Trellix Cloud Workload Security Reviews

Trellix Cloud Workload Security protects our applications and containers.

Trellix Cloud Workload Security is important in our organization because it reduces our risk of data breaches, protects from ransomware, and addresses the misconfiguration of cloud resources such as AWS and Azure. If any lateral movement has occurred in our infrastructure, it provides me with an alert, along with notifications of any container misconfiguration. We also receive continuous visibility of servers and compliance assurance for our vulnerability protection, ensuring that if something is not patched or vulnerable, the vulnerabilities are fixed.

The best feature of Trellix Cloud Workload Security is the granular level implementation and configuration of ransomware protection, which includes a threat prevention module and vulnerability protection, allowing us to protect our servers with the help of container security.

When discussing the granular level implementation in Trellix Cloud Workload Security, it means that when we configure the policies for threat prevention, we can define many aspects such as the type of file, kernel level, boot level, execution read-write time, memory-specific, and application-specific parameters. We can configure it properly based on our knowledge and also define the schedule for anti-malware scanning and updates.

Trellix Cloud Workload Security has positively impacted our organization by improving our visibility across cloud and infrastructure, showing how many workloads we have and what is occurring with those workloads. It enhances protection against threat monitoring through real-time alerts and addresses misconfiguration and vulnerabilities on workloads and running applications. Additionally, it ensures compliance with organizational and industry securities, facilitating faster incident detection and response, which helps our IT and security team proactively remediate risks before major incidents occur.

When discussing faster incident detection and response with Trellix Cloud Workload Security, if any alert comes through, such as a vulnerability detected on a server, expanding the alert provides us with MITRE framework tactics and techniques, including necessary remediations for updates or modifications.

Trellix Cloud Workload Security needs improvement to be more lightweight, as it consumes more RAM resources, so we need a lighter version of that security.

Regarding needed improvements for Trellix Cloud Workload Security, there is a complexity in the configuration of policies compared to other OEMs where configuration is simpler. Here, it is module-wise, which requires configuring separate segments such as threat protection, data protection, firewall, device control, and application control.

I have been using Trellix Cloud Workload Security for the last two to three years.

Trellix Cloud Workload Security is very stable; currently, it receives monthly upgrades or updates, whereas previously, updates happened quarterly or semiannually.

Trellix Cloud Workload Security's scalability is designed to help organizations secure hybrid and multi-cloud workloads by automating workload discovery, threat protection, and compliance management.

We experience limited customer support, typically requiring a minimum wait of three to four hours for ticket responses.

Earlier, we were using Symantec, and we switched to Trellix Cloud Workload Security due to very poor support from Symantec.

In my opinion, Trellix Cloud Workload Security saves employees' time and money.

Regarding pricing, setup cost, and licensing for Trellix Cloud Workload Security, I am not part of sales and have no specific details, but it is a lighter version that requires only a 2 MB file for installation, making it quite easy to use.

Before choosing Trellix Cloud Workload Security, we evaluated it alongside Trend Micro Deep Security, and based on pricing, we opted for Trellix Cloud Workload Security.

I advise others looking into using Trellix Cloud Workload Security to consider it if they want a solid approach to prevent workload security, ensuring protection from threats and vulnerabilities while offering customizable application control. My recommendation is to try it on a 60-day trial basis first. I would rate this product 9 out of 10.

My main use case for Trellix Cloud Workload Security is to secure and monitor all our workloads that run in the cloud and ensure that nothing suspicious goes unnoticed.

A quick specific example of how I use Trellix Cloud Workload Security to monitor my cloud workloads is that whenever a new workload goes live in our cloud environment, this product starts monitoring it straight away. If anything looks off, we get an alert and act on it quickly.

The best features Trellix Cloud Workload Security offers, in my experience, are real-time threat detection, workload visibility, and automatic response to suspicious activity, which work well for us.

The automatic response feature of Trellix Cloud Workload Security is really helping our team and saving our time due to its automated response, and it really made a difference because we do not have to manually intervene; it automatically starts the response as per the predefined set.

Trellix Cloud Workload Security has positively impacted our organization as our team no longer has to manually keep an eye on cloud workloads; the product does that for us, and we only need to step in when something actually needs attention.

