• Home
  • NetWitness XDR vs. Trellix Endpoint Security

NetWitness XDR vs Trellix Endpoint Security comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 80 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
NetWitness Logo
NetWitness XDR
Read 15 NetWitness XDR reviews
940 views|659 comparisons
87% willing to recommend
Trellix Logo
Trellix Endpoint Security
Read 96 Trellix Endpoint Security reviews
17,617 views|10,465 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
NetWitness XDR vs. Trellix Endpoint Security
May 2024
Executive Summary
Updated on Jul 8, 2023

We performed a comparison between Trellix Endpoint Security and NetWitness XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. NetWitness XDR is commended for its prompt threat response, seamless integration capabilities, and user behavior analytics. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say NetWitness XDR could improve its threat intelligence and investigation. Some suggested updates to its reporting engine.

  • Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. NetWitness XDR provides effective 24/7 technical support. While some were satisfied with the response times, others experienced delays of up to 48 hours.

  • Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found the initial setup of NetWitness uncomplicated, but others faced challenges.

  • Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of NetWitness XDR depends on the environment and the number of endpoints. Larger users can receive discounts, but users say the solution might be too pricey for smaller companies. NetWitness XDR provides various licenses, including some that feature premium support.

  • ROI: Users reported saving time by implementing Trellix Endpoint Security. NetWitness XDR has demonstrated positive outcomes by improving threat detection capabilities and facilitating digital forensics.

Comparison Results: Our users prefer Trellix Endpoint Security over NetWitness XDR. Users praised Trellix's extensive management capabilities, low resource usage, and reasonable price. NetWitness XDR receives mixed reviews for its slower performance, and complex licensing. Users also that NetWitness could improve its threat intelligence and user interface. Trellix Endpoint Security earned positive feedback for its customer service and support, while some NetWitness users were unsatisfied with response times.

To learn more, read our detailed NetWitness XDR vs. Trellix Endpoint Security Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Benjamin Van Der Westhuyzen
Provides us with better insight into what's going on across our platform
It provides us with better insight into what's going on across our platform. It has also given us a very easy way to respond when threats or alerts... Read more →
Anonymous User
Advanced threat detection undermined by issues with blocking
NetWitness Endpoint has enabled us to detect attacks that bypass the first stage of cybersecurity, like zero-day and advanced attacks.
AjaiVictoria
Useful for containment and taking a triage image
Trellix Endpoint Security is good for doing containment immediately. We can get visibility of processes or services running all over the... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years.""The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there.""All of the security components are valuable including, antiphishing, antispam, and stage three antivirus.""Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment.""In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments.""The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI.""The product is very easy to use.""The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."

More Microsoft Defender XDR Pros →

"Ability to isolate the machine when there are malicious files.""This solution allows us to locate the malware in real-time.""It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great.""The most valuable feature is the way it captures the traffic, and it contains every detail of the communication.""NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console.""The stability of the RSA NetWitness Endpoint is very good.""It helps our security team respond more accurately when there are threats, then we get less false positives or negatives.""Technical support is knowledgeable."

More NetWitness XDR Pros →

"It has a very simple like multi-tenancy option and scalability is outstanding.""It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts.""The product helps us by contacting us if there are any virus attacks on our system.""The product has a robust reporting feature""The thing that I like is that they have gathered almost all the products in one management server, the ePolicy Orchestrator.""The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible.""We receive good protection with this solution.""The solution includes a good combination of features for both signature and signature-less."

More Trellix Endpoint Security Pros →

Cons
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails.""The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category.""While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience.""The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging.""Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR.""There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial.""Just like in any solution, the price can always be cheaper.""Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."

More Microsoft Defender XDR Cons →

"The contamination feature could be improved.""Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.""RSA NetWitness Network could improve on integration with non-native application integration.""The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge.""I would like to see Security Orchestration and Response Automation (SOAR) integration.""The solution lacks a reporting engine.""When analyzing something, you have to click several times. It requires a lot of effort to find something."

More NetWitness XDR Cons →

"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it.""The tool could provide more advanced protection.""The DAC (Dynamic Application Containment) component of this product needs improvement.""The VirusScan needs to improve in order to detect ransomware and other advanced threats.""The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place.""One of the drawbacks is that it is not 100% secure.""While we are pleased with the endpoint solution, there should also be a separate one for the firewall.""It would be nice if the solution was a bit more stable."

More Trellix Endpoint Security Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

    • More NetWitness XDR Pricing and Cost Advice →

  • "The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license."
  • "Pricing is fair."
  • "No comment."
  • "The pricing is comparable to other solutions on the market."
  • "This product is costly."
  • "It's fairly priced compared to other products on the market."
  • "Pricing is reasonable and runs at a cost per user per year."
  • "It is not that expensive. There is no additional cost. We got the entire bundle together."

    • More Trellix Endpoint Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and… more »
    Read all 41 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying… more »
    Read all 31 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionally… more »
    Read all 40 answers   →
    What do you like most about NetWitness XDR?
    Top Answer:Technical support is knowledgeable.
    Read all 15 answers   →
    What is your experience regarding pricing and costs for NetWitness XDR?
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the… more »
    Read all 10 answers   →
    What needs improvement with NetWitness XDR?
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat… more »
    Read all 14 answers   →
    How does McAfee Endpoint Security compare with MVISION?
    Top Answer:The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy… more »
    Read all 2 answers   →
    What do you like most about McAfee Endpoint Security?
    Top Answer:It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and… more »
    Read all 53 answers   →
    What is your experience regarding pricing and costs for McAfee Endpoint S...
    Top Answer:I would emphasize its affordability rather than merely focusing on cheapness. It provides good value by striking a… more »
    Read all 32 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    RSA ECAT, NetWitness Network
    McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
    Learn More
    Microsoft
    NetWitness
    Video Not Available
    Trellix
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

    Trellix Endpoint Security Benefits

    • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

    • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

    • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

    Trellix Endpoint Security Top Features

    • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

    • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
    • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

    Reviews from Real Users

    “It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

    “There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    ADP, Ameritas, Partners Healthcare
    inHouseIT, Seagate Technology
    Top Industries
    REVIEWERS
    Manufacturing Company16%
    Computer Software Company16%
    Financial Services Firm12%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company15%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company22%
    Financial Services Firm20%
    Comms Service Provider9%
    Government9%
    VISITORS READING REVIEWS
    Educational Organization37%
    Government9%
    Computer Software Company8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise24%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise18%
    Large Enterprise56%
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise16%
    Large Enterprise67%
    REVIEWERS
    Small Business42%
    Midsize Enterprise22%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise45%
    Large Enterprise41%
    Buyer's Guide
    NetWitness XDR vs. Trellix Endpoint Security
    May 2024
    Free Report: NetWitness XDR vs. Trellix Endpoint Security
    Find out what your peers are saying about NetWitness XDR vs. Trellix Endpoint Security and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    NetWitness XDR is ranked 41st in Endpoint Protection Platform (EPP) with 15 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 96 reviews. NetWitness XDR is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our NetWitness XDR vs. Trellix Endpoint Security report.

    See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.

    We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.