Microsoft Defender XDR vs Microsoft Entra ID comparison

Microsoft Defender XDR
Read 85 Microsoft Defender XDR reviews
  • 8,254 Views
  • 6,229 Comparison Views
97% willing to recommend
Microsoft Entra ID
Read 190 Microsoft Entra ID reviews
  • 4,426 Views
  • 3,082 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Microsoft Defender XDR and Microsoft Entra ID based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Defender XDR vs. Microsoft Entra ID Report (Updated: May 2024).
Buyer's Guide
Microsoft Defender XDR vs. Microsoft Entra ID
May 2024
Download the complete report
Helped 787,779 peers since 2012
 

Categories and Ranking

Microsoft Defender XDR
Ranking in Microsoft Security Suite
1st
Average Rating
8.4
Number of Reviews
85
Ranking in other categories
Endpoint Detection and Response (EDR) (7th), Extended Detection and Response (XDR) (5th)
Microsoft Entra ID
Ranking in Microsoft Security Suite
4th
Average Rating
8.6
Number of Reviews
190
Ranking in other categories
Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Identity and Access Management as a Service (IDaaS) (IAMaaS) (1st), Access Management (1st)
 

Mindshare comparison

As of June 2024, in the Microsoft Security Suite category, the mindshare of Microsoft Defender XDR is 4.9%, down from 10.4% compared to the previous year. The mindshare of Microsoft Entra ID is 10.2%, up from 6.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Microsoft Security Suite
Unique Categories:
Endpoint Detection and Response (EDR)
8.4%
Extended Detection and Response (XDR)
23.3%
Single Sign-On (SSO)
31.2%
Authentication Systems
26.5%
 

Featured Reviews

Benjamin Van Der Westhuyzen - PeerSpot reviewer
Jul 28, 2023
Provides us with better insight into what's going on across our platform
In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things. The information it provides is great, but for a newcomer, it is quite tedious and takes a long time to load. Here in South Africa, when you click, oftentimes you have to wait quite some time before you get to the next page. It's not necessarily internet-related. I think it's just that the service is a bit slow. Also, while the solution does help to prioritize threats, unfortunately, it doesn't do so for the entire environment. The reason is that it only supports full integration from Windows 10 and up. It provides you certain information from your server environment, but when you start going with legacy services, it is a bit lacking. Another issue that is sometimes a headache is that they constantly make changes. Things will be merged, they will get different names, or be moved around. Things will be added and other things go somewhere else. They do a lot of development to make the product better, but it's very frustrating having to search for stuff after they've moved it, because you don't always know that they have moved things. They might have little banners, but if you're just working and don't read them, you don't know where things have gone. I would also really like to see better integration with the server platforms for managing your server environment. That's something it currently doesn't do. For all the server environments, you either need to make use of group policies or SCCM to manage that independently. It can provide you information on the system, but it doesn't have control over your server line. Also, I make use of 365 Defender on a business level and on a personal level. On the personal level, there is a lot less functionality. Something that would be very nice is that, for the level you are on, you would only see the product you are subscribed to. For instance, if you log on via the business, you have all your action areas, anything you can do and see, on the left. Because you're using it at a corporate level, you can see and do everything. On the personal level, or in a small business where you're only using some of the features, you still have all the same options, but when you click on them, it tells you that you need to upgrade or subscribe. They should only show you what you have access to, and not all the tabs and then say, "You need to subscribe to get access to this." It just clutters the whole area.
Read full review
AB
Nov 28, 2023
Offers a good set of features, which includes provisioning, deprovisioning, stability, and scalability
My organization is less familiar with some of the new tools in the market, so I don't know whether I can speak about what needs improvement in Microsoft Entra ID presently. I have to absorb whatever I have learned about Microsoft Entra ID. I don't know if I can say what additional features need to be introduced in the product, but I can say that the product looks promising based on what I have learned about Microsoft Entra ID. Attempts to simplify hooks to perform access management are not always easy, but in my organization, we might be able to make some progress in the future. Microsoft's technical support has shortcomings where improvements are required.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The comprehensiveness of Microsoft's threat detection is good."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The integration, visibility, vulnerability management, and device identification are valuable."
More Microsoft Defender XDR pros
"Many of its features are valuable, including: facilitating application authentication, privileged access management, processes for attestation, and access reviews."
"The most valuable feature of the solution is its ability to delegate roles to each individual resource, which is great."
"We can centralize and manage everything much more effectively with this tool."
"Privilege identity management is the most valuable feature."
"It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience."
"It's multi-tenant, residing in multiple locations. The authentication happens quickly. Irrespective of whether I'm in Australia, the US, India, or Africa, I don't see any latency. Those are the good features that I rely on."
"We can have an audit and we can easily audit logs."
"This solution serves as the basis to understand the MS SSO and MFA capabilities."
More Microsoft Entra ID pros
 

