We performed a comparison between Microsoft Defender XDR and WatchGuard EPDR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The product's initial setup phase is very easy."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The stability is very good."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The setup is pretty simple."
"The product detects and blocks threats and is more proactive than firewalls."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"NGAV and EDR features are outstanding."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The most valuable feature is the network security."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The product's most valuable features are the zero-trust application service and its capability to detect threats and attacks."
"Detections could be improved."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The solution is not stable."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The dashboard isn't easy to access and manage."
"The SIEM could be improved."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The solution does not offer a unified response and standard data."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The tool gives inconsistent answers and crashes a lot."
"Sometimes, configurations take much longer than expected."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The product is available at a very high price, making it an area where improvements are required."
Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 80 reviews while WatchGuard EPDR is ranked 34th in Endpoint Detection and Response (EDR) with 2 reviews. Microsoft Defender XDR is rated 8.4, while WatchGuard EPDR is rated 10.0. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of WatchGuard EPDR writes "Provides endpoint protection with patch management at reasonable pricing". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Cortex XDR by Palo Alto Networks, whereas WatchGuard EPDR is most compared with ESET Endpoint Protection Platform, Panda Adaptive Defense 360, Bitdefender GravityZone EDR and Microsoft Defender for Business.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.