Microsoft Defender XDR vs SolarWinds Security Event Manager comparison

"The most valuable features are spam filtering, attachment filtering, and antivirus protection."

"You can configure the product very easily."

"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."

"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."

"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."

"Defender XDR offers richer insights into Defender XDR. It's a better overall experience."

"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."

"The email protection feature is the most valuable because our risks primarily lie there, and it seems to be the most popular target."

"It's extremely easy to deploy."

"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."

"The product's most effective part in improving security stems from the fact that the solution is deployed for event management, log viewing, and information management."

"The most valuable feature of this solution is the visibility into both attempted and failed logins."

"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."

"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."

"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."

"It's easy to build rules and actions based on the logs and event types we collect with the software."

"I do think that maybe having a feature within my organization where there are three different domains within which we have to operate would be helpful, as there is currently no unified view within the domains."

"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."

"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."

"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."

"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."

"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."

"Microsoft Defender XDR could be improved in terms of speed, especially backend speed."

"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."

"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."

"We'd like more customization capabilities."

"I think the customization area in the tool can be considered as an area of concern where improvements are required."

"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."

"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."

"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."

"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."

"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."

"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."

"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."

"With the little idea I have about the costs, I can say that XDR tools tend to be a bit expensive. If you are using Microsoft Defender XDR, then you need to go for a subscription-based pricing model."

"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."

"They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

"365 Defender is billed per account. I don't know the exact price, but my supervisor told me that Microsoft Defender is cheaper than the alternatives. It's bundled, so you get all the features in one place."

"Defender XDR is included in the E5 license, but it's a bit too expensive."

"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."

"Licenses can only be purchased in blocks of fifty at a time."

"Licensing is on devices, so if you have many, then this may be high."

"The price of SolarWinds Security Event Manager is reasonable."

"The pricing model would benefit from having package deals with other SolarWinds products."

"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."

"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."

"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."