Question Should I use Trellix endpoint security or Xcitium open edr?

Please provide comments and solutions that are helpful to the author of this topic.

Trident

Level 30
Verified
Top Poster
Well-known
Feb 7, 2023
1,960
and unless i get a good endpoint protection for free (open edr is free) i dont think there is a valid reason to switch to anything else. Yeah i might turn into an xcitium/comodo fanboy LOL
You are already half way there :D
But yeah, it's not so bad. At least it gets regular updates. When I tried it, their portal was very iffy and deployment couldn't be completed due to expired certificates. I am guessing now they've been renewed. Also, the logging/reporting seems to be very subpar compared to other EDRs. Somebody here (don't remember who) reported that Valkyrie staff slapped "safe" verdict on malware.
 
  • Like
Reactions: Sandbox Breaker

Xeno1234

Level 14
Jun 12, 2023
684
So, Xcitium is a bad EDR, despite basically letting nothing through since its based on everything being untrusted?
Also, is Kaspersky EDR good since it has probably the best detection engines?
 
  • Wow
Reactions: kylprq

Xciting

Level 2
Thread author
Jun 14, 2023
77
yeah i kinda agree with that statement but its free and trellix gets to heavy and i like using online portal but since its not mine and my friends dad's its kinda annoying to change settings and see a dashboard

Thats the only good free edr all the others like ossec and wazuh kinda suck
 

Trident

Level 30
Verified
Top Poster
Well-known
Feb 7, 2023
1,960
Also, is Kaspersky EDR good since it has probably the best detection engines?
Kaspersky EDR is very, very expensive. Only the Cloud Security Pro acts as EDR and that's available for 5 dveices/1 year at the price of £435.00 (almost £90 per device). Not sure if any resellers offer it cheaper.
1687031206666.png


@Xciting I've never used the free EDRs you mentioned.
 

Xciting

Level 2
Thread author
Jun 14, 2023
77
most free edrs are open source and are mostly bad or really sub-par to the point just windows defender is better than them but xcitium is an actual av and not some bad open source, it wasn't always open source and yeah actual companies are paying comodo as we speak for their dragon platform.
 
  • Like
Reactions: Trident

Trident

Level 30
Verified
Top Poster
Well-known
Feb 7, 2023
1,960
Besides cost, is it good? It does seem really expensive though
Prevention-wise it must be good. I am not sure how the portal and everything is. From the EDRs, I've only used Symantec, McAfee, Sophos, Trend Micro (very briefly and I don't like it at all), Palo Alto, CrowdStrike and Check Point which now became my go-to. I am not familiar with other EDRs.
 

Xeno1234

Level 14
Jun 12, 2023
684
Prevention-wise it must be good. I am not sure how the portal and everything is. From the EDRs, I've only used Symantec, McAfee, Sophos, Trend Micro (very briefly and I don't like it at all), Palo Alto, CrowdStrike and Check Point which now became my go-to. I am not familiar with other EDRs.
Doesnt Checkpoint use Kaspersky's Engine?
 

Xciting

Level 2
Thread author
Jun 14, 2023
77
No not anymore they use different engines they use sophos and some others i am not sure abt
 

Trident

Level 30
Verified
Top Poster
Well-known
Feb 7, 2023
1,960
@Trident i remember seeing a post of u giving a dude a license key for avast and he got banned the next day lol i forgot his name
Are you sure this dude is not you? You seem very familiar with my posts. :D
Buying Avast is not truly necessary to tell you the truth, the free version is good enough. But, Avast ain't expensive either so for pocket money you can get rid of the annoying ads and upsell attempts. Avast is good.
Doesnt Checkpoint use Kaspersky's Engine?
Check Point gives you a choice, you can use Kaspersky or you can use Sophos as local anti-malware engines.
For more information, visit this thread:
 
  • Like
Reactions: Miyagi

Xciting

Level 2
Thread author
Jun 14, 2023
77
oh yeah i have been watching MalwareTips for over well idk back when wilderss was more popular in 2014 bro i was the only 13 yeah old on wilders xd
 
  • Thanks
Reactions: kylprq

Xeno1234

Level 14
Jun 12, 2023
684
Are you sure this dude is not you? You seem very familiar with my posts. :D
Buying Avast is not truly necessary to tell you the truth, the free version is good enough. But, Avast ain't expensive either so for pocket money you can get rid of the annoying ads and upsell attempts. Avast is good.

Check Point gives you a choice, you can use Kaspersky or you can use Sophos as local anti-malware engines.
For more information, visit this thread:
Kaspersky I assume is better right?
 

Xeno1234

Level 14
Jun 12, 2023
684
Definitely. And threat emulation in the cloud uses Bitdefender as well. Sophos has some advantages and disadvantages (like there is detection for files seen in spam emails) but yeah, for better security Kaspersky is the better choice.
What is Threat Emulation in the cloud?
 

Trident

Level 30
Verified
Top Poster
Well-known
Feb 7, 2023
1,960
What is Threat Emulation in the cloud?
Files from 73 formats and up to 50 MB are sent to the cloud where they are opened and behaviour is examined. To do that, Check Point uses resistant sandboxes connected to the internet (they do all sorts of things like mimicking user activity as well) and then it uses various engines such as Yara rules on process memory, CADET, Bitdefender, Office Macro engines, CPU-level detection, Intel TDT, IPS and others to produce a verdict.
 
  • Like
Reactions: B-boy/StyLe/

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top