We performed a comparison between FortiXDR and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The solution is well integrated with applications. It is easy to maintain and administer."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"It has great stability."
"Microsoft 365 Defender is simple to upgrade."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The product integrates security into one tool instead of having third-party security tools."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"The summarization of emails is a valuable feature."
"The most valuable feature of FortiXDR is it integrates well with other Fortinet solutions, such as Fortinet firewall, FortiMail, FortiSandbox, Forti Fabric, switches, and access points. Whatever the flow of the traffic comes in or goes out, the entire traffic can be managed and monitored properly."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"It's got a lot of great features."
"Defender is user-friendly and provides decent visibility into threats."
"DSPM is the most valuable feature."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The logs could be better."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"We should be able to use the product on devices like Apple, Linux, etc."
"Many of the solutions, such as CrowdStrike have an MDR solution where remediation can be provided by the vendor. For example, if there is any zero data threat found, a new threat that the customer is not able to recognize, fix, or understand what needs to be done this feature has to be added in FortiXDR so that the customer feels comfortable."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome."
"Pricing could be improved. There are limited options based on pricing for the government."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
FortiXDR is ranked 29th in Extended Detection and Response (XDR) with 1 review while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. FortiXDR is rated 0.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of FortiXDR writes "Effective traffic monitoring, integrates well, but stability could improve". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". FortiXDR is most compared with Cortex XDR by Palo Alto Networks, SentinelOne Singularity Complete, Trend Vision One, CrowdStrike Falcon and Cisco SecureX, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Endpoint and Azure Firewall.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
