We performed a comparison between Microsoft Defender for Office 365 and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender for Office 365 is a stable solution."
"Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable."
"The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"Defender helps us prioritize threats across our organization."
"The product's scalability is good."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"Microsoft Defender for Office 365 helps people to work remotely. It is a secure solution. We don't need to use our company's computers or get VPN connections to the networks. I can control how they share screens and what they send to the devices. It keeps our organizations confidential and sensitive information safe."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"Microsoft 365 Defender is simple to upgrade."
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added."
"There is room for improvement with the UI."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"Configuration requires going to a lot of places rather than just accessing one tab."
"They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are."
"The custom alerts have to improve a lot."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Microsoft Defender for Office 365 is ranked 9th in Microsoft Security Suite with 41 reviews while Microsoft Defender XDR is ranked 1st in Microsoft Security Suite with 78 reviews. Microsoft Defender for Office 365 is rated 8.4, while Microsoft Defender XDR is rated 8.4. The top reviewer of Microsoft Defender for Office 365 writes "Allows for easy reporting of problems, valuable anti-phishing, and anti-malware support". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". Microsoft Defender for Office 365 is most compared with Proofpoint Email Protection, Mimecast Email Security, Microsoft Exchange Online Protection (EOP), Cisco Secure Email and Barracuda Email Security Gateway, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One. See our Microsoft Defender XDR vs. Microsoft Defender for Office 365 report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