Cons

"The logs could be better."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
More Microsoft Defender XDR cons
"Azure Active Directory could be made easier to use. We have large amounts of data and storage. We are looking for video files and media content for applications, we will think about options, such as cloud storage or a CDN."
"ESAE management, especially the admin tools, could be improved. It should be built in by the vendor, and I shouldn't have to add patches or updates to connect to my domain directly. It should be added by default. The price could be better."
"The product needs to improve its support."
"The licensing and support are expensive and have room for improvement."
"The synchronization between my AD and Azure AD needs improvement."
"Azure AD needs to be more in sync. The synchronization can be time-consuming."
"Initially, we wanted to exclude specific users from MSA. So, we had a condition policy, which forces MSA for all the users. So we wanted to exclude users who are using an NPS extension. So it was not listed, as a NPS extension was not listed outside an application, in actual, so, we go back and were not able to exclude users using NPS extension from MSA. So that was one limitation that we found and we had to work around that."
"The technical support has room for improvement."
More Microsoft Entra ID cons
 

Pricing and Cost Advice

"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."
"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."
"Microsoft Defender XDR's licensing is complicated."
"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."
"365 Defender is billed per account. I don't know the exact price, but my supervisor told me that Microsoft Defender is cheaper than the alternatives. It's bundled, so you get all the features in one place."
"The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
"The license cost for a year is approximately forty-four thousand, and this annual saving is a significant factor in our decision to switch."
"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."
More Microsoft Defender XDR pricing and cost advice
"We are working with the Premium P2 licenses, which are reasonable. If you invest in the on-premises environment setup, then it costs so much. However, on-prem AD gives you the ability to manage your organization in a very organized manner, where you can create a group policy."
"There are add-on components and services, such as identity services, that we have to add to our Azure subscription. Only then can I actually say it's on par with the on-prem server edition. Why should I pay for a component? It should be included in my subscription."
"The licensing costs are yearly. There is a standard fee per user."
"Pricing could always be better. You pay the premium for Microsoft. Sometimes, it is worth it, and at other times, you wish to have more licensing options, especially for smaller companies."
"It is very expensive. Its price should be lower. Price is the most important factor for Turkish people."
"The licensing cost is a bit prohibitive."
"For you to make use of some of the security features, you need to upgrade your licenses. If it is possible, could they just make some features free? For instance, for the Condition Access policy, you need to set that up and be on Azure AD P2 licensing. So if they could make it free or reduce the licensing for small businesses, that would be cool, as I believe security is for everyone."
"It comes free with the Microsoft account. We have a yearly agreement, and all products are covered under it."
More Microsoft Entra ID pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
See recommendations
787,779 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Educational Organization
27%
Computer Software Company
12%
Financial Services Firm
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
See all answers
What is your experience regarding pricing and costs for Microsoft 365 Defender?
Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying multiple-point solutions separately, it may be comparable in price. Overall, it is...
See all answers
What needs improvement with Microsoft 365 Defender?
Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionally, enhancing the privilege access management capability would make it a better s...
See all answers
How does Duo Security compare with Microsoft Authenticator?
We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...
See all answers
What do you like most about Azure Active Directory?
It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
See all answers
What is your experience regarding pricing and costs for Azure Active Directory?
It is worth the money.
See all answers
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR Logo
CrowdStrike Falcon vs Microsoft Defender XDR
Compared 44% of the time
Microsoft Defender for Cloud vs Microsoft Defender XDR Logo
Microsoft Defender for Cloud vs Microsoft Defender XDR
Compared 15% of the time
Microsoft Purview Compliance Manager vs Microsoft Defender XDR Logo
Microsoft Purview Compliance Manager vs Microsoft Defender XDR
Compared 5% of the time
Wazuh vs Microsoft Defender XDR Logo
Wazuh vs Microsoft Defender XDR
Compared 5% of the time
Trellix Endpoint Security vs Microsoft Defender XDR Logo
Trellix Endpoint Security vs Microsoft Defender XDR
Compared 1% of the time
More Microsoft Defender XDR Competitors
Microsoft Intune vs Microsoft Entra ID Logo
Microsoft Intune vs Microsoft Entra ID
Compared 10% of the time
Google Cloud Identity vs Microsoft Entra ID Logo
Google Cloud Identity vs Microsoft Entra ID
Compared 6% of the time
CyberArk Privileged Access Manager vs Microsoft Entra ID Logo
CyberArk Privileged Access Manager vs Microsoft Entra ID
Compared 6% of the time
Okta Workforce Identity vs Microsoft Entra ID Logo
Okta Workforce Identity vs Microsoft Entra ID
Compared 6% of the time
Ping Identity Platform vs Microsoft Entra ID Logo
Ping Identity Platform vs Microsoft Entra ID
Compared 5% of the time
More Microsoft Entra ID Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender XDR
June 2024
Microsoft Defender XDR reportDownload Microsoft Defender XDR product report
Buyer's Guide
Microsoft Entra ID
June 2024
Microsoft Entra ID reportDownload Microsoft Entra ID product report
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
 

