Microsoft Security Copilot vs. Trellix Intelligent Sandbox

Microsoft Security Copilot is well-suited for environments where security teams face high alert volumes and need rapid triage. It is effective during active threat response, helping us establish timelines and suggest remediation steps quickly. Copilot also excels in executive reporting, generating clear summaries for leadership without much effort. Security Copilot is less effective outside of Microsoft's ecosystem because it doesn't integrate well with other products.

Incentivized

McAfee Advanced Threat Defense is great in large enterprise environments with large, highly segmented networks. The administrator can create exceptions for specific applications as well as create exceptions through HAS which is very convenient for applications created in house. I do not recommend installing it on a computer with little ram memory, since this product demands a lot of resources and can be clearly distinguished in the Windows task monitor.

Incentivized

• Quickly analyze alerts by doings simple analysis or from different inbuilt security tools.
• Smart threat investigation use AI for analyzing user behavior, activity and network logs.
• Automated generate reports and gives the steps to fix the threats.

Incentivized

• Virus and threat prevention
• Sandbox option
• VPN
• It does run flawlessly in background
• It can detect email threats too

Incentivized

• It is super expensive, which can be a turn off for many small businesses looking to leverage its capabilities
• It can be very complex to set up, with many prerequisite steps that need to happen prior to being able to use it
• With all AI-based solutions, it can sometimes hallucinate, but that is to be expected at some level

Incentivized

• There should be more updates.
• It is heavy on our system's storage or we need a high-storage system to run this tool.
• Its pricing is disappointing.

Incentivized

Anyone can use it. Easy to prompt, also capabilities to become advance with custom agents. It can become custom to your workflow. Many people will have their unique experiences to share and results are generally positive. This is a growth in the product from the effect of community and adoption/usage.

Incentivized

Personally, I have only called our internal IT team about needing changes to permissions, not McAfee itself, but our IT team can make the changes though it seems to take them longer than I would think it needs to take. As someone who administers a different program, with different permissions, I would feel they should be able to make the exceptions faster and easier.

Incentivized

My usage of other products is based on SIEM tools. So far, Microsoft Security Copilot is the only product I've seen that works across multiple technologies/products to provide full visibility into security tooling using AI. I know other vendors are working towards this, but Microsoft has definitely taken a lead.

Incentivized

McAfee brand is used, mcafee antivirus scan, mcafee drive encryption, mcafee DLP, mcafee cloud proxy. He Kaspersky at the corporate level and used his admin dashboard is a bit rough. I recommend mcafee since the graphical environment is very friendly with the administrator. We selected it because at the administration level it is more comfortable, support for end users is very easy, the administration console can create roles and segregate permissions.

Incentivized

• Helps reduce time spent creating a baseline script.
• Some errors get corrected but then get reintroduced while adding functionality.
• I noticed that when using this for PowerShell it will sometimes have you install the module in the script without verifying if it is already installed. You must read the script before executing.

Incentivized

• It does provide real-time threat prevention
• Good customer support
• System needs high configuration for seamless operation

Incentivized