We performed a comparison between Trend Micro XDR and Microsoft 365 Defender based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. Microsoft 365 Defender offers effortless integration with other Microsoft solutions. Users praised its flexibility and comprehensive protection against multiple threat types. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships. Microsoft 365 Defender could upgrade its machine learning and AI capabilities. Some users suggested adopting Zero Trust features.
Service and Support: Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations. Some of our reviewers were satisfied with Microsoft's support, but others complained about slow responses and lackluster problem-solving capabilities.
Ease of Deployment: The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals. Setting up Microsoft 365 Defender is potentially complex and may involve integrating with existing policies. Some users reported longer deployment times.
Pricing: Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable. Some users say that Microsoft 365 Defender is good value, but others perceive it as more expensive than similar competing products.
ROI: Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention. Microsoft 365 Defender offers savings, attack prevention, consolidation of security measures, and proactive threat detection.
Comparison Results: Our users prefer Trend Micro XDR over Microsoft 365 Defender. Trend Micro XDR offers a comprehensive view of attacks and their origins. Users also appreciate its stability, scalability, reasonable pricing, and user-friendly interface. Users say that Microsoft 365 Defender could improve its machine learning capabilities, interface, and documentation. Trend Micro XDR is also considered more reasonable and well-priced compared to Microsoft 365 Defender.
"Fortinet is very user-friendly for customers."
"The setup is pretty simple."
"The price is low and quite competitive with others."
"The solution was relatively easy to deploy."
"This is stable and scalable."
"The product's initial setup phase is very easy."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Ability to get forensics details and also memory exfiltration."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The summarization of emails is a valuable feature."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Microsoft 365 Defender is simple to upgrade."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"They were one of the companies, early on, that spent a lot of time integrating their toolsets, and I was really impressed with that... the endpoint management system could reach out to the Deep Discovery system on the network and pick up something that it perceived as a suspicious object."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"The zero-day vulnerability is valuable."
"The centralized visibility is good."
"The solution is very easy to use."
"The setup is fairly simple."
"It has good vulnerability protection."
"It helps us with investigations."
"The solution is not stable."
"I haven't seen the use of AI in the solution."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"ZTNA can improve latency."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The management and automation of the cloud apps have room for improvement."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"Results were delayed."
"They have a DLP module in Tredn Moicros and they need to enhance its capabilities."
"The centralized dashboard has room for improvement."
"It would be better if it were more user-friendly. It would also be better if the implementation were more straightforward."
"They should increase their potential for third-party integrations."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 78 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Microsoft Defender XDR is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Microsoft Entra ID, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Wazuh. See our Microsoft Defender XDR vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.