Very powerful and easy to use security solution.
It offers secure monitoring and very quick response and alarm gateway which helps us protect our office 365 and azure cloud. And the AI …
Microsoft Defender XDRFormerly Microsoft 365 Defender
Overview
What is Microsoft Defender XDR?
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is Microsoft Defender XDR?
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Entry-level set up fee?
- No setup fee
For the latest information on pricing, visithttps://www.microsoft.com/en…
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
24 people also want pricing
Alternatives Pricing
What is Kaspersky EDR Expert?
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes,…
Product Demos
Getting started with Microsoft 365 Defender
YouTube
Product Details
- About
- Competitors
- Tech Details
- FAQs
What is Microsoft Defender XDR?
For SecOps, XDR with incident-level visibility across the kill chain for automatic disruption of sophisticated attacks and accelerated response across endpoints, identities, email, collaboration tools, cloud applications, and data.
For SecOps, XDR with incident-level visibility across the kill chain for automatic disruption of sophisticated attacks and accelerated response across endpoints, identities, email, collaboration tools, cloud applications, and data.
Identities: Manages and secures hybrid identities and simplifies employee, partner, and customer access.
Cloud apps: Visibility, control, and threat detection across cloud services and apps.
Email and collaboration tools: Protects email and collaboration tools from advanced threats, such as phishing and business email compromise.
Microsoft Defender XDR (formerly Microsoft 365 Defender) combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Microsoft Defender XDR Features
- Supported: Endpoints: Discovers and secures endpoint and network devices across a multiplatform enterprise.
- Supported: Identities: Manages and secures hybrid identities and simplifies employee, partner, and customer access.
- Supported: Cloud Apps: Offers visibility, controls data, and detects threats across cloud services and apps.
- Supported: Email & Collaboration tools: Protects email and collaboration tools from advanced threats, such as phishing and business email compromise.
Microsoft Defender XDR Screenshots
Microsoft Defender XDR Competitors
Microsoft Defender XDR Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Frequently Asked Questions
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
CrowdStrike Falcon, Sophos Intercept X, and Symantec Endpoint Security are common alternatives for Microsoft Defender XDR.
Reviewers rate Usability highest, with a score of 8.
The most common users of Microsoft Defender XDR are from Mid-sized Companies (51-1,000 employees).
Comparisons
Compare with
Reviews and Ratings
(137)Attribute Ratings
Reviews
(1-25 of 54)Companies can't remove reviews or game the system. Here's why
March 05, 2024
Powerful cyber attacks prevention platform.
The automated response provides timely insights that lead to rapid security response before attacks. It quickly detects attacks in advance and offers the right security mitigation solution. The automated response records information and sends a signal to the IT team for quick action. It continues to deploy security models that can block advanced attacks that are not easy to identify.
March 01, 2024
Comprehensive add on solution for corporate data matters
We intend to incorporate automated responses but it needs specialist in that field. For which we expect training
February 06, 2024
Microsoft Defender XDR
Score 10 out of 10
Vetted Review
Verified User
Currently, we are not making use of this functionality as we are still on the development stages in using this.
Possibly in the future but for now we are still trying things that would work for us the best.
January 10, 2024
Secure with Microsoft Defender XDR.
No i used last year, it was good that time.
Yes, we are definitely planning to move back to Microsoft Defender XDR.
January 09, 2024
The intelligent option for Secure your Microsoft 365
To a certain extent yes because we have automated several processes that the directives are responsible for applying in real time. Our weakness (although because it is not our focus of work as a company) is not having experts directly in the company and that is why trusting in the delegation that these actions are permanently executed helps us a lot to concentrate better on risk-free supervision, without intervening too much in the technically complex.
December 14, 2023
Guardian of Cyber Frontiers
Efficiency Gains:•Automated responses in Defender XDR can significantly enhance efficiency by allowing the system to autonomously address and mitigate certain security incidents. This reduces the burden on security teams and accelerates response times.•Consistency:•Automated responses ensure a consistent approach to known threats, reducing the likelihood of human error in repetitive tasks and maintaining a standardized security posture.•Quick Threat Mitigation:•Automated responses enable swift actions against identified threats, minimizing the dwell time of incidents and enhancing the overall security posture by reducing the window of vulnerability.
December 01, 2023
Tool that can give a Good feel factor for IT Team
We are using the guide that are provided by Microsoft as baseline to have automated investigation and response capabilities, once this is settled, we are adjusting few parameters and combined them with MS Defender for endpoint, which so far has been a great combination for usFor those who really want to know this automated response, I strongly suggest to start at here https://learn.microsoft.com/en-us/microsoft-365/security/defender/m365d-configure-auto-investigation...
November 17, 2023
My user experience with Microsoft 365 Defender
Score 9 out of 10
Vetted Review
Verified User
Yeah, our hospital is using Automated response in Microsoft 365 Defender it helps us in so many ways and keeps us informed about 24*7 surveillance and monitoring, we can see the alerts that the action has been taken to a particular file with Phishing attempts. Automated responses can also detect compromised devices or emails in real-time, these advanced security checks help a lot to keep our digital information safe.
