We performed a comparison between Trend Micro XDR and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships. Microsoft Defender for Cloud could use enhancements in automation and ease of use.
Service and Support: Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.
Ease of Deployment: The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.
Pricing: Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.
ROI: Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"This is stable and scalable."
"Ability to get forensics details and also memory exfiltration."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"I get alerts when scripts are detected in the environment."
"Most importantly, it's an integrated solution. We not only have Defender for Cloud, but we also have Defender for Endpoint, Defender for Office 365, and Defender for Identity. It's an integrated, holistic solution."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"Threat protection is comprehensive and simple."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"The integration with Logic Apps allows for automated responses to incidents."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"For scalability, I would give a rating of ten out of ten."
"Scaling is not a problem at all."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well."
"It helps us with investigations."
"Trend Micro XDR is stable, scalable, and reasonably priced."
"The proactive approach is the best feature."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"FortiEDR can be improved by providing more detailed reporting."
"The solution is not user-friendly."
"The SIEM could be improved."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"ZTNA can improve latency."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The product must improve its UI."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Trend Micro doesn't have the next-generation firewall."
"I would like to have more integration with mobile device management."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"Vision One's search could be improved. While the platform is very user-friendly, the search feature uses terms that aren't as intuitive."
"The information captured by Trend Vision One needs to be more detailed."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
"Results were delayed."
Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Microsoft Defender for Cloud is rated 8.0, while Trend Vision One is rated 8.6. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, Microsoft Defender XDR, SentinelOne Singularity Complete and Wazuh. See our Microsoft Defender for Cloud vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.