Try our new research platform with insights from 80,000+ expert users

Kaspersky Anti-Targeted Attack Platform vs Trellix Endpoint Security Platform comparison

Kaspersky and Trellix are both solutions in the Endpoint Detection and Response (EDR) category. Kaspersky is ranked #52, while Trellix is ranked #11 with an average rating of 7.7. Kaspersky holds a 0.7% mindshare in EDR, compared to Trellix’s 3.3% mindshare. Additionally, 66% of Kaspersky users are willing to recommend the solution, compared to 88% of Trellix users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 8,057 Comparison Views
96% willing to recommend
Kaspersky Anti-Targeted Att...
Read 6 Kaspersky Anti-Targeted Attack Platform reviews
  • 1,085 Views
  • 1,009 Comparison Views
66% willing to recommend
Trellix Endpoint Security P...
Read 160 Trellix Endpoint Security Platform reviews
  • 10,634 Views
  • 6,912 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 22, 2026

Trellix Endpoint Security Platform and Kaspersky Anti-Targeted Attack Platform compete in enterprise security. While Kaspersky offers superior features and better ROI, Trellix provides more affordable pricing and efficient support.

Features: Trellix offers robust threat detection, integrated threat intelligence, and easy scalability. Kaspersky provides advanced threat hunting, behavioral analysis, and network monitoring.

Room for Improvement: Trellix could enhance its automation and cloud-native features. Kaspersky may work on simplifying its deployment process and improving user experience with its interface.

Ease of Deployment and Customer Service: Trellix is quickly deployable and integrates seamlessly with existing infrastructure, backed by responsive customer service. Kaspersky, despite a more complex setup, benefits from detailed documentation and technical support.

Pricing and ROI: Trellix attracts budget-conscious entities with lower setup costs, while Kaspersky, with a higher initial investment, promises better long-term ROI through enhanced functionality.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Kaspersky Anti-Targeted Attack Platform vs. Trellix Endpoint Security Platform Report (Updated: March 2026).
Buyer's Guide
Kaspersky Anti-Targeted Attack Platform vs. Trellix Endpoint Security Platform
March 2026
Download the complete report
Helped 884,933 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
7th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
Kaspersky Anti-Targeted Att...
Ranking in Endpoint Detection and Response (EDR)
52nd
Average Rating
6.6
Reviews Sentiment
6.1
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Trellix Endpoint Security P...
Ranking in Endpoint Detection and Response (EDR)
11th
Average Rating
7.8
Reviews Sentiment
7.1
Number of Reviews
160
Ranking in other categories
Endpoint Protection Platform (EPP) (7th), Extended Detection and Response (XDR) (10th)
 

Mindshare comparison

As of March 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.0% compared to the previous year. The mindshare of Kaspersky Anti-Targeted Attack Platform is 0.7%, up from 0.1% compared to the previous year. The mindshare of Trellix Endpoint Security Platform is 3.3%, down from 4.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.4%
Trellix Endpoint Security Platform3.3%
Kaspersky Anti-Targeted Attack Platform0.7%
Other92.6%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
FarkhundAbbas - PeerSpot reviewer
FarkhundAbbas
Security Engineer at adcb
The tool provides excellent sandboxing and email security features, but the backup and recovery features are not good
If my primary solution is down, no backup solution is available to restore it. It is one of the biggest weaknesses of the platform. If I need to update the solution, there is no option to pick the events and the logs from it and deploy it in another solution. The backup and recovery features of the product are not good. I need backup. If the tool is down for some time, I cannot get the logs at that particular time.
Read full review
PankajKumar24 - PeerSpot reviewer
PankajKumar24
IT Manager at Gigabit Technologies Pvt Ltd
Advanced threat prevention has strengthened incident response and customized security workflows
The biggest advantage of Trellix Endpoint Security Platform is the ATP solution, which provides advanced threat prevention. Machine learning algorithms are available in the product as part of the threat anti-malware, including predictive machine learning and behavioral analysis, which are integral to the anti-malware module of EPP. In terms of my experience with the machine learning algorithms for analysis and threat detection, we are analyzing logs provided by Trellix, but we are not able to conduct specific machine learning analysis on those logs. The automated response mechanisms in the products help with incident management because we have to create playbooks in Trellix console for automation, which we need to enable. The customizable dashboard of Trellix Endpoint Security Platform definitely contributes to the decision-making process, as we customize the dashboard according to customer requirements. When it comes to integration aspects, we are able to integrate Trellix Endpoint Security Platform with SIEM or SOAR solutions using the ePO console, which enhances threat detection capabilities. Reporting and analytics aspects have an impact on security posture assessment, as we are able to fetch reports in the ePO console customized according to customer requirements for downloading and sending via email.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The user interface of the solution is sophisticated and straightforward."
"If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application."
"Implementing Cortex XDR by Palo Alto Networks has had a significant impact on my security analyst workload because it becomes much easier."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"It is an easy-to-use tool."
"Cortex is the best tool for endpoint detection, and I have used it to verify hashes or domains to identify malicious activity, trigger playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."
"Monitoring is most valuable."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
More Cortex XDR by Palo Alto Networks pros
"The most valuable use is detailing metadata collection from the endpoint and network."
"The product's deployment phase is easy."
"I feel the anti-ransomware update is one of the tool's valuable features."
"The solution is very easy to use. Its interface is very simple, and you can build IOC's indicators. You can use your rules to detect these attacks because you can leverage threat intelligence. Y"
"Kaspersky Anti-Targeted Attack Platform is stable and runs all the time."
"The email security feature is really good."
"MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle."
"McAfee Endpoint Security 10.5 has improved our security and made our customers more effective."
"We like the management of the ePO, and we like the management console."
"The initial setup is straightforward, not complex."
"The most valuable feature of the solution is its dashboard."
"What I like most about McAfee MVISION Endpoint is that it's very user-friendly. You do need some knowledge on how to navigate the portal, but as soon as you've gained that knowledge, navigation will no longer be an issue. I have no complaints about McAfee MVISION Endpoint. For me, the product is perfect the way it is. It's great right now, and it's doing good as it is."
"The solution scales well."
"Would benefit with the addition of DLP features."
More Trellix Endpoint Security Platform pros
 

