Microsoft Defender XDR vs Snare comparison

The compared Microsoft and Intersect Alliance solutions aren't in the same category. Microsoft is ranked #5 in XDR , with an average rating of 8.4, and holds a 9.8% mindshare in the category. Intersect Alliance is ranked #44 in LM , with an average rating of 8.0, and holds a 0.3% mindshare. Additionally, 97% of Microsoft users are willing to recommend the solution, compared to 100% of Intersect Alliance users who would recommend it.

Microsoft Defender XDR

Read 96 Microsoft Defender XDR reviews

7,088 Views
5,406 Comparison Views

97% willing to recommend

Snare

Read 3 Snare reviews

691 Views
495 Comparison Views

100% willing to recommend

Microsoft Defender XDR

Snare

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Microsoft Defender XDR and Snare based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR).

To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: December 2024).

Buyer's Guide

Extended Detection and Response (XDR)

December 2024

Download the complete report

Helped 824,067 peers since 2012

Categories and Ranking

Microsoft Defender XDR

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (5th), Microsoft Security Suite (2nd)

Snare

Average Rating

8.0

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Log Management (44th), Security Information and Event Management (SIEM) (43rd)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Microsoft Defender XDR is designed for Extended Detection and Response (XDR) and holds a mindshare of 9.8%, up 6.9% compared to last year.
Snare, on the other hand, focuses on Log Management, holds 0.3% mindshare, down 0.4% since last year.

Extended Detection and Response (XDR)

Log Management

Featured Reviews

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Frank Eargle

Information Security Engineer at Glasshouse Systems

A highly scalable solution that is easy to manage and super easy to set up

We use Snare for picking up Windows logs, and we used to use it for SQL as well. We had used it for Linux once or twice. We're mainly using it for Windows and Windows flat files The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"In our company,we have faced multiple attacks over the last few months, but none of them have been successful, and I think Microsoft Defender XDR has played a major role in it."

"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."

"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."

"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."

"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."

"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."

"Microsoft Defender XDR is a complete package of different Defender solutions, including Defender for Endpoint, Defender for Office 365, Defender for Cloud, and Sentinel SIEM, among others."

"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."

More Microsoft Defender XDR pros

"The best thing about Snare is its format and consistency."

"Snare has good agents, especially for Windows."

"The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have security value."

Cons

"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."

"It would be beneficial to reduce the number of clicks required to navigate between blades, as the current navigation and breadcrumb system can be a bit confusing."

"The mobile app support for Android and iOS is difficult and needs improvement."

"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."

"The data recovery and backup could be improved."

"Sometimes, digging into the information and knowing where to go can be difficult. It would be better if much of that information were immediately visible, especially when looking at endpoints or users."

"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."

"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."

More Microsoft Defender XDR cons

"The solution is now developing a SIEM-like feature on Snare Central Server, but it's not complete yet."

"Users will initially find it difficult to identify the event types and installation in Snare."

"Snare should modernize its GUI a little bit."

Pricing and Cost Advice

"Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."

"Its licensing and pricing are handled by someone else. My role is limited to incidents or issues with the portal, but you get what you pay for. It is worth the cost."

"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."

"The price of the solution is high compared to others and we have lost some customers because of it."

"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."

"While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment."

"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."

"I believe that the pricing of the licensing is fair."

More Microsoft Defender XDR pricing and cost advice

"Snare has reasonable pricing."

"On a scale from one to ten, where one is cheap, and ten is expensive, I rate Snare's pricing a four out of ten."

"Snare is a cheap solution because a lot of customers are using it."

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

824,067 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

11%

Government

Manufacturing Company

Computer Software Company

15%

Financial Services Firm

12%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing is a little high, however, it is on par with other competitive tools in the market.

See all answers

What needs improvement with Microsoft 365 Defender?

Microsoft could improve on threat hunting and build more on threat detection and handling. The cybersecurity and cloud security posture features are a bit lesser than standard security products.

See all answers

What do you like most about Snare?

The best thing about Snare is its format and consistency.

See all answers

What is your experience regarding pricing and costs for Snare?

Snare is a cheap solution because a lot of customers are using it.

See all answers

What needs improvement with Snare?

Users will initially find it difficult to identify the event types and installation in Snare.

See all answers

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 35% of the time

Wazuh vs Microsoft Defender XDR

Compared 8% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 8% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 4% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

syslog-ng vs Snare

Compared 21% of the time

LogRhythm SIEM vs Snare

Compared 13% of the time

Cribl vs Snare

Compared 13% of the time

Splunk Enterprise Security vs Snare

Compared 12% of the time

CrowdStrike Observability vs Snare

Compared 7% of the time

More Snare Competitors

Product Reports

Buyer's Guide

Microsoft Defender XDR

December 2024

Download Microsoft Defender XDR product report

Buyer's Guide

Log Management

December 2024

Download Snare product report

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

No data available

Learn More

Microsoft

Intersect Alliance

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Snare customers consistently tell us that as the financial and reputational consequences of data breaches, cyber threats like malware and ransomware and the constant risks from insider threats increase that they have urgent and ongoing requirements for maintaining regulatory compliance, auditing and managing cyber threat detection and response. They also tell us that existing solutions like SIEM are often complex to implement and maintain, require specialised technical resources or are increasingly unaffordable or variable in their pricing. As a result of these increased requirements Prophecy International has created the Snare product suite.

Compliance requirements can include any number of regulatory mandates including PCI-DSS, Sarbanes Oxley, HIPAA, NERC, GDPR and more. This makes Snare a high value solution for companies in the Government, Defence and Military sectors, Banking, Finance and Insurance, Retail, Health, Energy, Oil & Gas markets.

Snare is a complete suite of Centralised Log Management (CLM), Security Analytics and SIEM tools.

Created by ex military personnel for military use it offers the highest level of security.

Designed to work as part of your security ecosystem Snare also integrates with most other SIEMs including SPLUNK, QRadar, ARCSight and many more. With over 3,000 customers worldwide using Snare for compliance, auditing and threat response, Snare is the name you can trust.

From Enterprise Agents for Windows, Unix, Linux, OSX, Flat files and Databases to a complete forensics and long term log storage platform, agent management console, multipoint log reflector, advanced log analytics and next gen SIEM capability. Either hosted or on prem with both Opex and Capex pricing models, Snare is a one stop shop for CLM and SIEM. Snare product suite is broadly split into two areas:

Centralised Log Management and Snare Analytics

Centralised Log Management incorporates and 4 core technologies

Snare Enterprise Agents
Snare Reflector
Snare Agent Management Console
Snare Central Service

Snare Analytics incorporates another 4 core technologies

Enhanced Snare Central Server incorporating Analytics
Data Ingestion Technologies (via our Adaptors)
Dashboards and Visualisations including custom KPI engine
Runbook – enabling SOAR

These products can be bought independently or combined into a compete solution. You can also “mix and match” with your current security technologies ensuring that you can leverage your existing investments.

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Military, Defence and Security Agencies, Banking Finance and Insurance companies, Retail, Health and Utilities.

Buyer's Guide

Extended Detection and Response (XDR)

December 2024

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR). Updated: December 2024.

DOWNLOAD NOW

824,067 professionals have used our research since 2012.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.