Try our new research platform with insights from 80,000+ expert users
Microsoft Defender XDR Logo

Microsoft Defender XDR pros and cons

Vendor: Microsoft
4.2 out of 5
Badge Leader
334 followers
Post review

Pros & Cons summary

Microsoft Defender XDR is easy to configure and customize, offering comprehensive integration with Microsoft services like Microsoft 365, Azure, and SCCM. It provides robust threat protection capabilities including antiphishing, antispam, and advanced ransomware defense. Efficient threat detection and response are enabled through automated analysis and advanced attack simulations. Its scalability serves various environments, though licensing could be more consolidated. Improved support for non-Microsoft solutions and updated documentation would enhance its value.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Microsoft Defender XDR is easy to use and integrate, especially with other Microsoft products.
It offers comprehensive threat protection and has strong antiphishing capabilities.
Users can automate tasks and configure settings to enhance threat detection and response.
The integration across Microsoft Defender applications simplifies the security management process.
Microsoft Defender XDR effectively enhances cloud security, crucial for remote workflows.

CONS

Microsoft Defender XDR needs faster scanning for email attachments.
Cost-effectiveness and consistent updates are required for Microsoft Defender XDR.
Improved machine learning and AI capabilities would benefit Microsoft Defender XDR.
Better integration with third-party solutions would enhance Microsoft Defender XDR.
Automation of threat detection and response is lacking in Microsoft Defender XDR.
 

Microsoft Defender XDR Pros review quotes

Eric Mannon - PeerSpot reviewer
Nov 27, 2023
The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def
Read full review
PD
Nov 19, 2024
For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity.
Read full review
Gabor Nyerd - PeerSpot reviewer
May 17, 2023
Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP.
Read full review
Buyer's Guide
Microsoft Defender XDR
November 2024
Free Report: Microsoft Defender XDR Reviews and More
Learn what your peers think about Microsoft Defender XDR. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
James-Hinojosa - PeerSpot reviewer
Apr 5, 2023
In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments.
Read full review
reviewer2187066 - PeerSpot reviewer
May 17, 2023
Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment.
Read full review
Siddharth Kumar - PeerSpot reviewer
May 24, 2024
In our company,we have faced multiple attacks over the last few months, but none of them have been successful, and I think Microsoft Defender XDR has played a major role in it.
Read full review
reviewer2186769 - PeerSpot reviewer
May 17, 2023
Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit.
Read full review
Patrick Celano Ciccarino - PeerSpot reviewer
Mar 8, 2024
The integration, visibility, vulnerability management, and device identification are valuable.
Read full review
Michael Wurz - PeerSpot reviewer
Nov 22, 2023
From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave.
Read full review
NitinKumar1 - PeerSpot reviewer
Apr 17, 2024
The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging.
Read full review
Show 10 more reviews (out of 89)
 

Microsoft Defender XDR Cons review quotes

Eric Mannon - PeerSpot reviewer
Nov 27, 2023
From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it.
Read full review
PD
Nov 19, 2024
For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details.
Read full review
Gabor Nyerd - PeerSpot reviewer
May 17, 2023
Sometimes, configurations take much longer than expected.
Read full review
Buyer's Guide
Microsoft Defender XDR
November 2024
Free Report: Microsoft Defender XDR Reviews and More
Learn what your peers think about Microsoft Defender XDR. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
James-Hinojosa - PeerSpot reviewer
Apr 5, 2023
At times, there may be delays in the execution of certain actions and their effects.
Read full review
reviewer2187066 - PeerSpot reviewer
May 17, 2023
In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals.
Read full review
Siddharth Kumar - PeerSpot reviewer
May 24, 2024
I do think that maybe having a feature within my organization where there are three different domains within which we have to operate would be helpful, as there is currently no unified view within the domains.
Read full review
reviewer2186769 - PeerSpot reviewer
May 17, 2023
Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful.
Read full review
Patrick Celano Ciccarino - PeerSpot reviewer
Mar 8, 2024
The web filtering solution needs to be improved because currently, it is very simple.
Read full review
Michael Wurz - PeerSpot reviewer
Nov 22, 2023
The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense.
Read full review
NitinKumar1 - PeerSpot reviewer
Apr 17, 2024
The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution.
Read full review
Show 10 more reviews (out of 89)

Product Categories

Product Categories
Extended Detection and Response (XDR)
Endpoint Detection and Response (EDR)
Microsoft Security Suite

