We performed a comparison between Bitdefender GravityZone XDR and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."Defender is easy to use. It has a nice console, and everything is all in one place."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The solution is well integrated with applications. It is easy to maintain and administer."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"Scalability is pretty easy. It's easy to increase the capacity. You can just add on licenses to the existing license, and the duration of the license can be adjusted. For example, you've already bought a license for a year, and you want to add some more users. We can just add on licenses for the remaining period so that the entire organization can have the same expiry date. That makes renewal easier."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"The product has given us more insight into potential avenues for attack paths."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"Intrusion detection and prevention would be great to have with 365 Defender."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The logs could be better."
"The tool gives inconsistent answers and crashes a lot."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"Another area of improvement is CPU utilization. CPU utilization could be improved."
"The documentation could be much clearer."
"There is no perfect product in the world and there are always features that can be added."
"I would suggest building a single product that addresses endpoint server protection, attack surface, and everything else in one solution. That is the main disadvantage with the product. If we are incorporating some features, we end up in a situation where this solution is for the server, and that one is for the client, or this is for identity, and that is for our application. They're not bundling it. Commercially, we can charge for different licenses, but on the implementation side, it's tough to help our end-customer understand which product they're getting."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"The documentation and implementation guides could be improved."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
Bitdefender GravityZone XDR is ranked 19th in Extended Detection and Response (XDR) with 1 review while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Bitdefender GravityZone XDR is rated 9.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Bitdefender GravityZone XDR writes "Easy to use in terms of management and console is very user-friendly". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Bitdefender GravityZone XDR is most compared with Wazuh and Trend Vision One, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Endpoint and Microsoft Sentinel.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.