Trellix WISE GenAI

My main use case for Trellix Endpoint Detection and Response (EDR)  is for real-time detection, response, and threat visibility. Trellix Endpoint Detection and Response (EDR)  continuously monitors our endpoint activity and applies analytics plus behavioral monitoring to detect suspicious behavior, malware, ransomware, fileless attacks, and many more.

Once a threat is detected, it triggers automated or manual response where the security team takes action.

In addition to my main use case, Trellix Endpoint Detection and Response (EDR) also provides data collection and investigation tools so that security teams can investigate how an attack happened, what artifacts or behavior were involved, and scope the damage.

The best features Trellix Endpoint Detection and Response (EDR) offers include real-time detection, response, threat visibility, forensic and post-incident investigation plus threat hunting, and unified endpoint protection.

The forensic investigation and threat hunting features of Trellix Endpoint Detection and Response (EDR) have helped my security team by providing data collection and investigation tools so that our security teams can investigate how an attack happened, what artifacts or behaviors were involved, and scope the damage.

Trellix Endpoint Detection and Response (EDR) has positively impacted my organization by improving our security. We have experienced no more data breaches and no more threats from outside. I measure the improvement in security by noting that our security has improved by eighty percent.

One of the common criticisms that I find about Trellix Endpoint Detection and Response (EDR) is its high resource consumption, where it is significantly consuming a lot of CPU and RAM usage, which sometimes affects the performance on endpoints.

There is also limited integration with external platforms which has reduced flexibility in my organization.

I have been using Trellix Endpoint Detection and Response (EDR) for three years.

Trellix Endpoint Detection and Response (EDR) is very stable.

The scalability of Trellix Endpoint Detection and Response (EDR) is very good. It grows with our organization's needs.

The customer support for Trellix Endpoint Detection and Response (EDR) is amazing and very responsive.

We did not use another platform before.

My experience with pricing, setup cost, and licensing was that the cost was effective and the setup was straightforward, not particularly challenging.

I have seen a return on investment where the threat detection speed and response automation has brought operational savings, reducing time spent on manual investigating alerts, limiting downtime, and containing incidents more quickly.

I evaluated other options before selecting Trellix Endpoint Detection and Response (EDR), including Microsoft Defender for Endpoint  and Palo Alto Networks Cortex XDR .

My advice to others looking into using Trellix Endpoint Detection and Response (EDR) is that it is the best EDR platform as it brings threat detection speed and response automation, automatically saving on operational cost while reducing time spent. I believe it is the best EDR solution in today's market.

A specific example of how I have used Trellix Endpoint Detection and Response (EDR) in my day-to-day work is that it isolates or quarantines a device or kills malicious processes instantly. This is very crucial for compliance, forensic analysis, and it has improved our defense in my organization. There is a need for better integration with external platforms. I would rate this review as nine out of ten.

My main use case for Trellix Endpoint Detection and Response (EDR)  is detecting advanced threats, malware, ransomware, fileless attacks, zero-day exploits, and suspicious or anomalous behaviors.

I also use it for forensic investigation and root cause analysis, capturing endpoint state, processes, connections, memory, or files for post-attack analysis and compliance.

An example of how I have used Trellix Endpoint Detection and Response (EDR)  for a forensic investigation is that it does not rely solely on signature-based malware detection. It can detect known, unknown, or novel threats, including zero-day, polymorphic, and fileless attacks by analyzing behavior and anomalies.

Trellix Endpoint Detection and Response (EDR) has reduced the risk of breaches and data loss by catching advanced threats early and enabling fast containment. It also helps avoid costs associated with a breach or data loss, remediation costs, legal compliance fines, reputation damage, and more.

The best features Trellix Endpoint Detection and Response (EDR) offers are advanced detection and behavior-based analytics, comprehensive endpoint visibility and context, and faster detection and response.

Out of those features, I rely on faster detection the most day-to-day, as it has reduced the risk of breaches and data loss.

Trellix Endpoint Detection and Response (EDR) has positively impacted my organization by reducing the risk of breaches and data loss by 80%.

Trellix Endpoint Detection and Response (EDR) can be improved in terms of complex deployment and administration.

Additionally, there is high resource consumption, especially with CPU memory, and it is not a lightweight platform.

I have been working in my current field for five years.

In my experience, Trellix Endpoint Detection and Response (EDR) is stable with no major issues and no downtime. It is very stable.

Trellix Endpoint Detection and Response (EDR) is very scalable and can handle my organization's growth.

My experience with the customer support for Trellix Endpoint Detection and Response (EDR) was great because they are solution-oriented and resolve any issues that we have in my organization faster than expected.

I would rate the customer support nine out of 10.

