We are in the energy market, specifically in energy generation. We got the Trellix EDR installed in most endpoints.

The tool helps us to traverse possible thread incidents thru our mult site network infrastructure. In case of any forensic case it will be helpful to hunt thru the history or evidence information the EDR collects.

Trellix Endpoint Detection and Response (EDR) is valuable because we have a Wide Area Network with many sites, and the EDR is cross-site since it is configured and managed from the cloud. This is very useful because it does not matter what is happening at one endpoint of the company in one site and the relation of an incident with another computer or endpoint at another site. All the tree of data that we have, which may be a lot of information help us to argue whether it is going to be a threat or not, can be analyzed. Most of the threats are not really threats, but we can see what is happening in the relations, in the networking, and the data that comes back and forth through our company's network infrastructure.

Threat hunting is valuable because it pinpoints what is happening everywhere in our networking infrastructure. We have a company contract working through a NOC- network operating center 24 hours a day. They are sending us reports many times a day if any threat is arising or asking why this operation has come through or if it is valid or not, or whether we have approved it. We have a lot of that type of information, but we need to manage the contract in a much more efficient way because I do not have the time to read the many information that comes through the network operating center, the security operating center, or the tools itself and the notification reports that I have. While I am managing the policies and the standards, I need a lot of people to monitor, detect, and recover if something happens. The tools are not useful for that. We need to have people with enough expertise to manage all of this.

I believe this is a product in evolution. I do not think it is a final tool to conduct forensics or information forensics of the incidents or information incidents that could arise in our network infrastructure. Trellix Endpoint Detection and Response (EDR) is interesting and is a very good entry point that has been evolving through the last years. In the next two months, I have a new contract, and we are pointing out to have an XDR solution with NDR and EDR together.

I do not have enough time to do it because I am the manager. However, my coworkers do not understand it yet. I have a contract with a third-party company that is making reports around that, but also they do not have enough experience or enough utility of this.

It would be interesting if I have a notification system from EDR. For example, if I am the manager, it would be interesting to have a warning, alarm, or something around that which could call me to get into the system and the dashboard to see what is happening. For example, if it is a high-level threat. However, most of them are just advisory or warnings. I do not enter the tool frequently. I guess I access it once every three months.

I have been using Trellix Endpoint Detection and Response (EDR) for about six years.

As mentioned, this is an evolutionable tool. In the past there has been many times when the tool clogged the endpoints and we had to uninstall it. Windows (c) 10 enterprise edition, for instance, has some problems.

I have not scalate the EDR solution yet. We have not had a critical alert to do it. It's supossed that the SOC company should do it just in the case.

Tech support may be tricky if the support comes from Asia experts. Eeryone here speaks spanish and I are not affordable most of time. The tech is interesting when a high support level is called. Once someone from Argentina helped me that has excellent skills. We need more like her.

No other EDR solutions.

I guess it was complex. To get the EDR operating useful I had to wait around 2 years.

Bafing from Peru is an integrator and consultant. They had done all of the work, and accompanied us many years.

Of course this is a yes. I had called the US partner during the past years when I need the support directly from the manufacturer and I got all the help to workaround or overcame issues. That had happended when my local partner company was not enough.

I pay for what we get. But the service level from my partner company is not enough to overcome a complex case.

We are a gobernment company, so we ask the system to contract a company that is resourceful with cybersecurity withount mentioning the name or mark. We had been using Trellix since it was Mc Afee. But I had evaluated solutions from Microsoft, Panda, ESNET, as general malware tools.

This year, I am planning to have a training for all the personnel of the company in every department so they can learn the basics of the endpoint tool. They can have more actions for possible threats or everything so they can help my department to make a better and faster action if something real is happening. Something like ethical hacking or a service, but using my own personnel in the company. I know that it is difficult, but I want to try to make that this year.

I have evaluated many products including Fortinet environment and a lot of appliances, and also many other products that we have now. I have evaluated around six or seven other brands or other products. However, I have learned Trellix Endpoint Detection and Response (EDR) tools and before that McAfee, around two decades. It is enough expertise that we have made. I do not want to lose that with maybe another interesting tool. For example, what would be interesting is if an XDR tool that can help us in managing the threats of the cybersecurity environment uses AI as an agent, a trained agent that helps our department, so it has to be trained first by a company like Trellix or another with the expertise or the capacity to help us actually. That is one thing I can recommend.

