and straightforward deployment, making it a valuable tool for extensive security frameworks.

Stability

Users feel Trellix Active Response provides reliable performance and remains stable even under heavy use. They appreciate its consistent uptime and note that it rarely crashes. Some find it performs well in complex environments, handling large datasets efficiently. However, a few mention occasional delays during peak usage. The general sentiment emphasizes its robustness and dependability in various operational contexts.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Endpoint Detection and Response (EDR) Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews

Government

17%

Financial Services Firm

13%

Comms Service Provider

11%

University

Aerospace/Defense Firm

Media Company

Real Estate/Law Firm

Non Profit

Outsourcing Company

Logistics Company

Energy/Utilities Company

Construction Company

Educational Organization

Recreational Facilities/Services Company

Computer Software Company

Transportation Company

Import And Exporter

Legal Firm

Manufacturing Company

Performing Arts

Pharma/Biotech Company

Wholesaler/Distributor

Compare Trellix Active Response with alternative products

Learn more about Trellix Active Response

Identify and Remediate Breaches Faster:
Access tools you need to quickly correct security issues. Send intelligence to analytics, operations, and forensic teams.

Target Critical Threats:
Get preconfigured and customizable actions when triggered, so you can target and eliminate threats.

Trellix Active Response was previously known as McAfee Active Response.