We performed a comparison between Microsoft Defender XDR and Microsoft Purview Data Governance based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The product integrates security into one tool instead of having third-party security tools."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"I use the tool in projects as a medium to provide information as reports to the stakeholders."
"I don't know if I've gotten much value out of Purview personally, but our security team loves it. Our biggest concern is leakage or theft of our data because we have a lot of PII and stuff that has not been released. We like the insights Purview provides and the way the solution can track and manage things. I'd say that was probably their favorite piece of it so far. From everything the security team has told me, the policy management and DLP features are working spectacularly."
"The ability to classify data quickly and effortlessly is arguably Microsoft Purview's most valuable feature."
"MIP also provides strong information rights management settings, such as the ability to specify who has access to content and at what time."
"The time to onboard is pretty short."
"It is critical that Purview delivers data protection across multi-cloud and multi-platform environments. That is the number one reason that people are adopting hybrid and best-of-the-breed approaches. Especially in banking, it is critical because people want to protect, govern, and secure their data. This is one of the first conversations that happens with security and the architecture group on the client side."
"Microsoft Purview is extremely stable."
"You can set up automated dates to alert on internal data."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"Advanced attacks could use an improvement."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Enhancing the tool's capability to connect to multiple sources would be valuable."
"Purview's data loss prevention for macOS endpoints has some limitations, and the end-user experience of recovering from a failure is lacking."
"Purview's data connector platform for non-Microsoft data sources is good, but there is some functionality that hasn't been developed yet. There are some servers that it can't connect to yet, because they're still in a trial process."
"The product needs improvement to edit the number of assets. It needs to be more inuitive as well."
"As Microsoft Purview got a little more mature, the deployments got a little more complex, as we were kind of seeing that there are a lot of ways, like there were a hundred ways to do one thing or less."
"Support should be improved in the form of good documentation and video lessons where a person can check things out. There is a community, but it takes a lot of time if we want to get an answer to a question."
"While Purview's data connector platform can ingest information from non-Microsoft data sources, it is slow to do so and the information may become outdated."
"There is room for improvement when it comes to Purview's data connector platform in supporting ingestion from non-Microsoft data sources."
More Microsoft Purview Data Governance Pricing and Cost Advice →
Microsoft Defender XDR is ranked 1st in Microsoft Security Suite with 78 reviews while Microsoft Purview Data Governance is ranked 7th in Microsoft Security Suite with 48 reviews. Microsoft Defender XDR is rated 8.4, while Microsoft Purview Data Governance is rated 7.6. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Microsoft Purview Data Governance writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager and Wazuh, whereas Microsoft Purview Data Governance is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and Microsoft Intune. See our Microsoft Defender XDR vs. Microsoft Purview Data Governance report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.