In February or March, I am signing a new contract with five levels, three more levels of security that we have now. We will have the tool, the SOC, the operating center service, and we need to manage applications firewall, web filtering, and XDR, and maybe next year also PAM and so on. I rated this solution an 8 out of 10.

I use the solution in my company for malware detection. My customers are mostly banking and government organizations.

The most valuable feature of the solution is its area for threat detection.

When it comes to some unknown fileless attacks, the tool is not able to detect them properly, making it an area where improvements are required.

The tool's support needs to improve in the areas of response it provides to users.

I have been using Trellix Endpoint Detection and Response (EDR) for two and a half years.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution an eight out of ten.

I rate the technical support a seven and a half out of ten.

The solution is SaaS-based, and we have deployed it using the hybrid cloud model.

The tool's deployment phase is a lengthy process. For one endpoint, it takes 15 to 20 minutes.

The tool is cost-effective. Many agents need to be installed, and on-premises integration is required.

I haven't worked on the tool to see how it works for security workflow.

My customers have not seen any challenges while working with Trellix Endpoint Detection and Response (EDR) in terms of integrations.

The tool does not support any AI and security initiatives.

The tool is suitable for enterprise companies.

If businesses are completely on the cloud, then the tool is not required. If a company has a hybrid cloud model with an on-premises model, then it will be a good tool to use.

I rate the tool an eight out of ten.

I've used Trellix EDR to improve endpoints and servers' security and feed into MDR solutions.

The most useful features are behavior monitoring, DLP, and access control. The automation has gotten much better in the last two years than when it was McAfee. It works better now and integrates more smoothly.

I'd like the tool to become more like an XDR, with one management system and endpoint activation.

I have been using the solution for seven years.

Sometimes, stability issues come from incorrect partner deployments, not Trellix EDR itself.

I rate the tool a seven out of ten. To improve it, I'd like a cloud-based management system where I only need to put a correlator at the client's site, as CyberArk does. The best setup would be cloud management, a manager in a VM, and super agents on endpoints.

My opinion about technical support might be biased because I have direct access to top-level senior staff. I know some people struggle with support if they go through normal channels.

Setting up the solution is easy for me because I've been in cybersecurity for almost 30 years, but new users might find it hard. Depending on the client's needs, it can be set up on-premises, in a private or hybrid cloud, or fully in the cloud. Setting it up can take a few days for small environments or months for big companies with thousands of endpoints.

Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand.

Our clients are usually medium-sized and enterprise businesses. Overall, I would recommend Trellix EDR to others. I'd rate it eight and a half out of ten. No EDR or XDR solution gets a nine from me right now because they all have room for improvement.

We use the solution to detect and identify critical management activities. Within the network level, you can understand what is happening in the environment. Organizations using complex systems for various purposes can easily identify shared activity within the environment. There is a detection base that allows us to identify and manage threat events. The solution also includes licenses for forensic investigations of any attack that occurs. Details can be found within the platform's release at the end of the month or whenever needed. Any Trellix malware activity will be displayed on the dashboard, and the moderating services will be integrated into everything we have built.

The dashboard makes it easier and more effective to analyze data. It also allows us to access the AWS analytics and system features in one place. If we need to find specific details about an endpoint, we can determine what is happening and how any organization is affected by the data provided.

The better approach is to apply the necessary improvements to make the dashboard more effective and user-friendly. If simplified, users can investigate issues in more detail by clicking on the relevant sections. Making it simpler would enhance understanding and improve the investigation process. Customers currently using the system can view everything on a single dashboard, which is very effective for understanding all scenarios and activities.

Customers rely on a single platform When they notice an incident, response, or attack. In SOC analysis teams, especially in banks or traditional organizations, the entire team needs access to the scenario on one platform. This allows them to understand the dashboard and detect any ongoing activity easily. Once they identify an issue, they can proceed with further analysis. Customers need a clear and visible platform that helps them understand when and how their site is being compromised.

The dashboard is split across different platforms. For example, if you want information on Incident Detection, you have to access one dashboard, and for DLP reporting, there's a separate platform. This fragmentation means you can't access everything from a single dashboard. Instead, you must navigate various options to find the right dashboard. This setup results in a separate view for each function. Ideally, we'd like to consolidate this into a unified platform, making it easier to identify site behaviors from one centralized dashboard.

I have been using Trellix Endpoint Detection and Response (EDR) as a reseller.

