We performed a comparison between Microsoft Defender XDR and Microsoft Purview eDiscovery based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"The machine learning wasn't half bad. I really like that part. I thought it was novel. It pretty much automated it, once you trained the model."
"I think eDiscovery Premium has made dealing with data from Teams much more accessible than any other platform."
"The tool has been beneficial. Some of our previous users left the organization without sharing the information they had at a personal level. This information was related to the organization, and they didn't disclose it. Thanks to the product, it's easy for me to search and find out what communication a specific user has done, whether it's from SharePoint or any other platform. With Microsoft Purview eDiscovery, we can easily retrieve and restore this data."
"The licensing is a nightmare and has room for improvement."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The solution does not offer a unified response and standard data."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"I see two significant challenges with many of my clients. One is that there are some functionality gaps compared to specialized tools in the legal industry, like a legal hold tool or a document review tool. They have features that Purview eDiscovery lacks. Those gaps create a situation where I almost have to do things twice. I need to collect all my data in eDiscovery and ship it to another platform to complete the review."
"Microsoft Purview eDiscovery should be cheaper."
"Purview eDiscovery works, but it's not entirely perfect. There were times when search results would get hung up or error codes would be presented and we'd have to contact Microsoft to get that sorted out."
Microsoft Defender XDR is ranked 1st in Microsoft Security Suite with 79 reviews while Microsoft Purview eDiscovery is ranked 25th in Microsoft Security Suite with 3 reviews. Microsoft Defender XDR is rated 8.4, while Microsoft Purview eDiscovery is rated 7.0. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Microsoft Purview eDiscovery writes "It has improved visibility and simplified data review, but it lacks many features found in specialized tools". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One, whereas Microsoft Purview eDiscovery is most compared with Google Vault, Microsoft Purview Data Governance, Veritas Enterprise Vault.cloud, Varonis Platform and Microsoft Sentinel. See our Microsoft Defender XDR vs. Microsoft Purview eDiscovery report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
