Question Should I use Trellix endpoint security or Xcitium open edr?

Please provide comments and solutions that are helpful to the author of this topic.

Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Xciting said:
and unless i get a good endpoint protection for free (open edr is free) i dont think there is a valid reason to switch to anything else. Yeah i might turn into an xcitium/comodo fanboy LOL
Click to expand...
You are already half way there :D
But yeah, it's not so bad. At least it gets regular updates. When I tried it, their portal was very iffy and deployment couldn't be completed due to expired certificates. I am guessing now they've been renewed. Also, the logging/reporting seems to be very subpar compared to other EDRs. Somebody here (don't remember who) reported that Valkyrie staff slapped "safe" verdict on malware.
 
  • Like
Reactions: Sandbox Breaker
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
So, Xcitium is a bad EDR, despite basically letting nothing through since its based on everything being untrusted?
Also, is Kaspersky EDR good since it has probably the best detection engines?
 
  • Wow
Reactions: kylprq
Xciting

Xciting

Level 2
Thread author
Jun 14, 2023
77
yeah i kinda agree with that statement but its free and trellix gets to heavy and i like using online portal but since its not mine and my friends dad's its kinda annoying to change settings and see a dashboard

Thats the only good free edr all the others like ossec and wazuh kinda suck
 
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Xeno1234 said:
Also, is Kaspersky EDR good since it has probably the best detection engines?
Click to expand...
Kaspersky EDR is very, very expensive. Only the Cloud Security Pro acts as EDR and that's available for 5 dveices/1 year at the price of £435.00 (almost £90 per device). Not sure if any resellers offer it cheaper.
1687031206666.png


@Xciting I've never used the free EDRs you mentioned.
 
Xciting

Xciting

Level 2
Thread author
Jun 14, 2023
77
most free edrs are open source and are mostly bad or really sub-par to the point just windows defender is better than them but xcitium is an actual av and not some bad open source, it wasn't always open source and yeah actual companies are paying comodo as we speak for their dragon platform.
 
  • Like
Reactions: Trident
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Xeno1234 said:
Besides cost, is it good? It does seem really expensive though
Click to expand...
Prevention-wise it must be good. I am not sure how the portal and everything is. From the EDRs, I've only used Symantec, McAfee, Sophos, Trend Micro (very briefly and I don't like it at all), Palo Alto, CrowdStrike and Check Point which now became my go-to. I am not familiar with other EDRs.
 
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Trident said:
Prevention-wise it must be good. I am not sure how the portal and everything is. From the EDRs, I've only used Symantec, McAfee, Sophos, Trend Micro (very briefly and I don't like it at all), Palo Alto, CrowdStrike and Check Point which now became my go-to. I am not familiar with other EDRs.
Click to expand...
Doesnt Checkpoint use Kaspersky's Engine?
 
Xciting

Xciting

Level 2
Thread author
Jun 14, 2023
77
No not anymore they use different engines they use sophos and some others i am not sure abt
 
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Xciting said:
@Trident i remember seeing a post of u giving a dude a license key for avast and he got banned the next day lol i forgot his name
Click to expand...
Are you sure this dude is not you? You seem very familiar with my posts. :D
Buying Avast is not truly necessary to tell you the truth, the free version is good enough. But, Avast ain't expensive either so for pocket money you can get rid of the annoying ads and upsell attempts. Avast is good.
Xeno1234 said:
Doesnt Checkpoint use Kaspersky's Engine?
Click to expand...
Check Point gives you a choice, you can use Kaspersky or you can use Sophos as local anti-malware engines.
For more information, visit this thread:
malwaretips.com

Serious Discussion - Harmony Endpoint by Check Point

This thread is for posts related to Check Point Harmony. Harmony Endpoint Trial: https://pages.checkpoint.com/harmony-endpoint-trial.html What's included in Check Point Harmony Endpoint? Check Point Harmony Endpoint comes in few editions. Features will be compared first and then we will have...
malwaretips.com malwaretips.com
 
  • Like
Reactions: Miyagi
Xciting

Xciting

Level 2
Thread author
Jun 14, 2023
77
oh yeah i have been watching MalwareTips for over well idk back when wilderss was more popular in 2014 bro i was the only 13 yeah old on wilders xd
 
  • Thanks
Reactions: kylprq
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Trident said:
Are you sure this dude is not you? You seem very familiar with my posts. :D
Buying Avast is not truly necessary to tell you the truth, the free version is good enough. But, Avast ain't expensive either so for pocket money you can get rid of the annoying ads and upsell attempts. Avast is good.

Check Point gives you a choice, you can use Kaspersky or you can use Sophos as local anti-malware engines.
For more information, visit this thread:
malwaretips.com

Serious Discussion - Harmony Endpoint by Check Point

This thread is for posts related to Check Point Harmony. Harmony Endpoint Trial: https://pages.checkpoint.com/harmony-endpoint-trial.html What's included in Check Point Harmony Endpoint? Check Point Harmony Endpoint comes in few editions. Features will be compared first and then we will have...
malwaretips.com malwaretips.com
Click to expand...
Kaspersky I assume is better right?
 
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Trident said:
Definitely. And threat emulation in the cloud uses Bitdefender as well. Sophos has some advantages and disadvantages (like there is detection for files seen in spam emails) but yeah, for better security Kaspersky is the better choice.
Click to expand...
What is Threat Emulation in the cloud?
 
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Xeno1234 said:
What is Threat Emulation in the cloud?
Click to expand...
Files from 73 formats and up to 50 MB are sent to the cloud where they are opened and behaviour is examined. To do that, Check Point uses resistant sandboxes connected to the internet (they do all sorts of things like mimicking user activity as well) and then it uses various engines such as Yara rules on process memory, CADET, Bitdefender, Office Macro engines, CPU-level detection, Intel TDT, IPS and others to produce a verdict.
 
  • Like
Reactions: B-boy/StyLe/

Similar threads

Adrian Ścibor
    • Like
    • +Reputation
    • Applause
AVLab.pl Protection effectiveness of EDR solutions against Internet threats
Replies
10
Views
1,107
Security Statistics and Reports
Moonhorse
Moonhorse
Xeno1234
    • Like
Battle Whats better Xcitium EDR or Kaspersky with Untrusted HIPS Setup
Replies
3
Views
1,364
Software Comparison
goldensu
G
Adrian Ścibor
    • Like
    • Applause
    • +Reputation
AVLab.pl Overview of protection of EDR-XDR solutions. Simulation of offensive security tests including the visibility of attacks in telemetry.
Replies
3
Views
1,399
Security Statistics and Reports
Zero Knowledge
Z

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top