Try our new research platform with insights from 80,000+ expert users

Microsoft Defender XDR vs Stellar Cyber Open XDR comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender XDR
Ranking in Endpoint Detection and Response (EDR)
5th
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
96
Ranking in other categories
Microsoft Security Suite (3rd)
Stellar Cyber Open XDR
Ranking in Endpoint Detection and Response (EDR)
61st
Ranking in Extended Detection and Response (XDR)
35th
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
Security Information and Event Management (SIEM) (51st), Security Orchestration Automation and Response (SOAR) (25th), Network Detection and Response (NDR) (21st)
 

Mindshare comparison

As of March 2025, in the Extended Detection and Response (XDR) category, the mindshare of Microsoft Defender XDR is 7.3%, up from 6.6% compared to the previous year. The mindshare of Stellar Cyber Open XDR is 1.6%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Gabor Nyerd - PeerSpot reviewer
Includes four services and four products, which can help organizations a lot
We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.
Hrishiraj Bhattacharjee - PeerSpot reviewer
Correlates incidents, allows for quicker identification and helps prioritize investigations
The only challenge is, and that’s where we come into play, it’s a pretty high-tech platform. So, it’s difficult for small and medium-sized organizations to manage it on their own. It’s a very complex system. It requires a lot of expertise. All my guys who work on it have gone through certification from Stellar itself. There are three different certifications that you need to complete. Only then are you certified by Stellar to work on it. It’s a very complex platform. Not everyone can use it. A simple IT engineer or system admin won’t be able to handle it because it’s quite complex. You need to have an understanding of the industry, the subject, and the tool. So, just purchasing this tool or license and then using it on your own would be very difficult to configure and manage on a day-to-day basis. The pricing model is not suitable for small and medium companies, particularly small companies. The minimum pricing model they have is suitable for companies with more than one thousand users. So, if someone has 50 to 100 users, like typical small companies, it’s difficult for them because the cost involved is high. Stellar would charge you for those thousand users, but you do not need all those users. So what are they going to do? I guess Stellar does not want to target small companies directly and maybe relies on resellers and MSPs like us to sell it. So, that is something I would recommend changing. Otherwise, it’s a great tool, but because of the pricing model, small companies are unable to leverage the advantage of this beautiful tool. So, the pricing model should be suitable for small and medium businesses. The product currently has vulnerability monitoring and everything. But if they could also do something about vulnerability management and maybe patch management, that would be nice.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Microsoft 365 Defender is a stable solution."
"The threat intelligence is excellent."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"It has great stability."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"It can integrate with almost any cybersecurity tool available in the market."
"Stellar Cyber Open XDR offers these functionalities at a more affordable price, making it easier for me to position it with price-sensitive customers."
 

Cons

"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"The solution does not offer a unified response and standard data."
"Sometimes, configurations take much longer than expected."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."
"We should be able to use the product on devices like Apple, Linux, etc."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Support is an issue because they have a limited number of resources."
"I would rate the stability at about five to six. The platform requires some fine-tuning, especially when integrating data sources and creating connectors."
 

Pricing and Cost Advice

"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."
"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."
"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."
"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."
"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."
"Purchasing Microsoft Defender XDR as part of a Microsoft 365 bundle can be cost-effective, but acquiring it as a standalone product may be more expensive."
"365 Defender is billed per account. I don't know the exact price, but my supervisor told me that Microsoft Defender is cheaper than the alternatives. It's bundled, so you get all the features in one place."
"Microsoft Defender XDR's licensing is complicated."
"It’s a single license platform."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
842,194 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Manufacturing Company
8%
Government
8%
Computer Software Company
16%
Comms Service Provider
12%
Manufacturing Company
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What is your experience regarding pricing and costs for Microsoft 365 Defender?
Licensing is somewhat confusing, particularly when presenting our pitch decks to stakeholders and leveraging key features in premium SKUs, but we managed with some assistance from Microsoft.
What needs improvement with Microsoft 365 Defender?
It would be beneficial to reduce the number of clicks required to navigate between blades, as the current navigation and breadcrumb system can be a bit confusing. Some inconsistencies exist between...
What is your experience regarding pricing and costs for Stellar Cyber Open XDR?
If you purchase directly from Stellar, you need to have more than a thousand users for the cost to be reasonable. So for larger companies, it’s more reasonable than for small ones. Otherwise, we ne...
What needs improvement with Stellar Cyber Open XDR?
The only challenge is, and that’s where we come into play, it’s a pretty high-tech platform. So, it’s difficult for small and medium-sized organizations to manage it on their own. It’s a very compl...
What is your primary use case for Stellar Cyber Open XDR?
We basically took Stellar platform and are now sell it to our customers. There are different use cases, but it’s mainly focused on incident response. Customers typically have a range of technologie...
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
No data available
 

Overview

 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Sumitomo Chemical USA, PlastiPak Packaging, University of Denver, Large California State Agency, Large Midwestern American City
Find out what your peers are saying about Microsoft Defender XDR vs. Stellar Cyber Open XDR and other solutions. Updated: March 2025.
842,194 professionals have used our research since 2012.