We performed a comparison between HP Wolf Security and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The product's initial setup phase is very easy."
"This is stable and scalable."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The solution was relatively easy to deploy."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The feature that stands out the most is that when someone clicks on a link in an email... [if] that link is malicious and it has some malware or keylogger attached to it, when it opens up in that Bromium virtualized browser, there's no chance of it actually being on the machine and running, because as soon as they click that "X" in the upper right-hand side of the browser, everything just vanishes. That is an added plus."
"I use HP Wolf Security to add a layer of safety, especially for laptops operating in various environments."
"Our overall security posture has absolutely improved as a result of adding Bromium to our security stack. We continue to have less user impact through a significantly reduced amount of malware infections. It's become a non-event."
"We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact."
"The isolation feature is the most important because it prevents attacks."
"The most valuable feature is the process isolation because it simply stops malware from infecting the machines."
"It has prevented thousands of potential threats by encapsulating them within its own vSentry container, thus providing overall protection and integrity of the operating system."
"Now, instead of us having to go through that analysis, they actually give us a monthly report that shows us: "Here's what you got hit with, here's what would have happened, here are the forensics behind the attack," and, obviously, Bromium stopped it."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Microsoft Defender XDR is scalable."
"The integration between all the Defender products is the most valuable feature."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The only minor concern is occasional interference with desired programs."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"I haven't seen the use of AI in the solution."
"The solution is not stable."
"The SIEM could be improved."
"Initial setup was complex. There were many configurations that needed to be worked out with the vendor. The setup required hands-on assistance from Bromium."
"They have always struggled with usability. The protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents."
"I did not find this to be an out-of-the-box solution, it required planning and alignment across many groups."
"When you deploy, not only is the user asked to reboot their computer, they are also asked to wait for 20 minutes while it sits there and initializes. It definitely impacts the end-user. It takes time away from their day."
"Initially, when we came in contact with Bromium a few years ago, it had a nice threat analyst, or a LAVA Pop, which is what they used to call it. Once it detected malware, it would show us the malware's path... I don't see that on the computers now. We only get to see that in the console. I would like to still see that on the individual machines because when we go out to look at a machine, we don't necessarily have access to the console."
"They need to improve the compatibility with other applications and its stability. It works well with attacks, but it doesn't work well with all software on the clients. There is a lot of troubleshooting and a lot of things that need to be tuned to make it work and not break things."
"The tool behaves differently when I ported to Windows 11."
"Room for improvement would be keeping up with the rate of change, specifically on Windows platforms. There are a lot of updates that come out for Microsoft Windows operating systems and the Bromium product needs to be able to keep up quickly with those updates and all the browser updates that are coming out. It's hard to do, but that's really where they need to be more responsive because we end up with problems and then we have to call support to get patches, etc."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"This solution could be improved if it included features such as those offered by Malwarebytes."
HP Wolf Security is ranked 49th in Endpoint Detection and Response (EDR) with 8 reviews while Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 80 reviews. HP Wolf Security is rated 7.8, while Microsoft Defender XDR is rated 8.4. The top reviewer of HP Wolf Security writes "Adds a layer of safety, especially for laptops operating in various environments". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". HP Wolf Security is most compared with Norton Small Business, Bitdefender Total Security, Microsoft Defender for Business, Kaspersky Total Security and Microsoft Defender for Endpoint, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Cortex XDR by Palo Alto Networks. See our HP Wolf Security vs. Microsoft Defender XDR report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.