Cons

"The tool needs to be improved in terms of integration and interface."
"Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"I would like to see them include NDR (Network Detection Response)."
"While using Cortex, I noticed some aspects that could be improved, such as increasing the synchronization speed between XDR and Xnor."
"The solution lacks real-time, on-demand antivirus."
"There are some limitations on the Traps agents."
"The price could be a little lower."
More Cortex XDR by Palo Alto Networks cons
"Kaspersky Anti-Targeted Attack Platform is not a good product. We had problems with endpoints and the solution did not detect it. We didn't get any alerts about the attack."
"In some of the places I have come across, even though they use Kaspersky, the ransomware enters their system."
"The solution lacks cloud integrations."
"The backup and recovery features of the product are not good."
"I think the tool is still not really good enough for integration compared to other products."
"The blind spot or gap in the platform is network analysis functionality."
"It would be nice if the solution was a bit more stable."
"The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format."
"It would be nice to have the ability to change Safeboot passwords from within the OS as there is a delay in the boot process and password changes can take time."
"Endpoint resource utilization causes high levels of instability and that is something that needs improvement."
"It needs much better control on zero-day viruses and easier submission of threats to McAfee."
"I would like to see more local integration for the applications that we use."
"The central monitoring dashboard needs improvement."
"In new units, the initial agenda, they are changing a lot of things and there are lots of bugs we normally did not use to see."
More Trellix Endpoint Security Platform cons
 

