The CPU utilization is very high with Trellix XDR. We are getting multiple types of CPU utilization from the EPP solution, with the EPP agent reaching as high as 80 percent CPU utilization. This creates big challenges for us. The support experience is also concerning. When we require support from Trellix immediately with high priority, we receive multiple emails requesting logs of various types. After that, we have to escalate to Trellix higher management, and then their agent will come in for a remote session to resolve any issues. I would give them eight out of ten points because of the high CPU utilization and the delayed support we experience.
The EdgeGear solution is an area that requires attention, specifically regarding AI solutions and intelligence features. We are still investigating how XDR performs and will identify areas for improvement as we deploy it further.
The platform should enhance compatibility with all other SIEM solutions. Customers should not feel constrained to using only Trellix products due to integration challenges, as this limits their options. Future updates should prioritize enhanced integration features with third-party SIEMs and broader threat intelligence capabilities to improve the platform's adaptability in diverse environments.
Find out what your peers are saying about Trellix, CrowdStrike, SentinelOne and others in Extended Detection and Response (XDR). Updated: February 2026.
Extended Detection and Response (XDR) is an advanced security solution offering more comprehensive threat detection and response by integrating multiple security tools into a unified platform.
XDR addresses the complexities of today’s security landscape by providing greater visibility across networks, endpoints, and cloud environments. Utilizing machine learning and automation, it enables security teams to detect, investigate, and respond to threats faster and more efficiently
What...
The CPU utilization is very high with Trellix XDR. We are getting multiple types of CPU utilization from the EPP solution, with the EPP agent reaching as high as 80 percent CPU utilization. This creates big challenges for us. The support experience is also concerning. When we require support from Trellix immediately with high priority, we receive multiple emails requesting logs of various types. After that, we have to escalate to Trellix higher management, and then their agent will come in for a remote session to resolve any issues. I would give them eight out of ten points because of the high CPU utilization and the delayed support we experience.
The EdgeGear solution is an area that requires attention, specifically regarding AI solutions and intelligence features. We are still investigating how XDR performs and will identify areas for improvement as we deploy it further.
The platform should enhance compatibility with all other SIEM solutions. Customers should not feel constrained to using only Trellix products due to integration challenges, as this limits their options. Future updates should prioritize enhanced integration features with third-party SIEMs and broader threat intelligence capabilities to improve the platform's adaptability in diverse environments.