We have seen great outcomes with Trellix Cloud Workload Security, such as a clear drop in the time it takes to spot and deal with security issues in our cloud environment since we started using this product, so overall it is saving our time and having a positive impact.

Trellix Cloud Workload Security is working well in our environment, and we have not faced any lack of features; there is no requirement for changes as of now.

If I could suggest improvements for Trellix Cloud Workload Security, I would say that the reporting could be more customizable so that more detailed documentation could be available.

I have been using Trellix Cloud Workload Security for three years.

In my experience, Trellix Cloud Workload Security is a stable solution, and we have not faced any kind of challenge with downtime or reliability.

Scalability-wise, Trellix Cloud Workload Security is excellent and has been able to grow with our needs.

My experience with customer support for Trellix Cloud Workload Security has been positive; they always support us in case any troubleshooting is required, and they are ready to help us and troubleshoot any issues.

I would rate the customer support of Trellix Cloud Workload Security nine out of ten.

I can really say that we have seen a return on investment from using Trellix Cloud Workload Security; before this product, our team used to spend a lot of time manually keeping an eye on the cloud environment, and now that is all taken care of automatically with this solution, so it is really saving our time and money.

Regarding Trellix Cloud Workload Security's AI capabilities, I think its governance and security are good, as it keeps a close watch on all cloud workloads and makes sure everything is running within the set security boundaries.

Regarding Trellix Cloud Workload Security's AI capabilities, I find that its accuracy and reliability of output have been consistent for me; the output is accurate, and the alerts and detection have been accurate most of the time, with not too many false alarms, which is really important for a security tool.

My advice for anyone looking into using Trellix Cloud Workload Security is to consider it as one of the best solutions currently in the market. I recommend conducting the proof of concept, exploring your use cases, and spending time on the initial setup to get the configuration right for your specific environment, and once that is done, you will not have to worry about it as it quietly does a good job keeping your cloud workload protected without needing consistent attention from your team. I would give this solution an overall rating of nine out of ten.

Trellix Cloud Workload Security is designed for cloud environments, but my use case is for a hybrid environment.

From my personal experience as a reseller, what really stands out in Trellix Cloud Workload Security is that it provides focused security with enhanced protection for servers in a cloud environment.

The runtime protection feature in Trellix Cloud Workload Security includes anti-malware functionality with real-time protection.

The effectiveness of Trellix Cloud Workload Security is attributed to the multi-layer protection provided across available virtual machines for threat defense, which helps deliver multi-layer countermeasures. It helps assign and manage workloads automatically.

The dashboard of Trellix Cloud Workload Security is intuitive enough as it helps manage risk and compliance with Trellix ePO, showing all threats affecting servers and workload agents. It helps analyze threats and generate reports. It allows me to manage agents through the ePO.

The micro-segmentation feature of Trellix Cloud Workload Security is helpful for limiting lateral movement in the network. Micro-segmentation involves segmentation of server communications, including server-to-server communication with specific ports and processes. It provides layer seven visibility of segmentations between server-to-server and client-to-server communications.

In terms of automation, the automated threat detection of Trellix Cloud Workload Security has a positive impact on incident response time, providing visibility through automated workload security. There is a feature of adaptive threat protection that works to automate responses.

When it comes to areas for improvement, there is a need, as per a comparison with Trend Micro, to provide a SIEM solution in Trellix Cloud Workload Security. Currently, there is no SIEM solution feature, and an integrated SIEM solution would be beneficial.

I have been dealing with Trellix Cloud Workload Security for around four years.

Regarding stability and reliability, I did not experience any downtime from Trellix Cloud Workload Security.

In terms of scalability, I find it easy to scale.

For technical support of Trellix Cloud Workload Security, I would rate it an eight.

I still believe the support could improve because we face multiple challenges with Trellix support for solving issues, which take too long. If we need to solve an issue on an urgent basis within two hours, Trellix support provides required logs, suggestions, and steps, but this response time is too late for solving the issue.

The installation procedure for Trellix Cloud Workload Security is easy.

In terms of return on investment, I can see savings with Trellix Cloud Workload Security in both time and money.

Approximately, I see a 20 to 30 percent ROI with Trellix Cloud Workload Security.

