Try our new research platform with insights from 80,000+ expert users

Symantec XDR vs Trellix Endpoint Security Platform comparison

Broadcom and Trellix are both solutions in the Extended Detection and Response (XDR) category. Broadcom is ranked #46, while Trellix is ranked #10 with an average rating of 7.7. Broadcom holds a 0.4% mindshare in XDR, compared to Trellix’s 3.5% mindshare. Additionally, 100% of Broadcom users are willing to recommend the solution, compared to 88% of Trellix users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 6,006 Comparison Views
96% willing to recommend
Symantec XDR
Read 1 Symantec XDR review
  • 484 Views
  • 479 Comparison Views
100% willing to recommend
Trellix Endpoint Security P...
Read 160 Trellix Endpoint Security Platform reviews
  • 10,634 Views
  • 3,297 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 22, 2026

Trellix Endpoint Security Platform and Symantec XDR are products in the cybersecurity solutions market. Symantec XDR is perceived as superior because of its comprehensive features, though Trellix offers favorable pricing and support.

Features: Trellix Endpoint Security Platform includes robust threat detection, real-time analytics, and extensive customization options. Symantec XDR provides advanced threat intelligence, automated response capabilities, and cross-security system integration.

Ease of Deployment and Customer Service: Trellix Endpoint Security Platform offers straightforward deployment and efficient support. Symantec XDR provides seamless deployment with in-depth scalability and specialized support channels.

Pricing and ROI: Trellix Endpoint Security Platform has a lower initial investment with quick ROI due to affordable maintenance. Symantec XDR has a higher setup cost but offers long-term security gains through expansive features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: February 2026).
Buyer's Guide
Extended Detection and Response (XDR)
February 2026
Download the complete report
Helped 884,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Endpoint Detection and Response (EDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
Symantec XDR
Ranking in Extended Detection and Response (XDR)
46th
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Trellix Endpoint Security P...
Ranking in Extended Detection and Response (XDR)
10th
Average Rating
7.8
Reviews Sentiment
7.1
Number of Reviews
160
Ranking in other categories
Endpoint Protection Platform (EPP) (7th), Endpoint Detection and Response (EDR) (11th)
 

Mindshare comparison

As of March 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.9%, down from 5.6% compared to the previous year. The mindshare of Symantec XDR is 0.4%, up from 0.1% compared to the previous year. The mindshare of Trellix Endpoint Security Platform is 3.5%, up from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.9%
Trellix Endpoint Security Platform3.5%
Symantec XDR0.4%
Other91.2%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
BR
BILALRAZA
Cyber Security Consultant at I(TS)² Saudi Arabia
A scalable and stable solution with straightforward deployment
We can generate maps from the environment. For example, suppose there is a virus that has a zero-day attack and is publicly unknown. We can block that and keep it away from the network so it is not further replicated. It also has custom white and black lists. We can add a good reputation on both lists and use the sonar technology for Symantec and the online network for advanced reports.
Read full review
PankajKumar24 - PeerSpot reviewer
PankajKumar24
IT Manager at Gigabit Technologies Pvt Ltd
Advanced threat prevention has strengthened incident response and customized security workflows
The biggest advantage of Trellix Endpoint Security Platform is the ATP solution, which provides advanced threat prevention. Machine learning algorithms are available in the product as part of the threat anti-malware, including predictive machine learning and behavioral analysis, which are integral to the anti-malware module of EPP. In terms of my experience with the machine learning algorithms for analysis and threat detection, we are analyzing logs provided by Trellix, but we are not able to conduct specific machine learning analysis on those logs. The automated response mechanisms in the products help with incident management because we have to create playbooks in Trellix console for automation, which we need to enable. The customizable dashboard of Trellix Endpoint Security Platform definitely contributes to the decision-making process, as we customize the dashboard according to customer requirements. When it comes to integration aspects, we are able to integrate Trellix Endpoint Security Platform with SIEM or SOAR solutions using the ePO console, which enhances threat detection capabilities. Reporting and analytics aspects have an impact on security posture assessment, as we are able to fetch reports in the ePO console customized according to customer requirements for downloading and sending via email.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"The solution is a new generation XDR that has a lot of artificial intelligence modules."
"Stability is one of the features we like the most."
"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"Cortex XDR by Palo Alto Networks's ability to block sophisticated threats in real time is quite good and is on par with SentinelOne's."
"Best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"There has been a significant reduction of approximately 70% to 80% in our internal MTTR and MTTD metrics, now around five to eight minutes whereas previously it was hours, which has helped tremendously."
More Cortex XDR by Palo Alto Networks pros
"You can advise the solution and protect your environment."
"The activation of features within ENS and the collection of threats into a single console is a strong point."
"We really like the dashboard from Trellix and we've found that it's pretty informative."
"The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow."
"Provides good mobile device protection."
"It is generally a valuable tool that helps us with our security."
"Trellix Endpoint Security's dashboard is very flexible, and I can create my own user-specific dashboard depending on user privilege or preference."
"The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
"The endpoint protection and disk encryption features are the most valuable."
More Trellix Endpoint Security Platform pros
 

