My main use case for Trellix Endpoint Detection and Response (EDR) is the automatic detection of threats and automatic threat detections and response, as there are many use cases that we are currently working with for this Trellix Endpoint Detection and Response (EDR) solution.

For a quick specific example of how I use Trellix Endpoint Detection and Response (EDR) for threat detection and response in my day-to-day work, Trellix Endpoint Detection and Response (EDR) solution is integrated with our organization's endpoint, monitoring all endpoint activity and detecting advanced threats such as ransomware, fileless malware, exploits, and living-off-the-land attacks. It uses behavior-based analysis as well as machine learning advanced threat intelligence to identify suspicious activity across the traditional antivirus solutions, making it a really great solution for threat protections and detections.

The best features Trellix Endpoint Detection and Response (EDR) offers primarily include advanced threat detection, which utilizes AI-driven analytics and capabilities to identify and respond to threats. It continuously collects data from different sources to perform a comprehensive analysis to identify endpoints. Another key feature is its forensic capability, which captures critical data, files, memory, and processes running on the host, allowing it to quickly take action in terms of containment, investigations, and automated responses, including integration with MITRE ATT&CK framework.

Out of the features I mentioned, I find myself relying on advanced threat detection the most because it quickly identifies emerging threats across the business and takes action in terms of detection as well as the response, also identifying the containment of devices, isolating devices, and taking IOCs blocking to the global organization level, which is enhanced by great forensic capabilities as well.

Trellix Endpoint Detection and Response (EDR) has positively impacted our organization by improving overall efficiency, overall detection and response capabilities, and the capability to improve threat detections as well as the overall efficiency, time utilized, resource management, and analytic use cases review, significantly enhancing the business functionality.

Regarding improvements needed for Trellix Endpoint Detection and Response (EDR), there are many ways the EDR solution can improve, but I do not see any specific area where improvement is necessary.

I think Trellix Endpoint Detection and Response (EDR) is a really good solution with no major improvements needed, though if Trellix support can be improved, that would make it even better, especially given its good integration with the cloud for updates and feature deployment.

I have been using Trellix Endpoint Detection and Response (EDR) for more than four years.

Trellix Endpoint Detection and Response (EDR) is very stable.

Trellix Endpoint Detection and Response (EDR) is really scalable, allowing easy deployment with its agent across all devices and servers within the organization.

The customer support for Trellix Endpoint Detection and Response (EDR) is excellent.

We previously used Cisco AMP EDR solution, but we prefer Trellix Endpoint Detection and Response (EDR) as it is more effective in detecting emerging threats.

We purchased Trellix Endpoint Detection and Response (EDR) through the AWS Marketplace.

I have seen a return on investment with Trellix Endpoint Detection and Response (EDR); a lot of time is saved as it minimizes the efforts of manual work, requiring very few analysts to process all those alerts, thus improving operational efficiency and overall.

Regarding pricing, setup cost, and licensing, our leadership or management generally discusses these aspects, and the vendor is very supportive in terms of deployment and setup costs. For the license requirement, we worked with the vendor to secure the minimum price for Trellix endpoint solutions, with no additional costs charged by the vendor.

Before choosing Trellix Endpoint Detection and Response (EDR), we evaluated other options including Cisco Antimalware protections and Symantec Endpoint Protection, but Trellix Endpoint Detection and Response (EDR) turned out to be a much better solution.

This EDR solution stands out through its automated threat response, forensic investigation capabilities, and integration with the MITRE ATT&CK framework. Compared to other solutions, such as Cisco Antimalware protections and Symantec Endpoint protections, Trellix Endpoint Detection and Response (EDR) is not just behavior-based analysis but also supports signature-based analysis.

My advice for others looking into using Trellix Endpoint Detection and Response (EDR) is that they should work with the vendor on deployment and integrations with the EDR agent, ensuring complete discussions with the vendor for better results.

I think Trellix Endpoint Detection and Response (EDR) is a really good solution, with no performance glitches, performance behavior gaps, or discontinuities. I would rate this solution a 10 on a scale of one to ten because it not only serves as an EDR solution but also excels in detecting and responding to behaviors based on data, quickly identifying processes running on the host and correlating the data, taking action very quickly, making it a very good solution without any gaps that I see.