Regarding the price comparison to Trend Micro, I would not say Trellix Cloud Workload Security is expensive. However, the SIEM solution does not offer more complex visibility than the SIEM solution of competitors.

In terms of features, I observe that in comparison to Trend AI, Trellix Cloud Workload Security has more advanced functionality, particularly its advanced feature of micro-segmentation and visualization.

Regarding DevSecOps integration, I am not currently working on this.

My clients all have it in a hybrid environment.

I am installing the agent in AWS and Azure instances. However, I have not had extensive experience with AWS and Azure deployments.

Summarizing everything I have told you about Trellix Cloud Workload Security, I give it a nine out of ten. Having been in the business for seven years, I have been working with Trellix Cloud Workload Security for four years.

Trellix Cloud Workload Security offers many features that I find valuable. The key features include workload protection, which is significant to me, advanced threat detection, EDR plus XDR integration, ecosystem maintainability, runtime monitoring, behavioral analytics, vulnerability visibility, and compliance monitoring, along with integration with Trellix Cloud Workload Security ecosystem components like XDR, SIEM, incident investigation, and response.

Out of those features, I find advanced threat detection the most valuable in my daily work because it provides greater visibility of the workloads running in my environment and helps to identify risks at an early stage so they can be mitigated before any disaster occurs.

Trellix Cloud Workload Security has positively impacted my organization by providing prominent visibility concerning detection, threat, risk, and vulnerabilities across the cloud environment. This capability helps us to be proactive in risk mitigation before any disaster happens.

Specifically, I have observed improved threat detection efficiency with Trellix Cloud Workload Security. XDR-driven correlation has reduced alert noise by thirty to fifty percent, and there has been a twenty-five to forty percent improvement in faster incident detection. Additionally, integrated response has reduced manual effort, leading to a thirty percent decrease in incident response time and less SOC workload due to automation. An added benefit is that tool consolidation works well, considering Trellix Cloud Workload Security XDR is already deployed, reducing dependency on separate EDR and SIEM solutions.

Regarding improvements for Trellix Cloud Workload Security, I would like to point out a few areas. The first is the limited CNAPP capabilities compared to other security solutions like Aqua and Wiz, as Trellix Cloud Workload Security lacks full CNAPP depth, with limited coverage such as CSPM, infrastructure as code scanning, and deep container security. Additionally, the container and Kubernetes security features exist but are not as mature as dedicated platforms like Aqua, particularly in runtime protection for containers, and Kubernetes native security controls are limited. I also find the user interface and reporting needing improvement, as the interface is functional but not modern, and reporting is less business-friendly, providing technical details instead of executive-level insights.

I would like to add that from the audit perspective, audit preparation for maintaining compliance is a very cumbersome job for every organization, and everyone is looking to secure their posture. Trellix Cloud Workload Security helps a lot in that regard, as it provides unified visibility across my cloud environment and aids in managing the compliance strategy, identifying risks at an early stage allowing for effective mitigation, and enhancing the security footprint.

From a governance and security perspective, I find Trellix Cloud Workload Security provides good coverage on compliance management, but there are some gray areas regarding fully handling a cloud environment. However, in terms of workload protection, especially for virtual machines and containers, it performs excellently.

In my experience, the accuracy and reliability of output from Trellix Cloud Workload Security's AI capabilities are acceptable. While it does well in basic static functionalities, improvement is necessary, especially on the response side, where incorporating human-in-the-loop considerations would be beneficial. Trellix Cloud Workload Security should ensure secure communication for any AI agent used, as AI can elevate productivity rapidly, but security measures must be taken at every layer, requiring transparency in how they maintain AI security.

I advise others considering Trellix Cloud Workload Security to use it for workload protection specifically, but if an organization requires consolidation and already has a Trellix Cloud Workload Security ecosystem, it could be effective. Otherwise, I recommend looking into alternate solutions that offer a more consolidated approach in CNAPP, encompassing CSPM, CWPP, KSPM, DSPM, and ASPM. I would rate this product a seven out of ten.

My main use case for Trellix Cloud Workload Security is to protect virtual machines and cloud workloads along with critical applications against emerging malware threats and unauthorized activities.

For example, I use this solution to continuously monitor cloud-hosted workloads, enforce security policies, and detect suspicious activities across our cloud infrastructure.

