We compared Darktrace and Microsoft Defender for Endpoint across several parameters based on our user's reviews. After reading the collected data, you can find our conclusion below:
Darktrace is preferred over Microsoft Defender for Endpoint due to its advanced machine-learning capabilities and ability to detect and respond to threats in real time. Users praise Darktrace for its unparalleled threat visibility and proactive approach, while Microsoft Defender is reported to lack some of the advanced features and responsiveness of Darktrace.
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
"The deployment capability is a great feature."
"Our customers are satisfied with Defender for 365 because Microsoft products are easy to use and customize to meet the client's needs. Everything is in one place, so we can adjust policies as needed for phishing, DLP, ATP, or any other security features that our clients want to apply."
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency."
"Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable."
"Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of third-party applications."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"What I like about Darktrace, is that you can quickly identify threats."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"The active threat dashboard is the most valuable feature of this solution."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"Technical support is helpful and responsive."
"It is a stable solution without downtime."
"Defender is stable. The performance is good."
"It is stable and easy to use. Everything is okay, and there are no performance issues."
"It automatically detects intrusion and malware."
"It is a very advanced system based on AI. It has a very large database of places or sites on the internet where you should not go. It is continuously online."
"Microsoft Defender for Endpoint is extremely stable."
"Microsoft Defender for Endpoint is scalable. Currently, we have 600,000 users in our organization."
"It's a Microsoft product; it's easier to deploy this product than other options."
"The solution's latest features for threat analysis are updated to provide us with future protection against the latest threats worldwide."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"The phishing and spam filters could use some improvement."
"The custom alerts have to improve a lot."
"One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication."
"Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features."
"The GUI is sometimes slow to fetch the device report and could be improved."
"Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once."
"The main portal needs improvement as it is difficult to use."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"This is quite an expensive product so the pricing is something that can be improved."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
"The module can improve so that every time it's more intelligent."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"Microsoft Defender for Endpoint does not provide much flexibility in terms of threats."
"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."
"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"Sometimes the software doesn't work the way we expect it to, and in those cases, we can't communicate with a device because it may be infected."
"Microsoft Defender for Endpoint's licensing is confusing. It has conflicting information on the website. We also faced integration issues with other systems. It makes laptops slower than traditional antivirus systems."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"The onboarding and deployment could be more user-friendly, and there is room to grow in some of the reports. I don't want them to be oversimplified or overly complex, but there is room for improvement in the reporting it can do. It's relatively minor."
"The frequency of the patching, and the frequency of the updates, are not included with the free version."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 65 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Darktrace is rated 8.2, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Cortex XDR by Palo Alto Networks.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.