We initially used McAfee's VSP and Varia System Enterprise products. After transitioning to Endpoint Security, particularly in version 10 or 7, we encountered performance issues on systems running Windows 7. The high resource utilization caused significant slowdowns, leading to numerous complaints, especially from Sakasho. The EDR was consuming too many system resources, which impacted overall performance. However, with the newer versions, like those in the InVision EPO, these issues seem to have been resolved, and the system now operates more efficiently. The current product is expected to be much lighter and more stable.

I rate the solution’s stability an eight out of ten.

I highly appreciate service architecture. They are developing day by day.

We are an enterprise that provides solutions through Trellix EDR that various external customers use. Our solutions are deployed in a large and diverse environment, including companies, telecoms, and major banks. These organizations rely on our products for their protection needs.

There are multiple ways to get support. You can create a case through your partner or support portal by calling. If necessary, you can raise a call and follow up immediately.

We operate within our environment and country. One of our clients, is interested in using our on-premises solution. They are hesitant to adopt a cloud-based solution due to concerns about data security. They worry that storing data in the cloud could expose it to unauthorized access. They are confused about how the cloud handles sensitive data like CPU data and prefer to keep their information on-premises. However, other banks have embraced cloud solutions and understand their value. Over time, as more companies study and become comfortable with cloud technology, we believe others will also follow and move to the cloud. We hope to maintain their interest in our services.

Its machine learning capability is strong, and the AI configurations and system integration enhance its effectiveness. The API solutions added to this system allow us to detect and respond to incidents quickly. The quick response is also due to Edge Solutions and specific-type solutions, enabling us to conduct thorough investigations and generate reports on the platform.

I recommend Trellix Endpoint Detection and Response (EDR) because it offers strong capabilities. It’s worth noting that XDR solutions are also available and might be more effective. These XDR solutions are advanced technologies with enhanced features, including improved API integration.

Overall, I rate the solution an eight out of ten.

The solution is used for threat hunting and incident response.

Trellix is a good solution. It helps with real-time monitoring and alerts. We are pretty satisfied with it. The product is user-friendly. It improves our security posture.

The graphical view for nodes must be increased.

I have been using the solution for two years.

The tool’s stability is good.

The tool is scalable.

We need three to four months to learn the tool. We were given training. It is not difficult if we read the documents properly.

The price is reasonable.

We were looking for other solutions. Whoever is interested in the product can learn to use it. Overall, I rate the solution an eight out of ten.

We use the tool for threat hunting. It detects a lot of threats daily.

We do not need to monitor the network all the time because the solution is completely automated. The administrators’ time can be dedicated to improving other projects.

The antivirus and DLP features are valuable. Now, we have a campaign to encrypt all the drives of the company. We have a solution for network access control from Fortinet. When Trellix detects some threats, the device is isolated in a quarantine zone for examination. We integrate Trellix Endpoint Detection and Response with other solutions to perform such isolations. We also use products for log monitoring and correlation and create use cases for automatic response.

The technical support must be improved. We had a problem with the Web Control plug-in with Edge and Chrome. The plug-in was disabled, and the resolution took a lot of time.

I have been using the solution for two years.

The stability is good. I rate the tool’s stability an eight out of ten.

The scalability is good. I rate the tool’s scalability an eight out of ten.

I rate the ease of setup an eight out of ten.

Our clients were using McAfee before. We switched to Trellix because of its price and technical specifications.

We also have a DLP problem with Outlook. Sometimes, people cannot send emails because of an error. We detect the threat, and our clients manage the response. We send a communication, and the clients manage the response for the threat detected. We only administer the tool. Overall, I rate the product an eight out of ten.

We're looking at the logs, and the customer defines the solution's use cases.

Trellix Endpoint Detection and Response is a user-friendly solution. The biggest strength of the solution is that it's an integrated product that includes EDR and antivirus. It's not like you have different technologies for different solutions.

Some modules that are doing machine learning and artificial intelligence are blocking our processes.

I have been using Trellix Endpoint Detection and Response for one year.

Overall, I rate Trellix Endpoint Detection and Response an eight out of ten.

The product provides a one-click recovery of encrypted files. Threat hunting is marvelous.

The product must improve the ability to work with different operating systems like Windows and macOS. The CPU utilization of the product is quite high compared to its competitors. The agent file size is higher. The number of services that run on a system is quite high. Other EDR solutions have only a single service running on it.

I have been working with the product from the day of inception. I am using the latest version of the solution.

The stability is good. I rate the stability a nine and a half out of ten.

I rate the tool’s scalability a ten out of ten. The solution is suitable for small, medium, and large enterprises.

The support is great.

The initial setup is simple. It can be done in a couple of days. The solution is cloud-based.

