Try our new research platform with insights from 80,000+ expert users

Graylog Security vs Microsoft Defender XDR comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Graylog Security
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
2
Ranking in other categories
Security Information and Event Management (SIEM) (40th)
Microsoft Defender XDR
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
89
Ranking in other categories
Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (5th), Microsoft Security Suite (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Graylog Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 0.4%, up 0.1% compared to last year.
Microsoft Defender XDR, on the other hand, focuses on Extended Detection and Response (XDR), holds 10.2% mindshare, up 6.2% since last year.
Security Information and Event Management (SIEM)
Extended Detection and Response (XDR)
 

Featured Reviews

Tony Zafiropoulos - PeerSpot reviewer
Aggregates logs in one place and helps to review data points
We tried Graylog Security, starting with their inexpensive open-source version. We tested it out and continued using it for a while. As for the main differences between Graylog Security and other vendors, some users might prefer cloud-based platforms over on-premises solutions. It isn't inherently cloud-native, but that might not matter much for some.
Desray Liu - PeerSpot reviewer
A time-saving and easy-to-integrate product that needs to offer a control center to users
As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool aggregates logs. We can see the logs in one place."
"We use the solution to collect logs."
"Microsoft Defender is stable."
"Its most significant advantage lies in its affordability."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
 

Cons

"Graylog Security needs to incorporate security scorecards."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The licensing is a nightmare and has room for improvement."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"We should be able to use the product on devices like Apple, Linux, etc."
 

Pricing and Cost Advice

"I rate the tool's pricing a one out of ten."
"Microsoft Defender XDR is priced high."
"The solutions price is fair for what they offer."
"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."
"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."
"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
"With the little idea I have about the costs, I can say that XDR tools tend to be a bit expensive. If you are using Microsoft Defender XDR, then you need to go for a subscription-based pricing model."
"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."
"Microsoft Defender XDR is included in our license."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
22%
Educational Organization
9%
Retailer
6%
Construction Company
6%
Computer Software Company
17%
Financial Services Firm
11%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Graylog Security?
The tool aggregates logs. We can see the logs in one place.
What needs improvement with Graylog Security?
Graylog Security needs to incorporate security scorecards.
What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What needs improvement with Microsoft 365 Defender?
The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...
 

Also Known As

No data available
Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
 

Learn More

 

Overview

 

Sample Customers

Information Not Available
Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: November 2024.
816,406 professionals have used our research since 2012.