Try our new research platform with insights from 80,000+ expert users

DeepArmor vs Trellix Endpoint Security Platform comparison

SparkCognition and Trellix are both solutions in the Endpoint Protection Platform (EPP) category. SparkCognition is ranked #60, while Trellix is ranked #7 with an average rating of 7.7. SparkCognition holds a 0.3% mindshare in EPP, compared to Trellix’s 3.6% mindshare. Additionally, 88% of Trellix users are willing to recommend the solution.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 8,496 Comparison Views
96% willing to recommend
DeepArmor
Read 1 DeepArmor review
  • 410 Views
  • 385 Comparison Views
0% willing to recommend
Trellix Endpoint Security P...
Read 160 Trellix Endpoint Security Platform reviews
  • 10,634 Views
  • 7,125 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 22, 2026

Trellix Endpoint Security Platform and DeepArmor are two cybersecurity products with unique feature sets, competing to enhance security measures. While Trellix has strengths in deployment ease and integration abilities, DeepArmor leads with advanced AI-driven threat detection.

Features: Trellix Endpoint Security Platform offers robust integration, customizable security settings, and caters to complex enterprise needs. DeepArmor focuses on real-time threat detection, lightweight design, and cutting-edge AI capabilities.

Ease of Deployment and Customer Service: Trellix is recognized for streamlined deployment and responsive customer service, providing comprehensive implementation support. DeepArmor emphasizes minimal setup due to its cloud-based infrastructure with seamless cloud integration.

Pricing and ROI: Trellix requires a substantial initial setup cost, offering long-term value through extensive features. DeepArmor features lower upfront costs with efficient AI-driven threat management for quick ROI, appealing to cost-conscious organizations.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Endpoint Protection Platform (EPP) Report (Updated: February 2026).
Buyer's Guide
Endpoint Protection Platform (EPP)
February 2026
Download the complete report
Helped 884,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
5th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Detection and Response (EDR) (7th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
DeepArmor
Ranking in Endpoint Protection Platform (EPP)
60th
Average Rating
2.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Trellix Endpoint Security P...
Ranking in Endpoint Protection Platform (EPP)
7th
Average Rating
7.8
Reviews Sentiment
7.1
Number of Reviews
160
Ranking in other categories
Endpoint Detection and Response (EDR) (11th), Extended Detection and Response (XDR) (10th)
 

Mindshare comparison

As of March 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.5%, down from 4.0% compared to the previous year. The mindshare of DeepArmor is 0.3%, up from 0.0% compared to the previous year. The mindshare of Trellix Endpoint Security Platform is 3.6%, down from 3.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.5%
Trellix Endpoint Security Platform3.6%
DeepArmor0.3%
Other92.6%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
Muhammad Fahad - PeerSpot reviewer
Muhammad Fahad
Manager Tech. & Support (Information Technology) at Texitech
Security needs improvement and email scanning features are not included
The email scanning feature is not available in DeepArmor. We cannot use this for email scanning. There are many options that are not available in DeepArmor. We cannot use separate applications for different internet applications or for different internet scanning. This is why we cannot use it. I would like to see additional features such as email scanning, which should be included, or malware detections, and other cybersecurity features should be included. It could also be more secure.
Read full review
PankajKumar24 - PeerSpot reviewer
PankajKumar24
IT Manager at Gigabit Technologies Pvt Ltd
Advanced threat prevention has strengthened incident response and customized security workflows
The biggest advantage of Trellix Endpoint Security Platform is the ATP solution, which provides advanced threat prevention. Machine learning algorithms are available in the product as part of the threat anti-malware, including predictive machine learning and behavioral analysis, which are integral to the anti-malware module of EPP. In terms of my experience with the machine learning algorithms for analysis and threat detection, we are analyzing logs provided by Trellix, but we are not able to conduct specific machine learning analysis on those logs. The automated response mechanisms in the products help with incident management because we have to create playbooks in Trellix console for automation, which we need to enable. The customizable dashboard of Trellix Endpoint Security Platform definitely contributes to the decision-making process, as we customize the dashboard according to customer requirements. When it comes to integration aspects, we are able to integrate Trellix Endpoint Security Platform with SIEM or SOAR solutions using the ePO console, which enhances threat detection capabilities. Reporting and analytics aspects have an impact on security posture assessment, as we are able to fetch reports in the ePO console customized according to customer requirements for downloading and sending via email.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"The protection offered by this product is good, as is the endpoint reporting."
"The initial setup is pretty easy."
"This software helps us understand any issues that may arise when someone is not at work."
"The product's most valuable features are massive user and feature intelligence exploit detection."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"It is easy to use."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
More Cortex XDR by Palo Alto Networks pros
"It is easy to install."
"If the network has seen something, we can use that to put a block to all the endpoints."
"MVISION offers decent protection."
"Trellix Endpoint Security has a full suite of DLP."
"The technical support services are good."
"Trellix Endpoint Security's dashboard is very flexible, and I can create my own user-specific dashboard depending on user privilege or preference."
"The installation is pretty straightforward."
"The product has a robust reporting feature"
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
More Trellix Endpoint Security Platform pros
 

Cons

"To jump from the partner to Palo Alto directly was challenging."
"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."
"Additionally, I think the price is very high, and if it can be adjusted, I believe it will be a very good solution."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"The solution needs better reports. I think they should let the customer go in and customize the reports."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
More Cortex XDR by Palo Alto Networks cons
"The email scanning feature is not available in DeepArmor."
"We have had some of our clients not happy with McAfee Endpoint Security because it blocks some of the applications they are trying to use. They should make it easier to unblock applications."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
"Endpoint resource utilization causes high levels of instability and that is something that needs improvement."
"One of the drawbacks is that it is not 100% secure."
"It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
"I would like to see simple processing and reporting online."
"The performance could be better. I noticed that it slows down a bit."
"The solution could provide open XDR in addition to EDR."
More Trellix Endpoint Security Platform cons
 