The product’s aggressiveness in competing with the competitor's pricing is almost nil. The pricing is always high. I rate the pricing a three and a half out of ten.

We can compare the tool with SentinelOne and CrowdStrike. Kaspersky and Trend Micro cannot compete against the solution.

People must always evaluate the product first. They must see the difference in manageability and flexibility of the licenses. They must also consider the manageability and flexibility of the software before making a decision. Overall, I rate the solution a nine out of ten.

Trellix Endpoint Detection and Response (EDR) is a very advanced solution, and it can work very well since it helps a user get very deep and very detailed information. With Trellix Endpoint Detection and Response (EDR), I can collect everything from the client without any problem. Trellix EDR API rate is very high, and they cover a very large number of attacks and IOCs because it stands as a highly corrected product with the help of a very high-level research and development team.

The most valuable features of the solution stem from the fact that the response and coverage that the tool provides are very high. The functionality of the product in terms of recovery and IOCs is very nice. The details included in the IOCs are something you can refer to with the help of the product's knowledge base, meaning you can get a reference about attacks and IOCs from certain databases of the tool, and it also covers the new attacks.

In my opinion, Trellix Endpoint Detection and Response (EDR) is one of the best tools that I have worked with till now.

One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement.

The interface should be easier to use, and Trellix needs to provide training to explain how to use the solution, as these are areas where the solution lacks and needs to improve.

I have been using Trellix Endpoint Detection and Response (EDR) for two years. I operate as an implementer of the solution in my company.

Stability-wise, I rate the solution a nine out of ten.

Only skillful people can work with the solution, as only an old or experienced person will have all the capabilities and the power to improve and search for processes. In general, a person needs to know how to use the solution.

Scalability is something that has emerged as a new requirement, and it may be very hard to use the features that can make the solution more scalable.

My company doesn't have many customers currently using the product.

The product is mostly for enterprise-sized businesses. The product works nicely for enterprise businesses.

I have worked with many EDR products in the past, but I feel that Trellix is a very remarkable product because of its capabilities.

The product's initial setup phase was very straightforward since you just need to install it, and it works.

The product's deployment phase had very few steps because it was made available as a preconfigured device without the configurations, and with the network configuration, everything works fine.

The solution is deployed on an on-premises model.

The solution can be deployed in an hour.

The maintenance and deployment of the solution require the same number of people as for Kaspersky.

Some benefits are available for the users from the use of the solution as it provides nice visibility of the whole environment and the endpoints in an environment, but there is a need to have someone with the technical background to manage it.

The licensing costs attached to the solution are very easy to manage. There is a need to make yearly payments towards the licensing costs.

Trellix Endpoint Detection and Response (EDR) is a product that is meant for enterprise-sized businesses, and it would not be good for small and medium-sized businesses.

I rate the overall tool a nine out of ten.

In my company, we use Trellix Endpoint Detection and Response (EDR) since it is a very helpful product. In my company, we install Trellix Endpoint Detection and Response (EDR) for all our machines and endpoints, along with Trellix Cloud Security. Trellix EDR can be integrated with Trellix SIEM. Trellix and McAfee Endpoint Security are used in our company as they offer endpoint protection.

Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment.

Trellix purchased McAfee two years ago. At this moment, it may seem a bit difficult if I explain Trellix and McAfee separately. Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint provide endpoint protection. In the future, if Trellix can compile both the products, Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint, into one solution, our company need not install multiple agents, which can reduce the workload for IT and make the tool easy to manage.

The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution. If both tools are combined into a single solution, it will become easier for a user to manage and deploy such a product.

I have been using Trellix Endpoint Detection and Response (EDR) for two years.

It is a stable solution.

It is a scalable solution.

Around 600 users use the solution.

My company plans to increase the use of the solution by 20 percent.

I have experience with the solution's technical support.

Speaking about the product's setup phase, in our company, we deploy it with the endpoint management setup system. When in our company, we have any new applications, the endpoint management setup system automatically deploys for all the agents.

The solution can be deployed in twenty minutes to complete all the components of the installation phase.

For deployment, my company uses a deployment application since we have to deal with endpoints in my organization, and other than that, if there is a requirement for deployments, then we use it to take care of such a setup phase. The deployment can be done automatically for the endpoint.

The solution is mostly deployed on the cloud, but at times, it may be deployed on a hybrid cloud.

Speaking about the price, you must use the product to find the product's cost for you.

I recommend the solution to others in the future.

I rate the overall tool an eight out of ten.