We compared Darktrace and Microsoft Defender for Endpoint across several parameters based on our user's reviews. After reading the collected data, you can find our conclusion below:
Darktrace is preferred over Microsoft Defender for Endpoint due to its advanced machine-learning capabilities and ability to detect and respond to threats in real time. Users praise Darktrace for its unparalleled threat visibility and proactive approach, while Microsoft Defender is reported to lack some of the advanced features and responsiveness of Darktrace.
"The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
"The email protection is excellent, especially in terms of anti-phishing policies."
"Defender helps us prioritize threats across our organization."
"Our customers are satisfied with Defender for 365 because Microsoft products are easy to use and customize to meet the client's needs. Everything is in one place, so we can adjust policies as needed for phishing, DLP, ATP, or any other security features that our clients want to apply."
"The technical support is good and quick to resolve issues."
"Microsoft Defender for Office 365 is a stable solution."
"The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint."
"Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"The most valuable feature is the alerts. The alerts are meaningful. The event rolls up into meaningful and actionable alerts rather than just being noise."
"The most valuable feature of this solution is that it does not require human intervention to eliminate a threat."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"Darktrace is very flexible."
"The initial setup is simple."
"This software is easy to use."
"Microsoft's technical support is fantastic."
"Its threat intelligence feature is beneficial. This solution smoothly integrates with SIEM."
"What I found most valuable in Microsoft Defender for Endpoint is that it's out-of-the-box, which brings more value to the customer. The technical support for the product is also one of the best parts, because it's good, in terms of the product knowledge of the technical engineers."
"The whole bundle of the product, which is similar to other Microsoft products, is valuable. Ten years ago, you had third-party stuff for different things. You had one solution for email archiving and another third-party one for something else. Nowadays, Microsoft Office covers all the stuff that was formerly covered by third-party solutions. It is the same with antivirus. The functionality is just basic. You have the scanning, and then you also have a kind of cloud-based protection and reporting about your environment. With Microsoft Security Center, you have a complete overview of your environment. You know the software inventory, and you have security recommendations. You can not only see that the antivirus is up to date; you can also see where are the vulnerabilities in your system. Microsoft Security Center tells you where you have old, deprecated software and what kind of CVEs are addressed. It's really cool stuff."
"We had Norton Antivirus before, and with Norton, we didn't have a way to centrally manage a lot of features. Defender allowed us to deploy it from our Office 365 admin console. That is probably the biggest thing that made us go with Defender."
"The main features of this solution are that it handles everything by itself and is well integrated."
"I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement."
"The pre-sales cost calculations could be more transparent."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"The GUI is sometimes slow to fetch the device report and could be improved."
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added."
"They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are."
"Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once."
"Configuration requires going to a lot of places rather than just accessing one tab."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler."
"The pricing model is a little too high and could be more flexible."
"I would like to see some additional enhancements."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"This is quite an expensive product so the pricing is something that can be improved."
"Upper management wasn't sold on the value proposition."
"The initial setup is more complex and time-consuming than some solutions."
"Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection."
"The profiling method currently in use is not very user-friendly and has ample scope for improvement."
"I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product."
"It could be easier when it comes to managing exceptions."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"Microsoft should improve support for third-party platforms, because not all functionality is available for all of them. It's a good product, but they should just extend the functionality for all platforms."
"They're in the process of pulling more things together. They can continue with the integrations and provide a better way of seeing the impact of security changes, especially on the endpoint side. Before we actually flip the switch, we should be able to see the impact of security changes on the business or business applications. It would prevent breaking any business applications."
"Microsoft Defender for Endpoint could improve by providing more user-friendly dashboards. They may be complicated for some."
"The solution could be even more secure and provide an even higher level of security."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 66 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Darktrace is rated 8.2, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and SentinelOne Singularity Complete.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.