Graylog Security vs Microsoft Defender XDR comparison

The compared Graylog and Microsoft solutions aren't in the same category. Graylog is ranked #40 in SIEM , with an average rating of 8.5, and holds a 0.5% mindshare in the category. Microsoft is ranked #5 in XDR , with an average rating of 8.4, and holds a 9.8% mindshare. Additionally, 100% of Graylog users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

Graylog Security

Read 2 Graylog Security reviews

368 Views
312 Comparison Views

100% willing to recommend

Microsoft Defender XDR

Read 96 Microsoft Defender XDR reviews

7,088 Views
5,406 Comparison Views

97% willing to recommend

Graylog Security

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Graylog Security and Microsoft Defender XDR based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM).

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: December 2024).

Buyer's Guide

Security Information and Event Management (SIEM)

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

Graylog Security

Average Rating

8.6

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (40th)

Microsoft Defender XDR

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (5th), Microsoft Security Suite (2nd)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Graylog Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 0.5%, up 0.1% compared to last year.
Microsoft Defender XDR, on the other hand, focuses on Extended Detection and Response (XDR), holds 9.8% mindshare, up 6.9% since last year.

Security Information and Event Management (SIEM)

Extended Detection and Response (XDR)

Featured Reviews

Tony Zafiropoulos

Owner/ Chief Engineer at Fixvirus.com

Aggregates logs in one place and helps to review data points

We tried Graylog Security, starting with their inexpensive open-source version. We tested it out and continued using it for a while. As for the main differences between Graylog Security and other vendors, some users might prefer cloud-based platforms over on-premises solutions. It isn't inherently cloud-native, but that might not matter much for some.

Read full review

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The tool aggregates logs. We can see the logs in one place."

"We use the solution to collect logs."

"The Email Explorer feature has proven invaluable, offering a broader perspective than automated alerts and incidents alone."

"The most valuable feature is the network security."

"The integration with other Microsoft solutions is the most valuable feature."

"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."

"Vulnerability assessment and just-in-time access are some valuable features of Defender for server plans."

"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."

"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."

"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."

More Microsoft Defender XDR pros

Cons

"Graylog Security needs to incorporate security scorecards."

"The console is missing some features that would be helpful for a managed services provider, like device and user management."

"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."

"Stability could be improved by avoiding frequent changes to the interface."

"The support team is not competent or responsive."

"The management and automation of the cloud apps have room for improvement."

"Sometimes, digging into the information and knowing where to go can be difficult. It would be better if much of that information were immediately visible, especially when looking at endpoints or users."

"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."

"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"I rate the tool's pricing a one out of ten."

"Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."

"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."

"On average, we pay around 55 euros per user for the services and features we receive."

"It is 15 dollars per server per month. It is worth it, but it can be costly. It depends on the company's size."

"It is fairly priced because we get complete integrated services with the E5 license."

"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."

"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."

"Its licensing and pricing are handled by someone else. My role is limited to incidents or issues with the portal, but you get what you pay for. It is worth the cost."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

22%

Educational Organization

Retailer

University

Computer Software Company

17%

Financial Services Firm

11%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Graylog Security?

The tool aggregates logs. We can see the logs in one place.

See all answers

What is your experience regarding pricing and costs for Graylog Security?

I rate the tool's pricing a one out of ten.

See all answers

What needs improvement with Graylog Security?

Graylog Security needs to incorporate security scorecards.

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing is a little high, however, it is on par with other competitive tools in the market.

See all answers

What needs improvement with Microsoft 365 Defender?

Microsoft could improve on threat hunting and build more on threat detection and handling. The cybersecurity and cloud security posture features are a bit lesser than standard security products.

See all answers

Comparisons

Wazuh vs Graylog Security

Compared 81% of the time

Trellix ESM vs Graylog Security

Compared 10% of the time

More Graylog Security Competitors

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 35% of the time

Wazuh vs Microsoft Defender XDR

Compared 8% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 8% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 4% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

Security Information and Event Management (SIEM)

December 2024

Download Graylog Security product report

Buyer's Guide

Microsoft Defender XDR

December 2024

Download Microsoft Defender XDR product report

Also Known As

No data available

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Learn More

Graylog

Microsoft

Overview

Graylog Security is designed for log management and analysis, assisting in monitoring security events, detecting threats, providing real-time alerts, and aiding troubleshooting and forensic investigations. Its scalability and customizable dashboards support IT departments in maintaining system performance and ensuring compliance.

With exceptional log management capabilities and powerful search functions, Graylog Security is reliable for threat hunting, integrating with other tools, and offering a user-friendly dashboard. Organizations value it for quickly analyzing large datasets and providing detailed insights into security events. However, better documentation and clearer instructions for new users, more efficient alerting capabilities, easier scaling, and enhanced support options could improve user satisfaction.

What are the most important features of Graylog Security?

Log Management: Efficiently handle and analyze extensive log data.
Scalability: Adapt to growing data volumes with ease.
Customizable Dashboards: Create tailored dashboards for specific needs.
Real-Time Alerting: Receive instant notifications on security events.
Threat Hunting: Conduct detailed threat analyses and investigations.
Flexible Integrations: Seamlessly connect with other security tools.
User-Friendly Interface: Navigate and manage with ease.

What benefits or ROI should users look for in reviews when evaluating Graylog Security?

Improved Threat Detection: Enhanced ability to identify and respond to threats.
Operational Efficiency: Streamlined log management and analytics processes.
Scalability: Accommodate growing data needs without performance decline.
Customizability: Tailor features and dashboards to specific requirements.
Compliance: Maintain and prove regulatory compliance.
Cost-Effectiveness: Benefit from efficient resource use and reduced manual efforts.
Enhanced Support: Consideration for responsive and helpful support services.

Graylog Security is implemented across diverse industries, including healthcare for patient data protection, finance for transaction monitoring and fraud detection, and retail for safeguarding customer information. Each industry leverages its detailed analytics and real-time alerting to meet specific regulatory and operational standards, ensuring a secure and compliant environment.

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Sample Customers

Information Not Available

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

Security Information and Event Management (SIEM)

December 2024

Download Free Report

Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.