Pricing and Cost Advice

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"Cortex XDR's pricing is ok."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"It has reasonable pricing for the use cases it provides to the company."
"Its pricing is kind of in line with its competitors and everybody else out there."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"This is an expensive solution."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"There are licensing fees."
"There is a one-year and a three-year license available for this solution, we are currently on a three-year license."
"Since the maintenance is done by our own team, the price of the subscription should really be cheaper."
"I am happy with the pricing."
"I do licensing on an annual basis and this is what I always recommend to my clients over the monthly option."
"There are some extra expenses for using the product, in addition to licensing related to the maintenance of the product."
"No comment."
"McAfee's prices are flexible and can be quite competitive, although there are other solutions that are even more so."
"We pay 650 Rand for a license. It is a perpetual license which we normally run for two years."
More Trellix Endpoint Security Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
884,873 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
9%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
No data available
Manufacturing Company
13%
Government
11%
Financial Services Firm
8%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business68
Midsize Enterprise36
Large Enterprise62
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
Ask a question
Earn 20 points
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deplo...
See all answers
How does Crowdstrike Falcon compare with FireEye Endpoint Security?
The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effec...
See all answers
What is your experience regarding pricing and costs for McAfee Endpoint Security?
I don't have visibility on pricing because it is negotiated by a different team, as I look after the technical side.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 2% of the time
More Cortex XDR by Palo Alto Networks Competitors
ESET Endpoint Protection Platform vs DeepArmor Logo
ESET Endpoint Protection Platform vs DeepArmor
Compared 38% of the time
CrowdStrike Falcon vs DeepArmor Logo
CrowdStrike Falcon vs DeepArmor
Compared 25% of the time
Morphisec vs DeepArmor Logo
Morphisec vs DeepArmor
Compared 21% of the time
More DeepArmor Competitors
Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform Logo
Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform
Compared 6% of the time
CrowdStrike Falcon vs Trellix Endpoint Security Platform Logo
CrowdStrike Falcon vs Trellix Endpoint Security Platform
Compared 5% of the time
SentinelOne Singularity Complete vs Trellix Endpoint Security Platform Logo
SentinelOne Singularity Complete vs Trellix Endpoint Security Platform
Compared 5% of the time
Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform Logo
Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform
Compared 3% of the time
Tanium vs Trellix Endpoint Security Platform Logo
Tanium vs Trellix Endpoint Security Platform
Compared 3% of the time
More Trellix Endpoint Security Platform Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Endpoint Protection Platform (EPP)
February 2026
DeepArmor reportDownload DeepArmor product report
Buyer's Guide
Trellix Endpoint Security Platform
February 2026
Trellix Endpoint Security Platform reportDownload Trellix Endpoint Security Platform product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
McAfee Endpoint Security, McAfee Endpoint Protection, Intel Security Total Protection for Endpoint, McAfee Complete Endpoint Protection, Trellix Endpoint Security (ENS)
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

SparkCognition builds leading artificial intelligence solutions to advance the most important interests of society. We help customers analyze complex data, empower decision making, and transform human and industrial productivity with award-winning machine learning technology and expert teams focused on defense, IIoT, and finance.

SparkCognition

Trellix Endpoint Security Platform offers essential features like centralized management, threat prevention, and encryption, facilitating seamless scaling and integration with other systems while prioritizing user security.

This comprehensive platform focuses on endpoint protection, antivirus capabilities, and malware defense. It enhances cybersecurity with data loss prevention, advanced threat detection, and AI-driven features for reliable protection without impacting performance. Central management and advanced reporting streamline integration and ease of use. Flexible policy deployment through the management console and its robust security measures, such as DLP and device control, further increase protection. Challenges include high CPU and memory usage affecting performance, a complex interface, and lengthy deployment. Third-party integration and Windows Hello support need improvement. Additional concerns involve improved threat detection and faster technical support responses.

What are the key features of Trellix Endpoint Security Platform?
  • Centralized Management: Allows seamless integration and scaling with consistent control across environments.
  • Threat Prevention: Provides comprehensive antivirus and malware protection to secure systems.
  • Encryption: Ensures data security with robust encryption techniques.
  • Advanced Reporting: Facilitates detailed insights and analysis for better decision-making.
  • AI-Driven Detection: Offers reliable threat detection without impacting system performance.
What benefits should users look for in reviews?
  • Comprehensive Protection: Offers extensive security measures for protecting digital environments.
  • Ease of Integration: Simplifies the process of incorporating into current systems and processes.
  • Flexible Policy Deployment: Supports adaptable policy management to meet diverse requirements.
  • Scalability: Enables growth while maintaining efficiency and security.
  • Robust Security Features: Provides advanced security measures like DLP and device control.

Trellix Endpoint Security Platform is widely implemented in industries such as banking and government for securing mobile and desktop devices. Its capabilities cover network security, device control, and remote access protection, catering to diverse environments by offering robust cybersecurity management against advanced threats.

Trellix
 

Sample Customers

CBI Health Group, University Honda, VakifBank
AV-Comparatives
inHouseIT, Seagate Technology
Buyer's Guide
Endpoint Protection Platform (EPP)
February 2026
Download Free Report
Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Endpoint Protection Platform (EPP). Updated: February 2026.
DOWNLOAD NOW
884,873 professionals have used our research since 2012.
See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.