Microsoft Defender XDR vs SolarWinds Security Event Manager comparison

"The integration, visibility, vulnerability management, and device identification are valuable."

"Advanced hunting is good. I like that. We can drill down to lots of details."

"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."

"Microsoft Defender XDR is scalable."

"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."

"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."

"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."

"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."

"The most valuable feature is the reporting."

"It supports high availability, which is very helpful."

"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."

"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."

"We had to integrate with other teams, and the infrastructure deployment didn't take long. The integration involves learning with different teams, networking, and configuring various network devices and servers. Infrastructure deployment only took one or two days."

"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."

"This tool is simple to use."

"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."

"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."

"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."

"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."

"Defender's AI for identifying suspicious activity could be improved. Also, I do a lot of home updates. Maybe there is a way to set it up faster. For example, let's say that I want to automatically update seven computers, servers, etc. I wouldn't do it to a user, but maybe the server. I don't mind if the server restarts automatically."

"The management and automation of the cloud apps have room for improvement."

"Intrusion detection and prevention would be great to have with 365 Defender."

"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."

"The user interface of Microsoft 365 Defender could improve. They could make it simpler."

"It is a very technical program. They can simplify it so that it isn't so hard to deal with."

"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."

"I would like to have a more customizable dashboard."

"I think the customization area in the tool can be considered as an area of concern where improvements are required."

"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."

"We'd like more customization capabilities."

"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."

"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."

"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."

"Purchasing Microsoft Defender XDR as part of a Microsoft 365 bundle can be cost-effective, but acquiring it as a standalone product may be more expensive."

"The solution is affordable, and we haven't been hit with any hidden costs. The subscription model is straightforward, and it's easy to understand how much additional features cost. If we need to cancel a license or feature, we do that well in advance to avoid being charged for it, but overall, the pricing and licensing are simple and easy."

"While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment."

"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."

"We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."

"The license cost for a year is approximately forty-four thousand, and this annual saving is a significant factor in our decision to switch."

"They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."

"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."

"Licenses can only be purchased in blocks of fifty at a time."

"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."

"The price of SolarWinds Security Event Manager is reasonable."

"Licensing is on devices, so if you have many, then this may be high."

"The pricing model would benefit from having package deals with other SolarWinds products."