Microsoft Defender XDR Reviews

We primarily use the solution for security. We removed all other antivirus products such as McAfee. We removed everything and now use Defender as Defender covers everything all third-party products used to cover.

Overall, we are satisfied with the product.

Instead of using three or four tools for security, we can use one. With one product, Defender, we have all of the features we need. We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks. 

It's very user-friendly.

The dashboards could be improved. They have to improve something about the dashboard. It is good, however, they need to provide some more information under each account.

The logs could be better.

I've been using the solution for two years. 

The solution is a perfectly stable product.

The scalability of the product is good.

Technical support from Microsoft is good. We haven't had any issues with them. We are quite satisfied so far. 

We previously used McAfee, however, we wanted to have just one solution, Defender, to cover everything.

The solution's initial setup is not complex yet not easy. We had to use some scripts and policies and a lot of things. If you set up a new environment with Defender, you have to integrate with the old policy and the same policy that was already set up. It needs time.

I handled everything without any consultation from any outside sources. 

I don't know the cost. The costs are handled by management. I can't say if the cost is expensive or not. I don't handle that aspect.

We're Microsoft partners. 

I'd rate the solution at a ten out of ten. It's a pretty perfect product.

Hybrid Cloud

I use Microsoft Sentinel for monitoring cybersecurity threats as it is a SIM tool from Microsoft. Additionally, Microsoft Defender XDR provides security across multiple layers, deploying Defender for Endpoint on devices like laptops and desktops, Defender for Identity for Active Directory monitoring, and Defender for Office 365 for email security.

I find Microsoft Sentinel easier to configure since there is no need to manage all underlying components. Microsoft Defender XDR is effective for containment when threats occur, allowing for isolation of the host or account disabling. Although automation capabilities are better with Microsoft Sentinel, Microsoft Defender XDR shows potential. Integration with other Microsoft products is seamless, making it easier to create a unified security posture.

For Microsoft Defender XDR, there is currently no ability to reset passwords for on-premises accounts, which is a key challenge. Incident management can be difficult if third-party ITSM tools are connected with XDR. Initial tech support is slow in understanding problems. Improved integration with third-party ITSM solutions and enhanced automation in XDR would be beneficial.

I have been working with Microsoft Defender XDR for more than five years.

The deployment of Microsoft Defender XDR was not difficult. It is straightforward, and activating it involves just a couple of clicks.

I find Microsoft Defender XDR to be stable now.

Microsoft Defender XDR is definitely scalable.

The initial level of tech support is slow and rated as six out of ten. However, once issues are escalated to the second or third layer, the support is much better.

Neutral

For POC purposes, I have worked with CrowdStrike and Trellix XDR. However, I used Microsoft Defender XDR due to pre-existing Microsoft products in our ecosystem, ensuring seamless integration.

The initial setup of Microsoft Defender XDR is easy. It involves enabling the system with a few clicks and then tuning it as needed. I wanted to leverage Microsoft products across all security areas for better compatibility.

I have seen an ROI in terms of efficiency. Previously, identifying and containing threats took a long time, but now, with Microsoft Defender XDR, it takes just a few minutes.

The pricing for Microsoft Sentinel operates on a pay-as-you-go model based on data ingestion. I recall that Defender XDR pricing is based on the number of endpoints.

I evaluated CrowdStrike and Trellix XDR during the POC stage.

Based on my experience, I rate Microsoft Defender XDR as nine out of ten. If you are utilizing Microsoft in-house products for different security postures, go with Microsoft Defender XDR as it is easier to manage and scalable. It is notably the most compatible option if your organization already uses Microsoft products.

Other