November 17, 2023
A vigilante and reliable XDR
Yes, we are using the automated response in a multi-layered approach where we have set the automation level to 'Full' for all the normal users across the tenant and 'Semi - require approval for core folders' for the C-Suite level of our organization. We have recently switched to the semi from 'No automated response' after a thorough testing and obtaining satisfactory results from those tests. For users with 'Full' automated remediation, we have rarely faced any unexpected actions and it has been very effective until now.
November 05, 2023
A comprehensive security solution for Software Developers.
Regarding our security posture, we feel more assured, we have access to a complete security solution from Microsoft 365 Defender that guards against online threats to our data, apps and devices, we can now confidently concentrate on our main business without worrying about security due to it. I have set up Microsoft 365 Defender for Endpoint to isolate compromised devices on its own, I have been able to stop malware from spreading throughout my network due to Microsoft 365 Defender for office 356 is set up to automatically quarantine phishing emails, this has aided me I preventing phishing attacks against my users.
October 26, 2023
Defender 365 - One solution to defend them all.
Score 8 out of 10
Vetted Review
Verified User
Partly in Defender for endpoint, but most automatic response is done with Sentinel SOAR functionality. In my opinion, Sentinel is the better platform for this.
Most automation will be moved towards Sentinel.
October 23, 2023
Protecting business integrity is a priority.
Our organization has implemented and currently uses Microsoft 365 Defender's automated response capabilities. Our experience has been extremely positive, as these features enable swift and efficient handling of recognized threats, thus reducing their potential impact and damage. The automated response feature in Microsoft 365 Defender has been an essential part of our security operations, helping us quickly reduce risks and maintain strong security.
October 02, 2023
Microsoft 365 Defender achieve the best practices
It is amazing when you get an issue on anything and have a way to fix it with Microsoft 365 Defender
September 30, 2023
Great addition for your Microsoft 365 enviroment
We dont currently use the automated response feature but plan to in the future after more research in to the best way to implement it in our enviroment in a way that doesnt effect the users ability to use the software they depend on to do thier job.
We plan to in the future once we have done some more research on the best way to implement it in our enviroment.
not directly, we use huntress as the reporting and config portion as the maturity of the product as it is now is does not meet our needs. i am sure they will develop this to include more features for management of this.
not at the momment, as it's not mature enough to use as a stand alone. we have coupled it with huntress.
No, we have not begun to use it at this time.
Yes, this is a feature that can provide potential protection and catch issues faster than we have been, but we prefer to vet things over a period of time before implementing.
September 25, 2023
Combine productivity and security through Microsoft 365
We tryied this feture but we did not activate it across all out clients becasue we were afraid of causing some kind of issues. We want to test it a little bit more and address every required exception before applying it in bulk.
September 25, 2023
Single tool to do it all and integrate into Microsoft eco system
The policy is set to inform the internal adimistrator on such responses and the cyber security team within the organizatio handle it
September 23, 2023
Efficient solution for protecting enterprise against attacks
The automated response saves time and resources used to counter harmful threats. It alerts our IT team in advance to give them enough time for planning and put effective measures for preventing any form of attacks. The system detects compromised data and blocks it immediately before affecting our programs. This product has done great and I highly recommend it.
September 23, 2023
Good for small environment.
We only use automatic notifications but no isolation of the agents. This works very good for us, because we don't have daily impacts. If you use a bigger envirement this would be much better to use rules for automated responses.
Actualy not, because we don't have many affected clients. If we have more, then we would use them.
September 22, 2023
Microsoft 365 Defender saves time and headaches.
Yes! It's easy to relatively easy to setup and helps our team stay informed and on top of various malicious messages and attacks. It's data sets are easy to interpret which helps us identify and pivot our attention on specific instances or if it may be a larger scope of an issue.
September 22, 2023
Security Measures
Microsoft 365 Defender includes an automated response where the dedicated team receives an alert within the portal upon detection of any suspicious activity or malicious content a self healing feature of Microsoft 365 Defender helps to resolve the issues which eases the responsible security team. Manual intervention option is also available to remediate the action for any malicious or suspicious identified depending upon the configuration of the automated feature.
There is no reason not to use the automated response feature in Microsoft 365 Defender. When the system can take care of your threats to a great extent then we are not obliged to say no to it.
September 22, 2023
Robust security tool of you have a Microsoft suite in place
We are not using that at the moment but we are considering putting it in action.
Yes, since it has great customization capabilities. We are looking forward to customize the automated response actions based on our organization's security policies and needs, adapting each response action for the different types of threats.
September 22, 2023
Must buy to protect systems
automated response actions include: Isolation: Automatically isolating a compromised device from the network to prevent it from spreading malware or participating in malicious activities. User Account Suspension: Suspending or disabling user accounts that have been compromised to prevent further unauthorized access. Email Quarantine: Moving suspicious or malicious emails to a quarantine area to prevent users from interacting with potentially harmful content.
I am actively using it
Yes, we are using automated response. Its very good which helps us in streamline incident response processes, reduce response times, and mitigate security threats more efficiently.