Microsoft Security Copilot helps security and IT teams to protect organizations at the speed and scale of AI. It is available in a standalone experience or embedded into other Microsoft Security products.
N/A
Trellix Intelligent Sandbox
Score 7.1 out of 10
N/A
Trellix Intelligent Sandbox (formerly McAfee Advanced Threat Defense) enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. It includes additional inspection capabilities that broaden detection and expose evasive threats. Integration between security solutions—from network and endpoint to investigation—enables instant sharing of threat information across the environment, enhancing protection and investigation. Deployment…
Microsoft Security Copilot is well-suited for environments where security teams face high alert volumes and need rapid triage. It is effective during active threat response, helping us establish timelines and suggest remediation steps quickly. Copilot also excels in executive reporting, generating clear summaries for leadership without much effort. Security Copilot is less effective outside of Microsoft's ecosystem because it doesn't integrate well with other products.
McAfee Advanced Threat Defense is great in large enterprise environments with large, highly segmented networks. The administrator can create exceptions for specific applications as well as create exceptions through HAS which is very convenient for applications created in house. I do not recommend installing it on a computer with little ram memory, since this product demands a lot of resources and can be clearly distinguished in the Windows task monitor.
They integrate very well, and they have a lot of options within each product. That's what they do well. They bring together the entire suite of tools, all of the edge. Each product does its thing very well, and to bring it all together utilizing AI, it's very difficult for us to understand what the paved path is to get from A to Z. And that's what they don't do so well.
The reason I said it was better was that when I ran the same query in other AI engines, like OpenAI, I still believe my Microsoft Security Copilot can be further trained to give better results than that. So I think that's something that should be an improvement.
We are not going to stop using M365 and our environment is large enough that there is not enough in-house expertise to handle all aspects of security, even with the help of a MSSP. Security Copilot helps us shore up the knowledge gap and keep our organization's security posture tight.
Anyone can use it. Easy to prompt, also capabilities to become advance with custom agents. It can become custom to your workflow. Many people will have their unique experiences to share and results are generally positive. This is a growth in the product from the effect of community and adoption/usage.
Personally, I have only called our internal IT team about needing changes to permissions, not McAfee itself, but our IT team can make the changes though it seems to take them longer than I would think it needs to take. As someone who administers a different program, with different permissions, I would feel they should be able to make the exceptions faster and easier.
My usage of other products is based on SIEM tools. So far, Microsoft Security Copilot is the only product I've seen that works across multiple technologies/products to provide full visibility into security tooling using AI. I know other vendors are working towards this, but Microsoft has definitely taken a lead.
McAfee brand is used, mcafee antivirus scan, mcafee drive encryption, mcafee DLP, mcafee cloud proxy. He Kaspersky at the corporate level and used his admin dashboard is a bit rough. I recommend mcafee since the graphical environment is very friendly with the administrator. We selected it because at the administration level it is more comfortable, support for end users is very easy, the administration console can create roles and segregate permissions.
Helps reduce time spent creating a baseline script.
Some errors get corrected but then get reintroduced while adding functionality.
I noticed that when using this for PowerShell it will sometimes have you install the module in the script without verifying if it is already installed. You must read the script before executing.
