No more typing reviews! Try our Samantha, our new voice AI agent.

Morphisec vs TrendAI Vision One – Endpoint Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 26, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
48th
Ranking in Endpoint Detection and Response (EDR)
61st
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (57th), Advanced Threat Protection (ATP) (30th), Cloud Workload Protection Platforms (CWPP) (35th), Threat Deception Platforms (15th)
TrendAI Vision One – Endpoi...
Ranking in Endpoint Protection Platform (EPP)
13th
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
134
Ranking in other categories
Endpoint Compliance (3rd)
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Morphisec is 1.0%, up from 0.4% compared to the previous year. The mindshare of TrendAI Vision One – Endpoint Security is 1.9%, up from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
TrendAI Vision One – Endpoint Security1.9%
Morphisec1.0%
Other93.3%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
Oleksii Pavlyk - PeerSpot reviewer
Head of security of digital systems, electronic databases and networks at Ukreximbank
Centralized console has improved visibility while setup remains quick on diverse environments
I don't know why I find it valuable; my colleague administrated it, but I was the chief of a team of six people, and one of them administered this product, which worked well for defending our servers. I don't know what the best features of Trend Vision One Endpoint Security are; it performs well compared to other products, and I am curious about it, but I cannot think of specific features. Perhaps my colleagues could provide that information, but I do not have that knowledge. The centralized console helps my team greatly; it is very convenient as everything is all in one console, not only EDR but many other products, such as email security and XDR features. Trend Vision One Endpoint Security positively impacts our organization as it is very simple to install on Windows and Linux servers; it is not very difficult to install.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The scalability of Cortex XDR by Palo Alto Networks is very good."
"The initial setup isn't too bad."
"Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place."
"It has absolutely improved the way our organization functions, we are more secure, it is giving us more peace of mind, and it has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it."
"WildFire AI is the best option for this product."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"The anti-exploit is impenetrable."
"The solution doesn't need a high level of technical training."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"We have seen it successfully block attacks that a traditional antivirus did not pick up."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool."
"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."
"We have not had one machine that has been taken down due to malware now in almost four and a half years, with 600 machines that we don't have routine infections on because nothing can execute."
"Morphisec is quite an important tool for us in terms of security and InfoSec because of the malware protection."
"Morphisec has been a real lifesaver."
"The number of accessories included is the most valuable feature."
"The most valuable feature is the behavior monitoring."
"The nano protection and device control are great."
"Trend Micro Apex One is good at detecting zero-day threats. When the solution was in operation I did not notice any system performance problems. Upgrades of the solution were simple to do and there are plenty of features."
"The XDR feature which provides us with real visibility into our environment is the most valuable."
"The antivirus is the most valuable aspect of Trend Micro Apex One."
"The ransomware protection and behavior monitoring features of Trend Micro Apex One are actually good."
"No damage to the endpoints for more than two years."
 

Cons

"The solution could improve by providing better integration with their own products and others."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"Impact on system performance is horrible, adding a lot of delays for users."
"As an improvement, I would like to see enhanced connection speeds."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"I haven't been able to get the cloud deployment to work."
"The only area that really needs improvement is the reporting functionality."
"We sometimes have to depend on the support team to know what action we should take."
"The dashboard is the area that requires the most improvement. We have about, I would say 5,500 computers currently, and searching through all of those takes some time to filter. So as soon as you apply the filter, it takes a few seconds. It crunches, it thinks, and then it brings up the clients that match."
"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
"If certain alerts could be translated into day-to-day English with some action plans, a few points, what to do, and how to do it, that would help me personally as IT Manager."
"They should include easy-to-use connectors to make it easier to connect to SIEM."
"All the features in Trend Micro Apex One are not compatible or functional for all the different operating systems. For example, they have fewer features in other operating systems compared to what they have for Microsoft Windows. It would be nice if they could have one solution which all functions work on all kinds of operating systems. It would be much easier for those who have different operating systems in their environment to have one solution."
"The role-based access control needs improvement."
"I would like to see behavior analysis capabilities included."
"The reports are not eye-catching from the customer's point of view, which is something that should be improved."
"We had a few occasions where we had to temporarily turn off the solution on our clients' computers to upgrade the drivers."
"Trend Vision One Endpoint Security should have a DLP (Data loss prevention) module."
 

Pricing and Cost Advice

"Cortex XDR by Palo Alto Networks is an expensive solution."
"It has a yearly renewal."
"The tool's price is moderate."
"Cortex XDR’s pricing is very reasonable."
"This is an expensive solution."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"Our customers have expressed that the price is high."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"The pricing is definitely fair for what it does."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"Trend Micro Apex One's subscription model is definitely on the expensive side."
"Licensing fees are paid on a yearly basis."
"The license is expensive but it is a complete solution."
"Trend Micro has very aggressive pricing, but it is also very good."
"If I compare Trend Micro Apex One with other solutions there are a few challenges for customers who have do not need more licenses. Sometimes the customers struggle because this product is totally an enterprise solution, and the price for the licenses can be expensive for individuals or small organizations."
"It is okay. Compared to Sophos, it is a little bit expensive, but it is a good product and it is better than Sophos, for instance. It is equivalent to Trellix. Its cost depends on the country. I am in Turkey, and Trend Micro is not so affordable in Turkey. SMB companies are looking for cheaper products. In Turkey, enterprise customers tend to use Trend Micro, and if they have more money, then they use next-generation antivirus or EPP products such as SentinelOne, CrowdStrike, or Microsoft E5 package."
"Licensing costs depend completely on the number of users or licenses. They have a specific pricing structure. For example, if you are looking for 100 users to be on the product, in the Indian market (we're based in India), the cost is nearly $2,500 to $3,000 maximum for one three-year license."
"The cost of this solution is mid-level; not cheap nor expensive."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
904,680 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Outsourcing Company
17%
Manufacturing Company
13%
Construction Company
11%
Financial Services Firm
9%
Financial Services Firm
12%
Construction Company
11%
Manufacturing Company
7%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise35
Large Enterprise61
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What's the difference between Trend Micro Deep Security and Trend Micro Apex One?
Trend Micro Deep Security offers a lot of features. It guarantees security for your data center, cloud, and container...
What is your experience regarding pricing and costs for Trend Micro Apex One?
Regarding the price, there was a tender, and Trend Micro won; the price was good.
What needs improvement with Trend Micro Apex One?
Trend Vision One Endpoint Security can be improved in application control. We have seen that there are multiple ways ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Morphisec, Morphisec Moving Target Defense
Trend Micro Apex One, OfficeScan, Trend Micro OfficeScan
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Atma Jaya Catholic University of Indonesia, A&W Food Services of Canada, Babou, Beth Israel Deaconess Care Organization (BO), DCI Donor Services, Evalueserve, Gulftainer, Hiroshima Prefectural Government, MEDHOST
Find out what your peers are saying about Morphisec vs. TrendAI Vision One – Endpoint Security and other solutions. Updated: June 2026.
904,680 professionals have used our research since 2012.