I use Trellix XDR mainly for security purposes. I have multiple sources like endpoint, network, email, cloud, and identity that I can view in a single platform for detection. I can investigate those alerts and respond to specific alerts across multiple teams. When I receive an alert, I prioritize it based on business risk. For example, if I detect a malware incident that is critical and a true positive, I will isolate it and mitigate the incident based on my use cases. I have integrated Trellix XDR with multiple security sources like email gateway, network, and SIEM so I can consolidate them. In real-time, I have integrated with multiple security sources, which is helpful for me to view in a single platform.
Solutions Architect at Mideast Communication Systems-MCS
Reseller
Top 5
Apr 27, 2026
I use Trellix XDR when I need to perform threat hunting on both network and endpoint levels. I go to Trellix XDR in these situations for various purposes. Trellix XDR provides a comprehensive suite of solutions, including EDR, NDR, DLP, and endpoint security. I use it frequently when dealing with a customer who is starting their cybersecurity journey because they offer a wide range of cybersecurity solutions at a good price point. The products are bundled together. Although they have an expensive licensing model, if you bundle some products or more than one product, the pricing becomes reasonable. It is very simple for the customer to work with a single vendor and a single dashboard, managing DLP, endpoint, network, Trellix XDR, email gateway, web gateway, and more.
We are selling Trellix XDR products including DLP and EPP solutions. We sell Trellix XDR for endpoint protection. We are selling endpoint security with Trellix XDR by correlating the telemetries with the EPP solution for a more enhanced security solution to analyze multiple types of threats such as lateral movement and malware threats. We analyze the severity and create playbooks accordingly. The biggest advantage of selling Trellix XDR is that we are able to integrate multiple security solutions with Trellix XDR, including network, firewall, Microsoft Entra, and cloud solutions. We are able to automate threat detection with Trellix XDR by creating playbooks. We are able to do group-wise security creations of threat investigation and threat prevention, and we are able to do one-by-one endpoint policy creation, on-demand scans, and multiple types of security controls such as device control, USB blocking, web control, and Advanced Threat Prevention. There is threat intelligence in Trellix XDR, but we are not drilling down into the threat intelligence in the solution. Getting the telemetry data from the endpoint with Trellix XDR helps us detect the severity based on malware types, techniques, and tactics with MITRE mapping. It shows us with a single click if multiple endpoints are affected by the same threat vectors. We are able to see correlations of the threat vectors and determine which threat vector occurred first through the Root Cause Analysis provided by Trellix XDR.
I am working with EDR and XDR, focusing on migrating on-premises solutions to cloud-based solutions. We are utilizing XDR for cyber threat detection and response.
We utilize the platform for airborne protection and redirection to enhance the environment's environment and that of our clients. Our primary focus is on this solution, and I am looking for more coverage for our security framework, particularly for our CGP program. Currently, HSA only covers host information, leaving us with limited visibility of system and network activity. Therefore, we need another SIEM solution to understand our system and network activities comprehensively.
Trellix XDR provides a comprehensive approach to threat detection and response, enhancing security by integrating data from multiple sources into a single pane of glass for more effective incident management.Leveraging robust analytics, Trellix XDR enables organizations to improve threat visibility and response capabilities. The platform streamlines security operations by centralizing data from networks, endpoints, and cloud resources. This integration helps security teams quickly identify,...
I use Trellix XDR mainly for security purposes. I have multiple sources like endpoint, network, email, cloud, and identity that I can view in a single platform for detection. I can investigate those alerts and respond to specific alerts across multiple teams. When I receive an alert, I prioritize it based on business risk. For example, if I detect a malware incident that is critical and a true positive, I will isolate it and mitigate the incident based on my use cases. I have integrated Trellix XDR with multiple security sources like email gateway, network, and SIEM so I can consolidate them. In real-time, I have integrated with multiple security sources, which is helpful for me to view in a single platform.
I use Trellix XDR when I need to perform threat hunting on both network and endpoint levels. I go to Trellix XDR in these situations for various purposes. Trellix XDR provides a comprehensive suite of solutions, including EDR, NDR, DLP, and endpoint security. I use it frequently when dealing with a customer who is starting their cybersecurity journey because they offer a wide range of cybersecurity solutions at a good price point. The products are bundled together. Although they have an expensive licensing model, if you bundle some products or more than one product, the pricing becomes reasonable. It is very simple for the customer to work with a single vendor and a single dashboard, managing DLP, endpoint, network, Trellix XDR, email gateway, web gateway, and more.
We are selling Trellix XDR products including DLP and EPP solutions. We sell Trellix XDR for endpoint protection. We are selling endpoint security with Trellix XDR by correlating the telemetries with the EPP solution for a more enhanced security solution to analyze multiple types of threats such as lateral movement and malware threats. We analyze the severity and create playbooks accordingly. The biggest advantage of selling Trellix XDR is that we are able to integrate multiple security solutions with Trellix XDR, including network, firewall, Microsoft Entra, and cloud solutions. We are able to automate threat detection with Trellix XDR by creating playbooks. We are able to do group-wise security creations of threat investigation and threat prevention, and we are able to do one-by-one endpoint policy creation, on-demand scans, and multiple types of security controls such as device control, USB blocking, web control, and Advanced Threat Prevention. There is threat intelligence in Trellix XDR, but we are not drilling down into the threat intelligence in the solution. Getting the telemetry data from the endpoint with Trellix XDR helps us detect the severity based on malware types, techniques, and tactics with MITRE mapping. It shows us with a single click if multiple endpoints are affected by the same threat vectors. We are able to see correlations of the threat vectors and determine which threat vector occurred first through the Root Cause Analysis provided by Trellix XDR.
I am working with EDR and XDR, focusing on migrating on-premises solutions to cloud-based solutions. We are utilizing XDR for cyber threat detection and response.
We utilize the platform for airborne protection and redirection to enhance the environment's environment and that of our clients. Our primary focus is on this solution, and I am looking for more coverage for our security framework, particularly for our CGP program. Currently, HSA only covers host information, leaving us with limited visibility of system and network activity. Therefore, we need another SIEM solution to understand our system and network activities comprehensively.