The best features Trellix Cloud Workload Security offers include Cloud Workload Protection, Threat Detection and Prevention, Centralized Management, and Workload Visibility.

Of those features, the one I find myself relying on the most is real-time threat detection because it helps us identify and respond to security incidents before they impact business operations.

Trellix Cloud Workload Security has positively impacted my organization because it has strengthened cloud security control, improved workload visibility, and reduced risk.

Regarding the outcomes, we have seen improved security monitoring efficiency, reduced incident investigation time, and better visibility into cloud workload activities.

I think Trellix Cloud Workload Security could improve by simplifying the initial deployment, as the initial setup requires an expert level of knowledge to deploy it.

I have been using Trellix Cloud Workload Security for three years.

Trellix Cloud Workload Security is stable.

Trellix Cloud Workload Security's scalability is excellent.

The customer support for Trellix Cloud Workload Security is helpful and consists of knowledgeable engineers, so whenever I face any technical issues, I raise a ticket and receive help from the support team.

I have not switched solutions before Trellix Cloud Workload Security; I have been using it since day one.

The initial setup requires an expert level of knowledge to deploy the solution.

I have seen a great return on investment with Trellix Cloud Workload Security; due to its AI and automation, my team saves time and money. Overall, we have seen good output.

I have not evaluated other options before choosing Trellix Cloud Workload Security.

My advice to others looking into using Trellix Cloud Workload Security is to begin by securing your most critical cloud workloads and business applications, define the security policies and workload classification, and set up alerting. This could make it easy to expand deployment across the environment. I would rate this product a 9.

We have a customer with around 3,000 users who are using this solution. Basically, they have 25 servers in their on-premise environment, with Trellix's application control and other chain control solutions in-built.

The most valuable feature is the application control and ENS. We have implemented the solution according to the specific requirements of the customer to protect their data. We check the applications for any ransomware types so that unauthorized applications cannot be executed or installed on the servers without proper permission.

There is room for improvement in the pricing model. The price could be a bit lower.

I have been working with Trellix for the past eight to ten years. We still have customers using this solution.

I would rate the stability a nine out of ten. The product works fine. 

It is a scalable solution. I would rate it an eight out of ten. It depends on the system environment and worked fine for us. Moreover, this solution works on servers only, so we have over 25 to 30 customers.  

Regarding technical support, our team is also highly skilled in this area, so most of the time, when we need assistance with implementing policies or configuring the product, we rely on support from the OEM. They usually respond within one or two days. Moreover, if we call them, they can quickly establish a remote session and help us resolve the problem.

The support has been reliable and efficient for us.

Positive

It is very easy to use. There are no complications. I would rate it around nine. It took about half an hour to set up the server and client environment, ensuring proper deployment with application control on one machine. 

Moreover, it's usually deployed on the cloud. We primarily use cloud platforms like Envision and IZO Cloud Platform.

The deployment process usually takes less than an hour. Two people are required for the deployment process. 

I would rate it a seven out of ten, where one is a low price, and ten is a high price. Trellix doesn't charge any additional costs. It's a single license. Trellix has three solutions: standard, enterprise, and advanced. Mostly, we recommend the advanced solution.

The customers really want protection against unauthorized applications running on their servers. They should avoid installing any unknown source and use Trellix Cloud Workload Security for the best solution in workload security. It includes DNS with ransomware protection. With this, they can have complete protection for their servers.

Additionally, any solution working with the database should implement change control. So, if any changes are made on the database side, they should be resolved and verified to ensure they are not made by any unknown source. This is the best solution we suggest to customers who want granular control to protect their servers. It's easy to deploy with a single agent.

Overall, I would rate the solution a nine out of ten because policy designing is very easy too. And the manageability is very easy. You can easily manage it through EPO and deploy policies within five to ten minutes. No issues with that.

The discovery feature is the most valuable. After you integrate your cloud environment, maybe an Azure or AWS, or a private environment hosted on VMware, it automatically starts discovering the number of servers that are running on that cloud and the number of services that you have done. It is a beautiful feature because, from a security standpoint, it is difficult to identify which VM is compliant or not when you keep on provisioning a number of VMs in the cloud.