Cons

"I have seen lagging with Cortex XDR by Palo Alto Networks. There was one time when we faced a threat actor trying to gain access to our system. When our team utilized the tool, we were all on the same dashboard and we faced a lag issue at that time of around five minutes, which was quite significant."
"I would like to see better protection, specifically to protect email applications."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"I think sometimes Cortex XDR agent automatically stops event capturing from the device, and then even the dashboard does not get any notifications from the agent."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"It is a complex solution to implement."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
More Cortex XDR by Palo Alto Networks cons
"The solution should have better reporting."
"Signatures to protect against new attacks."
"The platform needs improvement in terms of handling heavy databases."
"One thing I could have used was a more detailed description of the HIPS signatures."
"The management console is a little bit difficult to understand for admins. You need a lot of time in order to become familiar with that. It is a little bit complicated and not too easy to understand. Its price can also be improved. Its price is higher than its competitors. McAfee also needs to have better cloud integration and more data centers in the EU. The cloud center should be in Europe or in Germany. In Germany, it is really important to have access to your data within the same country. Customer data needs to be placed and processed in the same country."
"I hope the solution can be used in cloud systems going forward."
"The price of McAfee MVISION Endpoint could improve."
"If there's a possibility for remote assistance or investigation support in the future, it would be beneficial. Currently, we use another remote software for such purposes. If this feature could be included in the next version, that would be an improvement. The feature is called Remote Administration. I'm somewhat satisfied, but there's an issue I recently encountered. When attempting to scan a suspected host machine, Symantec Endpoint Security did not provide any alerts. However, when we installed Malwarebytes and ran a scan, it detected a threat that wasn't identified by Symantec. We raised this concern with the team for resolution, and the investigation is still ongoing."
"The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux. We would also like assets grouping and device lock protection features, which are included in their roadmap."
More Trellix Endpoint Security Platform cons
 