Pricing and Cost Advice

"I am using the Community edition."
"Cortex XDR's pricing is ok."
"The price of the solution is high for the license and in general."
"Cortex XDR by Palo Alto Networks is an expensive solution."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"I feel it is fairly priced."
"This is an expensive solution."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"Kaspersky is one of the cheaper solutions."
"The solution has competitive pricing."
"Kaspersky Anti-Targeted Attack Platform is cheap."
"I think Trellix is more on the higher side of the market, just on a general scale, but I also think it depends on what particular package you choose."
"We are on an annual subscription for McAfee MVISION Endpoint. The cost for the license could be less expensive."
"Pricing is fair."
"The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license."
"The pricing is more or less the same as the other tools in the market."
"The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before."
"Since the maintenance is done by our own team, the price of the subscription should really be cheaper."
"Trellix Endpoint Security (ENS) is not a cheap solution...I don't think any costs are involved in the maintenance of the solution."
More Trellix Endpoint Security Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
884,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
9%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
13%
Comms Service Provider
10%
Government
10%
Financial Services Firm
10%
Manufacturing Company
13%
Government
11%
Financial Services Firm
8%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business68
Midsize Enterprise36
Large Enterprise62
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
What do you like most about Kaspersky Anti-Targeted Attack Platform?
The solution is very easy to use. Its interface is very simple, and you can build IOC's indicators. You can use your ...
See all answers
What is your experience regarding pricing and costs for Kaspersky Anti-Targeted Attack Platform?
Its price is reasonable; it's neither very high nor very low, considering its capabilities.
See all answers
What needs improvement with Kaspersky Anti-Targeted Attack Platform?
I think the tool is still not really good enough for integration compared to other products. If you need to integrate...
See all answers
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deplo...
See all answers
How does Crowdstrike Falcon compare with FireEye Endpoint Security?
The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effec...
See all answers
What is your experience regarding pricing and costs for McAfee Endpoint Security?
I don't have visibility on pricing because it is negotiated by a different team, as I look after the technical side.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 2% of the time
More Cortex XDR by Palo Alto Networks Competitors
HP Wolf Security vs Kaspersky Anti-Targeted Attack Platform Logo
HP Wolf Security vs Kaspersky Anti-Targeted Attack Platform
Compared 10% of the time
TrendAI Vision One vs Kaspersky Anti-Targeted Attack Platform Logo
TrendAI Vision One vs Kaspersky Anti-Targeted Attack Platform
Compared 7% of the time
ESET Inspect vs Kaspersky Anti-Targeted Attack Platform Logo
ESET Inspect vs Kaspersky Anti-Targeted Attack Platform
Compared 7% of the time
SanerNow CyberHygiene Platform vs Kaspersky Anti-Targeted Attack Platform Logo
SanerNow CyberHygiene Platform vs Kaspersky Anti-Targeted Attack Platform
Compared 6% of the time
Stellar Cyber Open XDR vs Kaspersky Anti-Targeted Attack Platform Logo
Stellar Cyber Open XDR vs Kaspersky Anti-Targeted Attack Platform
Compared 4% of the time
More Kaspersky Anti-Targeted Attack Platform Competitors
Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform Logo
Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform
Compared 6% of the time
CrowdStrike Falcon vs Trellix Endpoint Security Platform Logo
CrowdStrike Falcon vs Trellix Endpoint Security Platform
Compared 5% of the time
SentinelOne Singularity Complete vs Trellix Endpoint Security Platform Logo
SentinelOne Singularity Complete vs Trellix Endpoint Security Platform
Compared 5% of the time
Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform Logo
Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform
Compared 3% of the time
Tanium vs Trellix Endpoint Security Platform Logo
Tanium vs Trellix Endpoint Security Platform
Compared 3% of the time
More Trellix Endpoint Security Platform Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Kaspersky Anti-Targeted Attack Platform
March 2026
Kaspersky Anti-Targeted Attack Platform reportDownload Kaspersky Anti-Targeted Attack Platform product report
Buyer's Guide
Trellix Endpoint Security Platform
February 2026
Trellix Endpoint Security Platform reportDownload Trellix Endpoint Security Platform product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Kaspersky Anti Targeted Attack
McAfee Endpoint Security, McAfee Endpoint Protection, Intel Security Total Protection for Endpoint, McAfee Complete Endpoint Protection, Trellix Endpoint Security (ENS)
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Today’s cybercriminals constantly design unique and innovative methods of penetration and compromise. To avoid perimeter prevention technologies they use social engineering, non-malware and supply chain attacks to operate under the radar of security designed to catch ‘bad’ traces. It’s not enough to just ‘know’ what’s bad or dangerous – enterprises need to understand what’s normal, and use AI-driven techniques that simplify and automate this process. Targeted Attack Analyzer is a machine learning engine that involves self-learning to establish the baseline of normal, legitimate activities of an entire network. Through continuous network telemetry collection it finds deviations, detects suspicious activities and predicts further malicious actions at the initial stages of multilayered attacks.

Kaspersky

Trellix Endpoint Security Platform offers essential features like centralized management, threat prevention, and encryption, facilitating seamless scaling and integration with other systems while prioritizing user security.

This comprehensive platform focuses on endpoint protection, antivirus capabilities, and malware defense. It enhances cybersecurity with data loss prevention, advanced threat detection, and AI-driven features for reliable protection without impacting performance. Central management and advanced reporting streamline integration and ease of use. Flexible policy deployment through the management console and its robust security measures, such as DLP and device control, further increase protection. Challenges include high CPU and memory usage affecting performance, a complex interface, and lengthy deployment. Third-party integration and Windows Hello support need improvement. Additional concerns involve improved threat detection and faster technical support responses.

What are the key features of Trellix Endpoint Security Platform?
  • Centralized Management: Allows seamless integration and scaling with consistent control across environments.
  • Threat Prevention: Provides comprehensive antivirus and malware protection to secure systems.
  • Encryption: Ensures data security with robust encryption techniques.
  • Advanced Reporting: Facilitates detailed insights and analysis for better decision-making.
  • AI-Driven Detection: Offers reliable threat detection without impacting system performance.
What benefits should users look for in reviews?
  • Comprehensive Protection: Offers extensive security measures for protecting digital environments.
  • Ease of Integration: Simplifies the process of incorporating into current systems and processes.
  • Flexible Policy Deployment: Supports adaptable policy management to meet diverse requirements.
  • Scalability: Enables growth while maintaining efficiency and security.
  • Robust Security Features: Provides advanced security measures like DLP and device control.

Trellix Endpoint Security Platform is widely implemented in industries such as banking and government for securing mobile and desktop devices. Its capabilities cover network security, device control, and remote access protection, catering to diverse environments by offering robust cybersecurity management against advanced threats.

Trellix
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Republic of Serbia, Goods.ru, Tael, Insolar
inHouseIT, Seagate Technology
Buyer's Guide
Kaspersky Anti-Targeted Attack Platform vs. Trellix Endpoint Security Platform
March 2026
Free Report: Kaspersky Anti-Targeted Attack Platform vs. Trellix Endpoint Security Platform
Find out what your peers are saying about Kaspersky Anti-Targeted Attack Platform vs. Trellix Endpoint Security Platform and other solutions. Updated: March 2026.
DOWNLOAD NOW
884,933 professionals have used our research since 2012.
See our Kaspersky Anti-Targeted Attack Platform vs. Trellix Endpoint Security Platform report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.