Cortex XDR Alternatives

There is a reason Crowdstrike is the leader in EDR. When they say "We stop breaches" it's not a gimmick. They have delivered on this promise time and again.

We use SentinelOne as an important part of our security operations and overall endpoint protection strategy. Overall, our experience with the platform has been very positive. SentinelOne provides very advanced and precise threat detection capabilities, combined with a user interface that is straightforward and easy to understand in daily operations. The platform delivers strong value for the price and offers a modern security approach with powerful AI driven capabilities. In addition, the MDR service has been extremely fast in our experience, with an average MTTR of around 4 minutes, which is a major benefit when responding to threats efficiently.

Sophos is a good product overall, however their alerting on the platform and how they support integrating with other security solutions needs improvement. Additionally, their support for MacOS is not great, and you seem to get in a repetitive cycle of them fixing one issue and breaking another due to Apple's closed relationship with vendors.

As our real estate operations continue to become more digital, connected and collaborative, MDE has become a key part of how we protect the business while maintaining seamless access into business-critical information. Across property management, development, leasing and business operations, the platform protects our endpoints without disrupting productivity. MDE has improved visibility across endpoints through centralized monitoring and realtime security insights, giving out IT team clearer understanding of device health and exposure across the environment. Detection and response capabilities have accelerated how quickly potential threats are identified and investigates, improving operational resilience and reducing blindspots. The platform has also strengthened compliance reporting and governance through centralized audit visibility, policy monitoring and improved evidence collection. It consolidates multiple endpoint security function in a unified platform which has reduced complexity and contributed to lower administrative cost. Automation and AI assisted investigations have further reduced the burden on our IT and security team, allowing them to focus on proactive improvements instead of repetitive monitoring and manual responses.

We deployed Trellix Endpoint Security Suite primarily as an endpoint detection and telemetry agent supporting our managed defense SOC. In this role, Trellix functioned as a reliable source of endpoint data rather than a standalone analyst console. The solution performed best in stability and threat signal quality across our stack. The main challenges that arrived were the resource intensive nature of the Trellix agent.

Overall, our experience with SESC has been positive. The platform provides strong endpoint protection, centralized policy management, and useful detection and response capabilities. Areas that could be improved include their firewall module. We experienced a log ingestion/reporting inconsistency caused by an agent-side defect. In certain noisy traffic events, the agent logged the firewall rule and location at the time of upload instead of preserving the correct policy and location at the time of detectio.n

TrendMicro Vision One Endpoint Security is a good product solution for us. It has been very useful as it can still support legacy devices. We have been deploying this solution for quite some time and we have migrated most of our customers from Apex One to Vision One. The console is very straightforward and easy to understand which would be very helpful in managing the solution. They also provide Fire Alert (Incident Response report) for free which is also helpful for our customer to manage their security risk.

My experience with ESET Protect has been excellent. It's a solid and reliable platform that greatly benefits our business environment, where visibility, control, and centralized security are paramount. One of its most important aspects is the technical support; they assisted us throughout the entire process, from product analysis and implementation to final fine-tuning.