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Microsoft Defender XDR Logo
CrowdStrike Falcon vs Microsoft Defender XDR
Wazuh vs Microsoft Defender XDR Logo
Wazuh vs Microsoft Defender XDR
SentinelOne Singularity Complete vs Microsoft Defender XDR Logo
SentinelOne Singularity Complete vs Microsoft Defender XDR
Cortex XDR by Palo Alto Networks vs Microsoft Defender XDR Logo
Cortex XDR by Palo Alto Networks vs Microsoft Defender XDR
IBM Security QRadar vs Microsoft Defender XDR Logo
IBM Security QRadar vs Microsoft Defender XDR
Elastic Security vs Microsoft Defender XDR Logo
Elastic Security vs Microsoft Defender XDR
Trellix Endpoint Security vs Microsoft Defender XDR Logo
Trellix Endpoint Security vs Microsoft Defender XDR
Forescout Platform vs Microsoft Defender XDR Logo
Forescout Platform vs Microsoft Defender XDR
Trend Vision One vs Microsoft Defender XDR Logo
Trend Vision One vs Microsoft Defender XDR
Cynet vs Microsoft Defender XDR Logo
Cynet vs Microsoft Defender XDR
Rapid7 InsightIDR vs Microsoft Defender XDR Logo
Rapid7 InsightIDR vs Microsoft Defender XDR
Mandiant Advantage vs Microsoft Defender XDR Logo
Mandiant Advantage vs Microsoft Defender XDR
Stellar Cyber Open XDR vs Microsoft Defender XDR Logo
Stellar Cyber Open XDR vs Microsoft Defender XDR
Fidelis Elevate vs Microsoft Defender XDR Logo
Fidelis Elevate vs Microsoft Defender XDR
LogRhythm UEBA vs Microsoft Defender XDR Logo
LogRhythm UEBA vs Microsoft Defender XDR
See all alternatives

Product Categories

Product Categories
Extended Detection and Response (XDR)
Endpoint Detection and Response (EDR)
Microsoft Security Suite

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Microsoft Defender XDR Logo
CrowdStrike Falcon vs Microsoft Defender XDR
Wazuh vs Microsoft Defender XDR Logo
Wazuh vs Microsoft Defender XDR
SentinelOne Singularity Complete vs Microsoft Defender XDR Logo
SentinelOne Singularity Complete vs Microsoft Defender XDR
Cortex XDR by Palo Alto Networks vs Microsoft Defender XDR Logo
Cortex XDR by Palo Alto Networks vs Microsoft Defender XDR
IBM Security QRadar vs Microsoft Defender XDR Logo
IBM Security QRadar vs Microsoft Defender XDR
Elastic Security vs Microsoft Defender XDR Logo
Elastic Security vs Microsoft Defender XDR
Trellix Endpoint Security vs Microsoft Defender XDR Logo
Trellix Endpoint Security vs Microsoft Defender XDR
Forescout Platform vs Microsoft Defender XDR Logo
Forescout Platform vs Microsoft Defender XDR
Trend Vision One vs Microsoft Defender XDR Logo
Trend Vision One vs Microsoft Defender XDR
Cynet vs Microsoft Defender XDR Logo
Cynet vs Microsoft Defender XDR
Rapid7 InsightIDR vs Microsoft Defender XDR Logo
Rapid7 InsightIDR vs Microsoft Defender XDR
Mandiant Advantage vs Microsoft Defender XDR Logo
Mandiant Advantage vs Microsoft Defender XDR
Stellar Cyber Open XDR vs Microsoft Defender XDR Logo
Stellar Cyber Open XDR vs Microsoft Defender XDR
Fidelis Elevate vs Microsoft Defender XDR Logo
Fidelis Elevate vs Microsoft Defender XDR
LogRhythm UEBA vs Microsoft Defender XDR Logo
LogRhythm UEBA vs Microsoft Defender XDR
See all alternatives
Related questions
  • 103
What is the best EDR or XDR product for a company with 9000 employees?
  • 14
When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?
  • 617
How do you decide about the alert severity in your Security Operations Center (SOC)?
  • 180
Which is better for Endpoint Security: EDR or XDR solutions?
  • 468
What are the main differences between XDR and SIEM?
  • 66
Why is Extended Detection and Response (XDR) important for companies?
  • 138
How do you use the MITRE ATT&CK framework for improving enterprise security?
  • 68
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 48
FortiXDR vs Cortex Pro - which is the best?
  • 1,637
What is Cognitive Cybersecurity and what is it used for?