I did not previously use a different solution.

I have seen a return on investment with Trellix Endpoint Detection and Response (EDR) by having reduced risk of breaches and data loss, lower operational costs over time, and faster detection, response, and forensic investigation in my organization.

My experience with pricing, setup cost, and licensing for Trellix has been focused on pricing.

My advice to others looking into using Trellix Endpoint Detection and Response (EDR) is that it is a great tool that reduces the risk of breaches and data loss. I would rate this product nine out of 10.

I use César for our endpoints, our users, and the services from email and web services, back and forth, and also at the edge of our network. We have contracted firewalls and everything else for networking.

The product and the services we have are quite good. However, I cannot stay at this level forever. I have to improve continuously and dynamically.

Everything is working, and the company is training its personnel. I have had in a few months in the past some attacks on personnel—so phishing, for example. I have spent efforts on training our managers and others - what can software do if the knowledge base is low?

This year, I am going to improve some tools to be installed or maybe acquire some services to better manage our web services and work with my coworkers.

Application fiber also needs attention. Nowadays I am making applications that are publicly seen on the Internet. I need some protection, possibly multi-factor authentication improvements. I am seeing, for workflows, some sort of ethical hacking to test our environment.

Knowledge of everything, not only the product - maybe some kind of alerts - needs to emerge. I see the current ones as very low-tier, and they must improve.

I have used Trellix for some years.

I haven't had any issues. The pricing is very fine and according to the service. Trellix has done a good job reducing threats.

I have spent a lot of time with this product. I have contracted support and also have an operating control so I can get various types of support.

I have used Trellix for some years. In the past, the EDR was McAfee. I have worked with it for around 20 years.

The initial setup is a hard issue.

I have two contractors that help me support the infrastructure here. One is at the edge of networking, and the other is in the endpoints of our company.

I don't have any return on this investment. This is just a security policy for everything.

I haven't had any really great problems with pricing in the past two or three years.

Maybe another level of product and support from manufacturers would be better.

I have seen companies without any EDR services, and we were lacking information. I started with IDR around four years ago, and the support services were very light. I remember doing many tickets for Trellix support, and my EDR was not properly functioning. I didn't feel the detection or the real protection. My company is one among 17 others that are part of a corporation. I am a member of the IT Security Council.

Overall product rating is five out of ten.

I use the solution in my company for malware detection. My customers are mostly banking and government organizations.

The most valuable feature of the solution is its area for threat detection.

When it comes to some unknown fileless attacks, the tool is not able to detect them properly, making it an area where improvements are required.

The tool's support needs to improve in the areas of response it provides to users.

I have been using Trellix Endpoint Detection and Response (EDR) for two and a half years.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution an eight out of ten.

I rate the technical support a seven and a half out of ten.

The solution is SaaS-based, and we have deployed it using the hybrid cloud model.

The tool's deployment phase is a lengthy process. For one endpoint, it takes 15 to 20 minutes.

The tool is cost-effective. Many agents need to be installed, and on-premises integration is required.

I haven't worked on the tool to see how it works for security workflow.

My customers have not seen any challenges while working with Trellix Endpoint Detection and Response (EDR) in terms of integrations.

The tool does not support any AI and security initiatives.

The tool is suitable for enterprise companies.

If businesses are completely on the cloud, then the tool is not required. If a company has a hybrid cloud model with an on-premises model, then it will be a good tool to use.

I rate the tool an eight out of ten.

I've used Trellix EDR to improve endpoints and servers' security and feed into MDR solutions.

The most useful features are behavior monitoring, DLP, and access control. The automation has gotten much better in the last two years than when it was McAfee. It works better now and integrates more smoothly.

I'd like the tool to become more like an XDR, with one management system and endpoint activation.

I have been using the solution for seven years.

Sometimes, stability issues come from incorrect partner deployments, not Trellix EDR itself.

I rate the tool a seven out of ten. To improve it, I'd like a cloud-based management system where I only need to put a correlator at the client's site, as CyberArk does. The best setup would be cloud management, a manager in a VM, and super agents on endpoints.

My opinion about technical support might be biased because I have direct access to top-level senior staff. I know some people struggle with support if they go through normal channels.

Setting up the solution is easy for me because I've been in cybersecurity for almost 30 years, but new users might find it hard. Depending on the client's needs, it can be set up on-premises, in a private or hybrid cloud, or fully in the cloud. Setting it up can take a few days for small environments or months for big companies with thousands of endpoints.

Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand.

Our clients are usually medium-sized and enterprise businesses. Overall, I would recommend Trellix EDR to others. I'd rate it eight and a half out of ten. No EDR or XDR solution gets a nine from me right now because they all have room for improvement.