We performed a comparison between Trend Micro XDR and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships. Microsoft Defender for Cloud could use enhancements in automation and ease of use.
Service and Support: Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.
Ease of Deployment: The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.
Pricing: Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.
ROI: Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.
"The most valuable feature is the analysis, because of the beta structure."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"Threat protection is comprehensive and simple."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"Technical support is helpful."
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."
"The most valuable feature is that it's intuitive. It's very intuitive."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"The integration with Logic Apps allows for automated responses to incidents."
"It has good vulnerability protection."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well."
"We had previously deployed on-premises, and all we had to do was access the designated console and click a button to migrate all on-premises agents to cloud agents."
"It is a stable product. It works very well."
"The solution is not stable."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We'd like to see more one-to-one product presentations for the distribution channels."
"ZTNA can improve latency."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"Pricing could be improved. There are limited options based on pricing for the government."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"They could always work to make the pricing a bit lower."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"The price could be lower."
"The agent system is very slow, it needs to improve its performance."
"Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."
"Reporting could be a little bit better. They are working on it, and it is getting better."
"It would be ideal if they could improve the control of connectivity between sensors."
"The solution could always be made to be more secure."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
Microsoft Defender for Cloud is ranked 2nd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 42 reviews. Microsoft Defender for Cloud is rated 8.0, while Trend Vision One is rated 8.6. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, Microsoft Defender XDR, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks. See our Microsoft Defender for Cloud vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
