Try our new research platform with insights from 80,000+ expert users

Microsoft Defender XDR vs SolarWinds Security Event Manager comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Microsoft Defender XDR
Average Rating
8.4
Number of Reviews
89
Ranking in other categories
Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (5th), Microsoft Security Suite (2nd)
SolarWinds Security Event M...
Average Rating
7.8
Number of Reviews
26
Ranking in other categories
Security Information and Event Management (SIEM) (20th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Microsoft Defender XDR is designed for Extended Detection and Response (XDR) and holds a mindshare of 10.2%, up 6.2% compared to last year.
SolarWinds Security Event Manager, on the other hand, focuses on Security Information and Event Management (SIEM), holds 0.6% mindshare, down 0.8% since last year.
Extended Detection and Response (XDR)
Security Information and Event Management (SIEM)
 

Featured Reviews

Desray Liu - PeerSpot reviewer
Nov 28, 2023
A time-saving and easy-to-integrate product that needs to offer a control center to users
As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.
Alex Kinyanjui - PeerSpot reviewer
May 24, 2024
A stable and scalable solution that provide 24/7 monitoring
We have to protect customer data, including any PII, accessed via the internet terminal. Additionally, we need to monitor events from network devices and servers that may raise suspicion, allowing us to analyze them and determine what is occurring. SolarWinds affected your overall security costs. Considering the nature of our traffic, it has been very effective. We have proactively identified and addressed issues before they escalate into incidents. I've noticed a reduced investment in handling event-related cases with SolarWinds Security Event Manager. This reduction includes reducing human resources and the time required for teams to provide 24/7 monitoring. Consequently, there has been a significant decrease in costs. Additionally, the platform enables us to address issues before they escalate into incidents, thus preventing revenue leakage. As a result, the organization experiences reduced costs and avoids revenue leakage. Since the SolarWinds Security Event Manager implementation, the total budget allocated to security has been reduced by close to five percent. Initially, there was a heavy investment in that aspect, but we have observed this reduction in the allocated budget for the security team. Since implementing SolarWinds Security Event Manager, the team members' pressure has been reduced. They can now concentrate on more critical tasks and development, promoting growth within their department rather than solely focusing on incident monitoring. I recommend the solution. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The integration, visibility, vulnerability management, and device identification are valuable."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"Microsoft Defender XDR is scalable."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The most valuable feature is the reporting."
"It supports high availability, which is very helpful."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."
"We had to integrate with other teams, and the infrastructure deployment didn't take long. The integration involves learning with different teams, networking, and configuring various network devices and servers. Infrastructure deployment only took one or two days."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"This tool is simple to use."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
 

Cons

"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Defender's AI for identifying suspicious activity could be improved. Also, I do a lot of home updates. Maybe there is a way to set it up faster. For example, let's say that I want to automatically update seven computers, servers, etc. I wouldn't do it to a user, but maybe the server. I don't mind if the server restarts automatically."
"The management and automation of the cloud apps have room for improvement."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
"I would like to have a more customizable dashboard."
"I think the customization area in the tool can be considered as an area of concern where improvements are required."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"We'd like more customization capabilities."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
 

Pricing and Cost Advice

"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."
"Purchasing Microsoft Defender XDR as part of a Microsoft 365 bundle can be cost-effective, but acquiring it as a standalone product may be more expensive."
"The solution is affordable, and we haven't been hit with any hidden costs. The subscription model is straightforward, and it's easy to understand how much additional features cost. If we need to cancel a license or feature, we do that well in advance to avoid being charged for it, but overall, the pricing and licensing are simple and easy."
"While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment."
"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."
"We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
"The license cost for a year is approximately forty-four thousand, and this annual saving is a significant factor in our decision to switch."
"They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
"Licenses can only be purchased in blocks of fifty at a time."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
"The price of SolarWinds Security Event Manager is reasonable."
"Licensing is on devices, so if you have many, then this may be high."
"The pricing model would benefit from having package deals with other SolarWinds products."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Educational Organization
75%
Computer Software Company
5%
Financial Services Firm
3%
University
2%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What needs improvement with Microsoft 365 Defender?
The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...
What do you like most about SolarWinds Security Event Manager ?
The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.
What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
What needs improvement with SolarWinds Security Event Manager ?
I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
 

Overview

 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
Find out what your peers are saying about Microsoft Defender XDR vs. SolarWinds Security Event Manager and other solutions. Updated: May 2023.
814,649 professionals have used our research since 2012.