It also checks for compliance. It checks whether a system is compliant and whether antivirus is installed on a VM. If an antivirus is installed, it checks whether the antivirus is updated to the latest signature package or not. All these things are beautifully done by McAfee Cloud Workload Security. 

For communicating with the McAfee server, you need to install an agent on the VM. McAfee Cloud Workload Security gives you a direct opportunity to install an agent on a Windows machine. If you have a Windows cloud, you can directly push that agent onto the VM through your McAfee portal.

It provides you a single dashboard view of all servers present in the cloud. It shows the servers on which the antivirus is already installed as well as the servers for which the antivirus installation is still pending. This dashboard view is a much-needed thing. It also has a centralized management, which makes it easy to use. 

Its vulnerability assessment is not the best. We cannot identify the vulnerabilities that are related to the operating system by using McAfee Cloud Workload Security. I wish McAfee would add a vulnerability assessment tool that will not only identify the vulnerability but will also be able to generate a report so that the required patching can be done for the servers.

Currently, McAfee Cloud Workload Security only integrates with AWS and Azure. If it can also integrate with GCP, Alibaba, and other cloud services available in the market, it would be good because not all people are using Azure and AWS. 

I have been using McAfee Cloud Workload Security for many years. 

It is stable.

It is scalable. We have around 200 serves. 

One thing that I would like to add is that McAfee Cloud Workload Security doesn't give you a limit. For example, if you have about 200 licenses for 200 servers, and the system has grown gradually within a financial year, you can add, for example, 50 more servers within the financial year. The product itself doesn't restrict you from installing 50 more servers. That is one good thing that McAfee provides. You just have to mention it at the time of renewal, and only those 50 servers will get added to the license. It doesn't restrict you from installing this solution on those 50 servers till the renewal. So, if you have taken 200 licenses and you have added 50 more servers within that year, till the renewal, you can install and continue using McAfee Cloud Workload Security on new 50 servers.

They provide good technical support. You just need to call on the toll-free numbers. They provide two types of support. One is business support, and the other one is premium support. You need to pay a bit more for premium support where you straightaway get connected to a technical support person. It is a kind of dedicated support for you.

Even if you have only business support, when you call in, there is not a huge number of call volume being faced by the technical support. You get connected in 10 to 15 minutes. They take information about the case very well, and they will provide whatever guidance or troubleshooting is required. McAfee engineers actually help you by taking the remote access. The agents in other companies just give you some documents that you have to follow, which becomes difficult, but McAfee actually helps you. The troubleshooting skills of McAfee engineers are good.

The initial setup was very straightforward. You just have to input the tenant ID, and you have to give the key. Once you get the key, the VM automatically gets integrated with McAfee Cloud Workload Security. It is just an easy installation of the agent. You can push it straight away to the VM, and then you can start installing the antivirus.

I had around 200 servers. It took me around three to four days for the implementation, and it included putting antivirus on the cloud servers. For initial configuration, you don't even need half a day. It is very easy, and everything can be done in a few hours.

I implemented it on my own. For deployment and maintenance, if you have less than 500 servers or 1,000 servers, I guess one person is enough. If you work in shifts, three people are enough, that is, one person per shift for a 24/7 shift. If there are more than 1,000 servers and it is a huge setup, you would need at least two to three people per shift. You can say a team of 10 or 12 would be required. System engineers and system administrators would be enough to manage it.

It is not an expensive product. I am in the Indian market, and it is one of the most reliable and cost-effective solutions.

I never used anything before McAfee Cloud Workload Security. People have started using cloud solutions more after 2017 or 2018.

I started with McAfee because of the trust that I had in McAfee. The detection capabilities and the performance of McAfee's on-premises products were the reasons why we trusted McAfee and went with it for the cloud solution. It is functioning properly in the cloud because McAfee has a good cloud model. Symantec, which is now being taken over by Broadcom, did not have any cloud-based model. Trend Micro is another competitor of McAfee. McAfee wins over Trend Micro because of the detection capability. Trend Micro is still lacking detection capability.

I would surely recommend this product. It is a good product.

I would rate McAfee Cloud Workload Security a nine out of ten. The vulnerability assessment feature is ideal for this product, and it would improve the product capability a lot.