TrustRadius: an HG Insights company

Trellix Helix

Score7 out of 10

7 Reviews and Ratings

Get a Demo

Top Performing Features

+22%

Host and network-based intrusion detection

Ability to detect both endpoint intrusion and network ingress detection

Cat avg: 7.4

+15%

Integration with Identity and Access Management Tools

Integration with access control tools like Active Directory and LDAP

Cat avg: 7.7

0%

Event and log normalization/management

Ability to normalize event syntax so that logs can be compared and are machine-understandable

Cat avg: 8.5

-5%

Centralized event and log data collection

Effectiveness of real-time centralized event and log data collection

Cat avg: 9

Worst Performing Features

-4%

Correlation

Correlation of logs and events to pinpoint significant threats

Cat avg: 8.4

+1%

Custom dashboards and workspaces

dashboards that can be customized to meet the needs of specific groups

Cat avg: 8

+9%

Deployment flexibility

Ability to tune system to maximize threat detection and minimize false positives

Cat avg: 7.7

Trellix Helix Features from Reviews

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.5+6%

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 9

  • Correlation

    Correlation of logs and events to pinpoint significant threats

    Category average: 8.4

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

    Category average: 8.5

  • Deployment flexibility

    Ability to tune system to maximize threat detection and minimize false positives

    Category average: 7.7

  • Integration with Identity and Access Management Tools

    Integration with access control tools like Active Directory and LDAP

    Category average: 7.7

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

    Category average: 8

  • Host and network-based intrusion detection

    Ability to detect both endpoint intrusion and network ingress detection

    Category average: 7.4

Trellix Helix Features from the Vendor

Security Information and Event Management (SIEM)

Vendor-reviewed

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

  • Correlation

    Correlation of logs and events to pinpoint significant threats

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

  • Deployment flexibility

    Ability to tune system to maximize threat detection and minimize false positives

  • Integration with Identity and Access Management Tools

    Integration with access control tools like Active Directory and LDAP

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

  • Host and network-based intrusion detection

    Ability to detect both endpoint intrusion and network ingress detection

Additional Features

Vendor-contributed

  • Security Information and Event Management (SIEM) Improve threat and vulnerability detection with managed and curated detection rules

  • User and Entity Behavior Analytics (UEBA) Detect insider threats and advanced attacks with machine learning driven analytics

  • Security Analytics Surface answers from your data with next generation security analytics

  • Security Orchestration, Automation, and Response (SOAR) Automate response with pre-built playbooks created by frontline practitioners