TrustRadius: an HG Insights company

Microsoft Defender XDR

Score8.8 out of 10

176 Reviews and Ratings

Free Trial

What is Microsoft Defender XDR?

Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.

Categories & Use Cases

Media

AH Advanced Mode
AH Guided mode
CD example
CD Supported actions

1 / 4

Reviews

What users are saying about Microsoft Defender XDR.
View all reviews

Defender XDR our go to choice to secure Microsoft ecosystem

Incentivized
Veli-Matti MäkeläView profile
System Administrator in Information Technology at SeAMK (201-500 employees employees)

Use Cases and Deployment Scope

Our organization utilizes Microsoft Defender XDR to enhance security of our cloud and onpremises environments. The product secures our endpoints, identeties, productivity products like Exchange, Teams and Sharepoint and also other cloud applications. Product is one of the most important layers of security for out IT team. The product is deployed on all of our several hundred endoints and it secure several thousand identities.

Pros

  • Unified visibility in one tool
  • Automated attack distribution
  • Threat intelligence

Cons

  • For non-Windows devices features are more limited and would need some work
  • Sometimes there is alert noise
  • UI is somewhat complex as the products scope is large

Return on Investment

  • Defender has improved our response times against security threats
  • Defender has improved our insights to our enviroment and allowed us to proactively improve our security posture
  • Automatic response to threats has made our enviroment more secure

Usability

Alternatives Considered

Symantec Endpoint Security

Other Software Used

Microsoft 365 Copilot, ChatGPT

Microsoft Defender XDR Unified Security automated response and ROI in action.

Incentivized
Zak Farris
Computer and Information Systems Manager in Information Technology at Housing Authority of the Cherokee Nation (201-500 employees employees)

Use Cases and Deployment Scope

We use Microsoft Defender XDR to monitor for cyber threats, increase our response time to cyber events and tie into Microsoft Purview for insider risk management and data loss prevention. We can investigate and remediate threats from a single portal and Microsoft Defender XDR integrates perfectly with Purrview for insider risk and adaptive DLP policies.

Pros

  • Anti-phishing workflows
  • Threat and vulnerability scanning and detection
  • Insider risk detection and policy enforcement

Cons

  • The security portal is busy and can be difficult to navigate
  • Licensing is spread across multiple plans.
  • Struggles with non-Microsoft ecosystems like Linux or other SIEM tools besides Sentinel

Return on Investment

  • Automated remediation reduced manual workloads and accelerated our response time by 80%
  • Lowered our breach likelihood by 20%
  • Lowered downtime by 50%

Usability

Alternatives Considered

CrowdStrike Falcon and Cortex Xpanse by Palo Alto Networks

Other Software Used

CrowdStrike Falcon, Microsoft Sentinel, Microsoft 365 Copilot, Microsoft Security Copilot

Microsoft Defender XDR Review

Incentivized
Verified User
Engineer in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

It's part of our security suite to help with our compliance and detect threats. It's part of our IT security solution.

Pros

  • It integrates well with all the other Microsoft tools, as we use Outlook. It integrates really well.

Cons

  • Maybe just some UI improvements and not having to use Microsoft Graph for information. If we can do that through Houli, that would be nice.

Return on Investment

  • It catches threats, which is great. And it has a lot of true positives.

Usability

Alternatives Considered

CrowdStrike Falcon

MS Defender XDR

Incentivized
John RobinsonView profile
Network Administrator in Information Technology at Children's Defense Fund (51-200 employees employees)

Use Cases and Deployment Scope

Microsoft Defender XDR actively monitors all our company endpoints for malicious software and URLS. It covers approx. 100 machines, and is accessed through our MS365 admin portal. It provides us with a real time view of any malicious activity, a break down of the chain of events lading up to it, the machines and user sinvolved and provides automated responses and recommendations on manual interventions.

Pros

  • Active/real time monitoring
  • dashboards
  • Automated responses

Cons

  • logs even informational incidents as active, even if there's no threat
  • little hard to navigate some of the consoles to find information sometimes
  • not always clear if action is needed

Return on Investment

  • No specific ROI, though has caught a small number of malicious attacks.
  • It's included with our MS365 Business Pro licenses, so the value is good as its essentially at no extra cost on top of the Office software and Azure AD we are using anyway.

Alternatives Considered

Trend Vision One Endpoint Security

Other Software Used

LogMeIn Central by GoTo, Smartsheet, OwnBackup

I recommend amazing

Gledson RodriguesView profile
Analista de Redes N2 Pleno in Professional Services at Aloo Telecom (501-1000 employees employees)

Use Cases and Deployment Scope

We use the full Microsoft 365 suite, so Microsoft Defender XDR is included and protects the corporate network.

Utilizamos todo o pacote Microsoft 365, portanto o Microsoft Defender XDR está incluído e protege a rede corporativa.

Pros

  • Antimalware
  • Web Protection
  • ID Monitoring

Cons

  • Improve resource usage when implemented. The slowness of the system is noticeable when the tool is scanning.

Return on Investment

  • The blocking action has been effective, avoiding many problems with personal and corporate data.

Alternatives Considered

Bitdefender Managed Detection and Response (MDR)

Other Software Used

Microsoft Teams, Trello, Infinera Transcend Network Management System (NMS)

Related Products

Products similar to Microsoft Defender XDR that may also meet your needs.
All comparisons
Symantec Endpoint Security
CompareLearn more
Sophos Intercept X
CompareLearn more
CrowdStrike Falcon
CompareLearn more