IBM Security QRadar and Microsoft Defender XDR are complementary cybersecurity solutions that tackle security from different angles. QRadar is a Security Information and Event Management (SIEM) system that collects and analyzes diverse logs from various security tools and network devices. It is praised for its advanced threat detection capabilities, customizable dashboards, and seamless integration with other security tools. On the other hand, Defender XDR is an Extended Detection and Response (XDR) solution, praised for its robust security measures, incident response, and seamless integration with Microsoft products.
The summary above is based on 187 interviews we conducted recently with IBM Security QRadar and Microsoft 365 Defender users. To access the review's full transcripts, download our report.
"The solution was relatively easy to deploy."
"The product detects and blocks threats and is more proactive than firewalls."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"NGAV and EDR features are outstanding."
"It is stable and scalable."
"The setup is pretty simple."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"I think the QDI is very good."
"It has improved my efficiency."
"The visibility it gives you into your infrastructure has been great."
"Flexible and valuable product that is modular, so you can easily set up a roadmap for your clients."
"It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important."
"It is a very good SIEM."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"It's user-friendly when compared to other products."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Microsoft 365 Defender is a stable solution."
"I have found the ability to delete unwanted threats beneficial."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"Its most significant advantage lies in its affordability."
"We find the solution to be a bit expensive."
"The SIEM could be improved."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"It takes about two business days for initial support, which is too slow in urgent situations."
"ZTNA can improve latency."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The support needs improvement."
"I haven't seen the use of AI in the solution."
"In a future release, the solution could provide malware analysis."
"The solution is clunky."
"With IBM Security QRadar, my company faced issues with the support we received for the product."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"I would like to see the update process simplified."
"IBM Security QRadar’s GUI could be improved."
"The solution should include remote action capabilities."
"The dashboard is pathetic and it takes a long time to perform a search."
"The management and automation of the cloud apps have room for improvement."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The mobile app support for Android and iOS is difficult and needs improvement."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 79 reviews. IBM Security QRadar is rated 8.0, while Microsoft Defender XDR is rated 8.4. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Microsoft Entra ID. See our IBM Security QRadar vs. Microsoft Defender XDR report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.