Very powerful and easy to use security solution.
It offers secure monitoring and very quick response and alarm gateway which helps us protect our office 365 and azure cloud. And the AI …
Microsoft Defender XDRFormerly Microsoft 365 Defender
Overview
What is Microsoft Defender XDR?
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is Microsoft Defender XDR?
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Entry-level set up fee?
- No setup fee
For the latest information on pricing, visithttps://www.microsoft.com/en…
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
25 people also want pricing
Alternatives Pricing
What is Kaspersky EDR Expert?
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes,…
Product Demos
Getting started with Microsoft 365 Defender
YouTube
Product Details
- About
- Competitors
- Tech Details
- FAQs
What is Microsoft Defender XDR?
For SecOps, XDR with incident-level visibility across the kill chain for automatic disruption of sophisticated attacks and accelerated response across endpoints, identities, email, collaboration tools, cloud applications, and data.
For SecOps, XDR with incident-level visibility across the kill chain for automatic disruption of sophisticated attacks and accelerated response across endpoints, identities, email, collaboration tools, cloud applications, and data.
Identities: Manages and secures hybrid identities and simplifies employee, partner, and customer access.
Cloud apps: Visibility, control, and threat detection across cloud services and apps.
Email and collaboration tools: Protects email and collaboration tools from advanced threats, such as phishing and business email compromise.
Microsoft Defender XDR (formerly Microsoft 365 Defender) combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Microsoft Defender XDR Features
- Supported: Endpoints: Discovers and secures endpoint and network devices across a multiplatform enterprise.
- Supported: Identities: Manages and secures hybrid identities and simplifies employee, partner, and customer access.
- Supported: Cloud Apps: Offers visibility, controls data, and detects threats across cloud services and apps.
- Supported: Email & Collaboration tools: Protects email and collaboration tools from advanced threats, such as phishing and business email compromise.
Microsoft Defender XDR Screenshots
Microsoft Defender XDR Competitors
Microsoft Defender XDR Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Frequently Asked Questions
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
CrowdStrike Falcon, Sophos Intercept X, and Symantec Endpoint Security are common alternatives for Microsoft Defender XDR.
Reviewers rate Usability highest, with a score of 8.
The most common users of Microsoft Defender XDR are from Mid-sized Companies (51-1,000 employees).
Comparisons
Compare with
Reviews and Ratings
(137)Attribute Ratings
Reviews
(1-25 of 44)Companies can't remove reviews or game the system. Here's why
March 05, 2024
Powerful cyber attacks prevention platform.
Currently, we are not connecting this platform with another SIEM System.
March 01, 2024
Comprehensive add on solution for corporate data matters
We are now connecting
February 06, 2024
Microsoft Defender XDR
Score 10 out of 10
Vetted Review
Verified User
As far as I know yes we were able to connect Microsoft Defender XDR on our SIEM platform.
January 10, 2024
Secure with Microsoft Defender XDR.
December 01, 2023
Tool that can give a Good feel factor for IT Team
We combined them with Wazuh, it is not as simple as it would've been but we got the basic functionality from the SIEM' perspective, as this is implenented in around 25% of our accounts, so far it is giving a good feedback from the statistic that are reported to our ticketing system, so it is working to some level that we expected
November 17, 2023
A vigilante and reliable XDR
Yes, absolutely. If any organization is not utilizing this easiest yet most effective integration, they are missing out on a lot of things. I admit that Microsoft 365 Defender has a very rich incident management and threat hunting experience but its integration with Sentinel takes it to the next level by being able to automate the responses through playbooks and automation rules. The integration is merely a click of a button to happen.
November 05, 2023
A comprehensive security solution for Software Developers.
I am integrating Microsoft Sentinel with Microsoft 365 Defender data, configuring it was not too difficult. After setting up the connector , Microsoft Sentinel started gathering information from it, after ten minutes or so , I was able to see the data in Microsoft Sentinel. the configuration procedure seemed to be rather simple and easy to follow, for the purpose of connecting Microsoft 365 Defender to Microsoft Sentinel, Microsoft offers concise and easy-to-read documentation.
October 26, 2023
Defender 365 - One solution to defend them all.
