We performed a comparison between Datto Endpoint Detection and Response (EDR) and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"It is stable and scalable."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The most valuable feature is the analysis, because of the beta structure."
"Ability to get forensics details and also memory exfiltration."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The most valuable feature of Datto EDR is the visibility of the endpoints."
"The insight that the solution provides is the most valuable aspect. The security scanning they do is excellent."
"Datto Endpoint Detection and Response is a perfect product for endpoint security."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"It has great stability."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We find the solution to be a bit expensive."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution is not stable."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"ZTNA can improve latency."
"The solution should allow the automation of playbooks."
"The solution could improve by having more deployment methods."
"The deployment of the solution right now is terrible. We find it to be very bad. It could be improved enormously."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
More Datto Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Datto Endpoint Detection and Response (EDR) is ranked 44th in Endpoint Detection and Response (EDR) with 3 reviews while Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 80 reviews. Datto Endpoint Detection and Response (EDR) is rated 7.6, while Microsoft Defender XDR is rated 8.4. The top reviewer of Datto Endpoint Detection and Response (EDR) writes "Good security scanning, but has a complex setup and the stability isn't ideal". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". Datto Endpoint Detection and Response (EDR) is most compared with SentinelOne Singularity Complete, CrowdStrike Falcon, Bitdefender GravityZone EDR, Huntress and ESET Inspect, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Cortex XDR by Palo Alto Networks. See our Datto Endpoint Detection and Response (EDR) vs. Microsoft Defender XDR report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.