Microsoft Defender XDR vs SolarWinds Security Event Manager comparison

"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."

"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."

"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."

"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."

"The feature I find most valuable is Defender for Endpoint."

"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."

"The product integrates security into one tool instead of having third-party security tools."

"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."

"It's easy to build rules and actions based on the logs and event types we collect with the software."

"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."

"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."

"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."

"SolarWinds' stability is fine. I don't think we've had any software issues."

"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."

"It supports high availability, which is very helpful."

"The most valuable feature is the reporting."

"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."

"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."

"This solution could be improved if it included features such as those offered by Malwarebytes."

"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."

"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."

"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."

"The support team is not competent or responsive."

"Advanced attacks could use an improvement."

"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."

"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."

"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."

"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."

"The only issue is the pricetag. SolarWinds is a costly solution."

"The company had to use a third party for the implementation of the solution."

"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."

"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."

"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."

"The product is fairly priced for what we get from it."

"The price of the solution is high compared to others and we have lost some customers because of it."

"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."

"It is fairly priced because we get complete integrated services with the E5 license."

"The solution is too expensive."

"Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."

"The pricing of Microsoft 365 Defender is definitely on the costly side, but with the features and services that Microsoft provides, such as the seamless integration of all the Defender tools, while the price is on the higher side, there is no alternative."

"The price of SolarWinds Security Event Manager is reasonable."

"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."

"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."

"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."

"Licensing is on devices, so if you have many, then this may be high."

"Licenses can only be purchased in blocks of fifty at a time."

"The pricing model would benefit from having package deals with other SolarWinds products."