Try our new research platform with insights from 80,000+ expert users

Cybereason XDR vs Microsoft Defender XDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

Cybereason XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
8.6
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Microsoft Defender XDR
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
8.4
Number of Reviews
89
Ranking in other categories
Endpoint Detection and Response (EDR) (5th), Microsoft Security Suite (2nd)
 

Mindshare comparison

As of November 2024, in the Extended Detection and Response (XDR) category, the mindshare of Cybereason XDR is 0.9%, up from 0.6% compared to the previous year. The mindshare of Microsoft Defender XDR is 10.2%, up from 6.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Ivan Burke - PeerSpot reviewer
Sep 11, 2023
Provides effective incident response and investigation features
We also use Palo Alto's XDR, SentinelOne, Trend Micro, and quite a few others. SentinelOne is nice because you have a centralized dashboard. You just have a single instance and can manage all your clients from one central dashboard, which Cybereason currently lacks. It hinders our use case because we have to redeploy our rules. However, SentinelOne's search feature is slightly more limited than Cybereason's. SentinelOne's search feature is very restrictive, and they have a certain way you have to do it. If you don't follow that way, you're kind of stuck. The deployability is the same, and we have not had scalability issues. We don't work with a larger client. Our largest deployment was about 3,000 endpoints. Cybereason's tech support or the support engineer tends to be slightly better than SentinelOne's because there is no direct contact for support in our region. We usually have to reach out to either the European or the American branches for assistance. There's a bit of a time delay or something that happens. Those are the only major differences.
Desray Liu - PeerSpot reviewer
Nov 28, 2023
A time-saving and easy-to-integrate product that needs to offer a control center to users
As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution has an investigation feature, which is useful for building storylines."
"Cybereason XDR's most useful feature is the investigation."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"What I like most about the product is its all-in-one solution. With Microsoft Defender XDR, we get coverage for various aspects like endpoint security, cloud security, and image-related cases, all within a single platform. This eliminates the need for multiple products or technical controls to address incidents. The main benefit became evident immediately after deployment, especially in its ability to analyze files and phishing emails quickly. By submitting suspicious files or emails, we receive quick results on whether they are legitimate, suspicious, or malicious, saving time."
"Defender XDR can stop advanced attacks, like ransomware or business email compromise."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
 

Cons

"Cybereason's customer support could be better."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"Advanced attacks could use an improvement."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"The web filtering solution needs to be improved because currently, it is very simple."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The mobile app support for Android and iOS is difficult and needs improvement."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
 

Pricing and Cost Advice

"The solution is cheaper than Microsoft Defender. It has a subscription and no standard license."
"Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
"Its licensing and pricing are handled by someone else. My role is limited to incidents or issues with the portal, but you get what you pay for. It is worth the cost."
"Microsoft 365 Defender offers competitive pricing."
"The product is fairly priced for what we get from it."
"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."
"Understanding the subscription model has been a bit challenging, as every feature or requirement comes with an additional cost."
"It is fairly priced because we get complete integrated services with the E5 license."
"The solution is too expensive."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
25%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
8%
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cybereason XDR?
The solution has an investigation feature, which is useful for building storylines.
What needs improvement with Cybereason XDR?
The one thing we sometimes have issues with is its integration with other security applications like antiviruses. We connect this solution to many companies, so we set up new custom rules for every...
What is your primary use case for Cybereason XDR?
We have mostly been using it to help us look into responses. We usually deploy it during the incident response scenarios, trying to find out what happened in an environment.
What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What needs improvement with Microsoft 365 Defender?
The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...
 

Also Known As

No data available
Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
 

Overview

 

Sample Customers

MOTOROLA MOBILITY
Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Find out what your peers are saying about Cybereason XDR vs. Microsoft Defender XDR and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.