Score 8 out of 10
Vetted Review
Verified User
Yes, this is extremely easy. All alerts are free to ingest; watch out for the raw data because this is billed. Sentinel and Defender 365 go hand in hand; everyone can do the basic configuration. Even the basic alert rules are already available for Defender.
October 23, 2023
Protecting business integrity is a priority.
Configuring this integration was easy, which enabled us to efficiently streamline and consolidate our security event data. By centralizing and correlating this information, we have greatly improved our ability to quickly detect and respond to any potential threats. The connection of Microsoft 365 Defender and Microsoft Sentinel has been very helpful in making our security better and making our security activities more productive.
October 02, 2023
Microsoft 365 Defender achieve the best practices
it is easy to configure, you just need to be patient and read everything before you make any selection, just to make it will from the first time.
September 30, 2023
Great addition for your Microsoft 365 enviroment
This is not a feature that we have currently used.
yes another SIEM, was dead simple to config and all data is pushed up and we get it all monitored and alerts sent to use.
We utilize a third party SIEM with many clients and more or less follow the steps with respect to Azure and Defender. This is not difficult once you have established a process. The discovery and testing period was several months, however, mainly due to our approach of baby steps and not wanting to disrupt our client workflows and productivity.
September 25, 2023
Combine productivity and security through Microsoft 365
Connecting 365 Defender to our SIEM was pretty easy. This was possible also because our product has native integration with defender and we were able to consult a comprehensive documentation to configure it. I cannot tell how much it would be difficult to do the same activity with a different SIEM. We haven't tryed Microsoft Sentinel yet.
September 25, 2023
Single tool to do it all and integrate into Microsoft eco system
Yes , the platform is connected to Microsoft Sentinel as part of the SIEM services that are managed by our organization. The connection is really simple and seemless as they are same company tools
September 22, 2023
Microsoft 365 Defender saves time and headaches.
Not at the moment, but we have discussed and talked about doing such things. One step at a time, and we try to understand and learn how to use Microsoft 365 Defender correctly and efficiently before we implement various other tools and software to try and keep our small team from not being overwhelmed.
September 22, 2023
Security Measures
Currently, we do not connect Microsoft 365 Defender data to Microsoft Sentinel or any other SIEM platform, the security team monitors the activity using the Microsoft Office 365 dashboard and also the alerting emails, which provides the intimation of any suspicious activity going further we have plans to integrate the Microsoft 365 Defender with Solarwinds SEM solution.
September 22, 2023
Robust security tool of you have a Microsoft suite in place
We are not using Sentinel at this stage.
September 22, 2023
Must buy to protect systems
Microsoft Ecosystem: Integrating Microsoft 365 Defender with Microsoft Sentinel tends to be relatively straightforward, as both solutions are part of the Microsoft ecosystem. .Connector Availability: Microsoft provides pre-built connectors or integrations to facilitate the flow of data from Microsoft 365 Defender to Microsoft Sentinel. These connectors can streamline the configuration process. Log Forwarding: Microsoft 365 Defender allows for the forwarding of security-related logs and data to a SIEM platform. Configuration involved setting up log forwarding rules within Microsoft 365 Defender to specify what data should be sent and where it should be sent (e.g., Microso ft Sentinel). It was a easy process overall
September 22, 2023
Microsoft 365 Defender : The Robust and Secured One
No, we are not yet connecting the Microsoft 365 Defender data to Microsoft sentinel or any other platform but we are planning in the future to implement such thing in our organization and see how it does improve our overall business.
September 22, 2023
Good basic protection
September 22, 2023
Microsoft 365 Defender is a good option
This is where I think there may need to be room for improvement or it depends on your requirements where Microsoft 365 Defender might not be the best option
September 21, 2023
The Pinnacle of Mail Security
No, I was not part of the implementation and I believe we do not use Microsoft Sentinel or any other SIEM platform for that matter. We predominantly use Microsoft 365 Defender and that is the main mail security tool we use all the time. We could look into using these tools in the future.
September 20, 2023
Defender Review from SOC employee
We use Splunk it had Defender app. Easy to use and set up.
September 20, 2023
Microsoft 365 Defender does a great job at protecting your team
N/A - we haven't completed this.