We performed a comparison between Microsoft Defender for Endpoint and Trellix Active Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The product detects and blocks threats and is more proactive than firewalls."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"NGAV and EDR features are outstanding."
"We apply the DLP policies across a range of endpoints and it is very accurate when reporting vulnerabilities, including those in email attachments."
"It performs well. The stability is seamless."
"It is stable and very easy to use."
"I've started to test it from the security point of view. There are plenty of features that are interesting, but at this time, the XDR functionality is most valuable. It is endpoint security on steroids."
"The most valuable aspect lies in its automation capabilities, particularly within security automation."
"The biggest benefit to Windows Defender is that it is built-in to the operating system by Microsoft."
"The intelligence mechanisms are good."
"The most important feature is the way it monitors the threats and blocks them. About 10 days ago, we were implementing SOC for a particular client. The SOC was not yet implemented, but they had Microsoft Defender. That organization was hit by some ransomware, but the hacker could not succeed. Because of the EDR, the hacker could not install the hacking tools. They were trying to do that, but Microsoft Defender completely blocked that. The hacker could log into the system, but they could not install anything."
"We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."
"It's a little lighter compared to the older version, which was mostly signature-based."
"The solution is scalable."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The support needs improvement."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Making the portal mobile friendly would be helpful when I am out of office."
"We'd like to see more one-to-one product presentations for the distribution channels."
"My main issue with the tool is that there are too many menus. This causes a steep learning curve for those without training or unfamiliar with Defender for Endpoint. From an end-user perspective, the solution is there on the machine and does its job; it works seamlessly. However, as a security professional dealing with it behind the scenes, the learning curve can be steep, but not too steep. Still, it has taken some of my analysts up to a month to get familiar with the product."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"They should come up with pre-built inner workflows."
"Microsoft Defender for Endpoint is not as robust, and you cannot customize it much, so that's a challenge."
"If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help."
"The frequency of the patching, and the frequency of the updates, are not included with the free version."
"Right now, there's a portal for Azure, portals for Microsoft Office, and portals for endpoints. It would be good to have only one portal and integrate everything."
"Additional security would be beneficial."
"There are some components on the cloud that should also reside in the on-prem deployment models but don't."
"I also expected Active Response 's user interface to be much more analytical."
"While the product is good, we are currently facing support issues."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Earn 20 points
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while Trellix Active Response is ranked 57th in Endpoint Detection and Response (EDR). Microsoft Defender for Endpoint is rated 8.0, while Trellix Active Response is rated 6.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Active Response writes "Lighter with good stability and pretty good technical support". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas Trellix Active Response is most compared with Trellix Endpoint Detection and Response (EDR) and Trellix Endpoint Security (ENS). See our Microsoft Defender for Endpoint vs. Trellix Active Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.