• Home
  • Forescout XDR vs. Microsoft Defender for Cloud

Forescout XDR vs Microsoft Defender for Cloud comparison

Cancel
You must select at least 2 products to compare!
Forescout Logo
Forescout XDR
Read 1 Forescout XDR review
71 views|39 comparisons
0% willing to recommend
Microsoft Logo
Microsoft Defender for Cloud
Read 46 Microsoft Defender for Cloud reviews
16,067 views|12,251 comparisons
95% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
SOC as a Service
June 2024
Executive Summary

We performed a comparison between Forescout XDR and Microsoft Defender for Cloud based on real PeerSpot user reviews.

Find out what your peers are saying about Arctic Wolf Networks, Palo Alto Networks, Netsurion and others in SOC as a Service.
To learn more, read our detailed SOC as a Service Report (Updated: June 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Utpal Sinha
Provides efficient network access control, but its support services need improvement
Ellwood S
Gives insight into potential avenues for attack paths, but it is expensive, and the user interface must be improved
The product has given us more insight into potential avenues for attack paths.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc."

More Forescout XDR Pros →

"Technical support is helpful.""Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription.""The entire Defender Suite is tightly coupled, integrated, and collaborative.""It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it.""It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening.""Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful.""It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network.""It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."

More Microsoft Defender for Cloud Pros →

Cons
"The product is more expensive than other vendors in terms of features."

More Forescout XDR Cons →

"You cannot create custom use cases.""Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark.""Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do.""Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ.""Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority.""The product was a bit complex to set up earlier, however, it is a bit streamlined now.""I would suggest building a single product that addresses endpoint server protection, attack surface, and everything else in one solution. That is the main disadvantage with the product. If we are incorporating some features, we end up in a situation where this solution is for the server, and that one is for the client, or this is for identity, and that is for our application. They're not bundling it. Commercially, we can charge for different licenses, but on the implementation side, it's tough to help our end-customer understand which product they're getting.""Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."

More Microsoft Defender for Cloud Cons →

Pricing and Cost Advice
  • "The product is more expensive than other vendors in terms of features."

    • More Forescout XDR Pricing and Cost Advice →

  • "I'm not privy to that information, but I know it's probably close to a million dollars a year."
  • "We are using the free version of the Azure Security Center."
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."

    • More Microsoft Defender for Cloud Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which SOC as a Service solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Forescout XDR?
    Top Answer:The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc.
    What is your experience regarding pricing and costs for Forescout XDR?
    Top Answer:The product is more expensive than other vendors in terms of features. In comparison, Qualys offers good support services, and Splunk offers additional on-premise resources.
    What needs improvement with Forescout XDR?
    Top Answer:The product's support services have limitations. We have to connect with their senior executives to get correct and immediate solutions. They should maintain the SLA properly. Additionally, the… more »
    How is Prisma Cloud vs Azure Security Center for security?
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a… more »
    What do you like most about Microsoft Defender for Cloud?
    Top Answer:The entire Defender Suite is tightly coupled, integrated, and collaborative.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft Defende...
    Top Answer:Our clients complain about the cost of Microsoft Defender for Cloud. Microsoft needs to bring the cost down. What we're doing to their detriment is simply lowering the amount of log retention we're… more »
    Read all 31 answers   →
    Ranking
    9th
    out of 28 in SOC as a Service
    Views
    71
    Comparisons
    39
    Reviews
    1
    Average Words per Review
    271
    Rating
    6.0
    3rd
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    16,067
    Comparisons
    12,251
    Reviews
    20
    Average Words per Review
    1,073
    Rating
    8.0
    Comparisons
    Also Known As
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Learn More
    Forescout
    Video Not Available
    Microsoft
    Interactive Demo
    Forescout
    Demo Not Available
    Microsoft
    Watch a demo
    Overview

    Forescout XDR is an eXtended detection and response solution that converts telemetry and logs into high fidelity, SOC-actionable probable threats.

    It automates the detection, investigation, hunt for and response to advanced threats across all connected assets – IT, OT/ICS, IoT and IoMT – from campus to cloud to data center to edge. Forescout XDR combines essential SOC technologies and functions into a unified, cloud-native platform, viewable and actionable from a single console.

    Forescout XDR Business Value

    • Reduces business risk: Reduce the risk and magnitude of a successful attack, business disruption or data breach by eliminating alert noise so you can quickly and accurately detect, investigate, and respond to the broadest range of advanced threats.
    • Optimize security operations: Streamline the analyst function and speed complex investigation and threat-hunting processes with enriched, normalized, and contextualized data correlated to produce a small number of detections that warrant investigation – all in a unified console that integrates with case management systems and other security tools.​
    • Support Compliance: Combine long-term log storage with automated threat detection and threat intelligence to close the potential gap between when a breach or disruption is noticed and when a response action is taken.​
    • Lower costs: Consolidate point solutions (data lake, security analytics, SOAR, UEBA, threat intel platform) and reduce costs related to data onboarding, rules management and analyst turnover with a solution that simplifies and supports their workflow.​
    • Leverage multi-vendor security investments: Derive more value from existing solutions and make better use of asset data and threat intel via automation across case management and incident response systems, sensors (network, endpoint, cloud) and enforcement points. ​


    Improve SOC efficiency by 450x with better detection and response of true threats

    Security operations center (SOC) teams face a daily barrage of incomplete and inaccurate alerts that lack vital contextual information, many of them false positives. As a result, analysts miss critical threats and take longer to investigate and respond to them, increasing the risk of a breach. In fact, the typical SOC receives an estimated 11,000 alerts per day, or 450 alerts per hour – most of them low fidelity, low confidence alerts, and false positives. 

    With Forescout XDR, that number is reduced to one SOC-actionable detection an hour – or one probable threat that warrants human investigation.

    Key Features

    • Data ingestion: Natively supports Forescout eyeSight, eyeInspect and Medical Device Security data – and over 170 vendor- and EDR-agnostic sources including: security, infrastructure, enrichment, applications and cloud/SaaS.
    • Data onboarding: Helps ensure that you extract maximum detection value to support your most important use cases. Forescout data engineers work alongside your team to plan and prioritize the data sources to be onboarded, then help configure the data pipeline and ensure your data is being properly parsed, cleansed, normalized, and enriched. ​
    • Advanced data pipeline: Applies a rigorous data science-centric approach to manage data flowing from enterprise-wide sources into its advanced threat detection engine.

    Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

    The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

    Sample Customers
    Information Not Available
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Top Industries
    VISITORS READING REVIEWS
    Retailer17%
    Computer Software Company17%
    Manufacturing Company12%
    Financial Services Firm8%
    REVIEWERS
    Computer Software Company24%
    Consumer Goods Company10%
    Recruiting/Hr Firm10%
    Agriculture10%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company8%
    Government7%
    Company Size
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise14%
    Large Enterprise63%
    REVIEWERS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise15%
    Large Enterprise65%
    Buyer's Guide
    SOC as a Service
    June 2024
    Download Free Report
    Find out what your peers are saying about Arctic Wolf Networks, Palo Alto Networks, Netsurion and others in SOC as a Service. Updated: June 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    Forescout XDR is ranked 9th in SOC as a Service with 1 review while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Forescout XDR is rated 6.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Forescout XDR writes "Provides efficient network access control, but its support services need improvement". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Forescout XDR is most compared with CrowdStrike Falcon and Arctic Wolf Managed Detection and Response, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint.

    We monitor all SOC as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.