We performed a comparison between FortiXDR and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The summarization of emails is a valuable feature."
"The threat intelligence is excellent."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The most valuable feature of FortiXDR is it integrates well with other Fortinet solutions, such as Fortinet firewall, FortiMail, FortiSandbox, Forti Fabric, switches, and access points. Whatever the flow of the traffic comes in or goes out, the entire traffic can be managed and monitored properly."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"The integration with Logic Apps allows for automated responses to incidents."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"The solution's robust security posture is the most valuable feature."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"Many of the solutions, such as CrowdStrike have an MDR solution where remediation can be provided by the vendor. For example, if there is any zero data threat found, a new threat that the customer is not able to recognize, fix, or understand what needs to be done this feature has to be added in FortiXDR so that the customer feels comfortable."
"I felt that there was disconnection in terms of understanding the UI. The communication for moving from the old UI to the new UI could be improved. It was a bit awkward."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"The remediation process could be improved."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"Azure is a complex solution. You have so many moving parts."
"There is no perfect product in the world and there are always features that can be added."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
FortiXDR is ranked 29th in Extended Detection and Response (XDR) with 1 review while Microsoft Defender for Cloud is ranked 2nd in CWPP (Cloud Workload Protection Platforms) with 46 reviews. FortiXDR is rated 0.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of FortiXDR writes "Effective traffic monitoring, integrates well, but stability could improve". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". FortiXDR is most compared with Cortex XDR by Palo Alto Networks, Trend Vision One, SentinelOne Singularity Complete, CrowdStrike Falcon and Cisco SecureX, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Sentinel, Wiz and Microsoft Defender for Endpoint.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.