We compared Darktrace and Microsoft Defender for Endpoint across several parameters based on our user's reviews. After reading the collected data, you can find our conclusion below:
Darktrace is preferred over Microsoft Defender for Endpoint due to its advanced machine-learning capabilities and ability to detect and respond to threats in real time. Users praise Darktrace for its unparalleled threat visibility and proactive approach, while Microsoft Defender is reported to lack some of the advanced features and responsiveness of Darktrace.
"The technical support is good and quick to resolve issues."
"I would say that 90% of the spam and phishing attack emails get blocked right off the bat."
"At the moment we are satisfied with this product. It's a stable, scalable, and resilient solution for us."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"Microsoft Defender for Office 365 is a stable solution."
"The good part is that you don't have to configure it, which is very convenient."
"The most valuable feature of Microsoft Defender for Office 365 is the ease of use."
"There are several features that I consider valuable."
"It is a stable solution without downtime."
"I find it very good in the way that they show the past events, including the attack history."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"I am impressed with the product's ability to give insights into network traffic."
"What I like about Darktrace, is that you can quickly identify threats."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"Microsoft Defender for Endpoint is quite good. We haven't really experienced any issues with it."
"The technical support from Microsoft is very good. We are part of the Microsoft Suite, and from being part of this we have consistent news regarding Microsoft Defender for Endpoint."
"The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."
"It comes included with the Windows license."
"I like that Defender is integrated and doesn't have a third-party payload trying to advertise subscription renewal."
"A few years ago, when I was using a different product, I was affected by a virus that destroyed everything. Since using Microsoft Defender, I have not had this kind of problem."
"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."
"In my opinion, the most valuable aspects are the reporting analytics and integration with Sentinel. Defender does an excellent job of correlating the different entities that comprise threat analysis, analytics data, and log analytics. It helps to piece together investigations into any exploit or malicious activity within a specific tenant. AI and analytics tools are probably the most valuable components."
"You should be able to deploy Defender for every subscription without the need to add servers."
"Configuration requires going to a lot of places rather than just accessing one tab."
"Several simulation options are available within 365, and the phishing simulation could be better."
"The XDR dashboard has room for improvement."
"There's room for improvement regarding the time frame for retrieving emails."
"The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year."
"Microsoft Defender for Office 365 should be more proactive."
"The custom alerts have to improve a lot."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"It is expensive, but everything else has been great so far."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"The interface is too mathematical and it should be simplified."
"The main portal needs improvement as it is difficult to use."
"Darktrace does not have any capabilities to configure."
"In terms of improvement, they update the platform it seems quite a bit. Every month something is in a new spot or something changed somewhere. There should be less of that."
"The frequency of the patching, and the frequency of the updates, are not included with the free version."
"They should bring back the feature of a dedicated proxy device for communication to the cloud. As of now, all the agents are required to send the logs directly to the cloud. There should be a solution where you can put a proxy and all the logs are consolidated, like a forwarder."
"Notifications are always popping up — I hate that."
"They should come up with pre-built inner workflows."
"Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."
"The UI for Microsoft Defender for Endpoint needs to be better. Integration with client dashboards is also lacking in this product, e.g. client dashboards shouldn't just be viewable from the cloud, because when the client's computer is offline, you won't be able to see the client dashboard."
"My main issue with the tool is that there are too many menus. This causes a steep learning curve for those without training or unfamiliar with Defender for Endpoint. From an end-user perspective, the solution is there on the machine and does its job; it works seamlessly. However, as a security professional dealing with it behind the scenes, the learning curve can be steep, but not too steep. Still, it has taken some of my analysts up to a month to get familiar with the product."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 65 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Darktrace is rated 8.2, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Cortex XDR by Palo Alto Networks.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.