Pricing and Cost Advice

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"I don't recall what the cost was, but it wasn't really that expensive."
"I feel it is fairly priced."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"It has reasonable pricing for the use cases it provides to the company."
More Cortex XDR by Palo Alto Networks pricing and cost advice
Information not available
"They should reduce the cost or make it free, open-source software."
"This product is costly."
"Trellix Endpoint Security is neither a cheap nor an expensive solution."
"Trellix Endpoint Security (ENS) is not a cheap solution...I don't think any costs are involved in the maintenance of the solution."
"I would rate the cost as four to five, considering it's normal compared to other products. I find it nominal and worth the money."
"Its price is very high. It is higher than its competitors, and it should be less."
"It is not that expensive. There is no additional cost. We got the entire bundle together."
"Since the maintenance is done by our own team, the price of the subscription should really be cheaper."
More Trellix Endpoint Security Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
884,873 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
9%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
No data available
Manufacturing Company
13%
Government
11%
Financial Services Firm
8%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business68
Midsize Enterprise36
Large Enterprise62
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
Ask a question
Earn 20 points
How does McAfee Endpoint Security compare with MVISION?
The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deplo...
See all answers
How does Crowdstrike Falcon compare with FireEye Endpoint Security?
The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effec...
See all answers
What is your experience regarding pricing and costs for McAfee Endpoint Security?
I don't have visibility on pricing because it is negotiated by a different team, as I look after the technical side.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 2% of the time
More Cortex XDR by Palo Alto Networks Competitors
Wazuh vs Symantec XDR Logo
Wazuh vs Symantec XDR
Compared 36% of the time
Microsoft Defender XDR vs Symantec XDR Logo
Microsoft Defender XDR vs Symantec XDR
Compared 30% of the time
More Symantec XDR Competitors
Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform Logo
Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform
Compared 6% of the time
CrowdStrike Falcon vs Trellix Endpoint Security Platform Logo
CrowdStrike Falcon vs Trellix Endpoint Security Platform
Compared 5% of the time
SentinelOne Singularity Complete vs Trellix Endpoint Security Platform Logo
SentinelOne Singularity Complete vs Trellix Endpoint Security Platform
Compared 5% of the time
Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform Logo
Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform
Compared 3% of the time
Tanium vs Trellix Endpoint Security Platform Logo
Tanium vs Trellix Endpoint Security Platform
Compared 3% of the time
More Trellix Endpoint Security Platform Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Extended Detection and Response (XDR)
February 2026
Symantec XDR reportDownload Symantec XDR product report
Buyer's Guide
Trellix Endpoint Security Platform
February 2026
Trellix Endpoint Security Platform reportDownload Trellix Endpoint Security Platform product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
McAfee Endpoint Security, McAfee Endpoint Protection, Intel Security Total Protection for Endpoint, McAfee Complete Endpoint Protection, Trellix Endpoint Security (ENS)
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Symantec Enterprise Security Products are now part of Broadcom. The consumer division of Symantec Corp. is now NortonLifeLock Inc. -- a standalone company dedicated to consumer cyber safety.

Broadcom

Trellix Endpoint Security Platform offers essential features like centralized management, threat prevention, and encryption, facilitating seamless scaling and integration with other systems while prioritizing user security.

This comprehensive platform focuses on endpoint protection, antivirus capabilities, and malware defense. It enhances cybersecurity with data loss prevention, advanced threat detection, and AI-driven features for reliable protection without impacting performance. Central management and advanced reporting streamline integration and ease of use. Flexible policy deployment through the management console and its robust security measures, such as DLP and device control, further increase protection. Challenges include high CPU and memory usage affecting performance, a complex interface, and lengthy deployment. Third-party integration and Windows Hello support need improvement. Additional concerns involve improved threat detection and faster technical support responses.

What are the key features of Trellix Endpoint Security Platform?
  • Centralized Management: Allows seamless integration and scaling with consistent control across environments.
  • Threat Prevention: Provides comprehensive antivirus and malware protection to secure systems.
  • Encryption: Ensures data security with robust encryption techniques.
  • Advanced Reporting: Facilitates detailed insights and analysis for better decision-making.
  • AI-Driven Detection: Offers reliable threat detection without impacting system performance.
What benefits should users look for in reviews?
  • Comprehensive Protection: Offers extensive security measures for protecting digital environments.
  • Ease of Integration: Simplifies the process of incorporating into current systems and processes.
  • Flexible Policy Deployment: Supports adaptable policy management to meet diverse requirements.
  • Scalability: Enables growth while maintaining efficiency and security.
  • Robust Security Features: Provides advanced security measures like DLP and device control.

Trellix Endpoint Security Platform is widely implemented in industries such as banking and government for securing mobile and desktop devices. Its capabilities cover network security, device control, and remote access protection, catering to diverse environments by offering robust cybersecurity management against advanced threats.

Trellix
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
inHouseIT, Seagate Technology
Buyer's Guide
Extended Detection and Response (XDR)
February 2026
Download Free Report
Find out what your peers are saying about CrowdStrike, SentinelOne, TrendAI and others in Extended Detection and Response (XDR). Updated: February 2026.
DOWNLOAD NOW
884,873 professionals have used our research since 2012.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.