Learn More

Microsoft
Microsoft
 

Interactive Demo

Demo not available
Microsoft
Microsoft
 

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Microsoft Entra ID, previously known as Azure AD (Active Directory), is Microsoft's cloud-based identity and access management (IAM) solution. Designed to help organizations of all sizes manage user identities and create an intelligent security perimeter around their cloud and on-premise resources. Microsoft Entra ID or Azure AD is integral to the Microsoft 365 and Azure ecosystems. It provides a robust set of capabilities to manage users and groups and secure access to applications in a centralized, streamlined manner.

Microsoft Entra ID (Azure AD) is a login system, morphing into a sophisticated identity and access management (IAM) solution for the modern, hybrid workplace. Imagine a single vault for all your digital keys – that's the essence of Entra ID's identity management. It acts as a central repository for user identities, encompassing usernames, passwords, and even additional attributes like department or employee role.

These capabilities enabled simplified administration using a unified platform for adding, modifying, and deleting user accounts. Users no longer need to remember login credentials for a plethora of applications. Entra ID streamlines access by using the same identity across various cloud services and on-premises resources (if integrated). Centralized identity management allows for stricter enforcement of security policies and password complexity requirements across the organization.

Authentication sits at the heart of the solution, ensuring only authorized users gain access to sensitive resources. It employs a multi-pronged approach:

  • Password Authentication: The traditional method of username and password is still supported, but Entra ID encourages stronger authentication methods.
  • Multi-Factor Authentication (MFA): Adding an extra layer of security, MFA requires users to verify their identity beyond just a password – through a code sent to their phone, fingerprint recognition, or a security key.
  • Single Sign-On (SSO): This user-friendly feature eliminates the need to enter credentials repeatedly. Users sign in once to Entra ID and gain seamless access to all authorized applications, boosting productivity.
  • Conditional Access Policies: Providing granular control over how and when users can access resources. Based on conditions like user role, location, device state, and the application being accessed, Conditional Access policies help ensure that only the right people under the right conditions can access sensitive resources.
  • Seamless Integration: Seamless integration with thousands of SaaS applications, Microsoft 365, and on-premises applications via Application Proxy or third-party identity bridges.
  • Advanced Security Reports and Alerts: Sophisticated security monitoring, reporting tools, and automated alerts. These features enable to identify potential security issues, such as atypical behavior or attempted identity attacks, allowing for swift remediation actions.

For organizations with on-premises infrastructure, Microsoft Entra ID (Azure AD) offers hybrid identity options. This allows for a smooth integration between on-premises Active Directory and Entra ID, providing a consistent identity for users across both environments. It enables organizations to leverage their existing investments in on-premises infrastructure while taking advantage of cloud scalability and flexibility.

In conclusion, Microsoft Entra ID (Azure AD) is a comprehensive IAM solution that addresses the complex challenges of managing and securing identities in a cloud-centric world. Its blend of ease of use, security, and integration capabilities makes it an essential component of modern IT infrastructure, supporting both operational efficiency and strategic business objectives.

Additional links:

       

      Sample Customers

      Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
      Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
      Buyer's Guide
      Microsoft Defender XDR vs. Microsoft Entra ID
      May 2024
      Free Report: Microsoft Defender XDR vs. Microsoft Entra ID
      Find out what your peers are saying about Microsoft Defender XDR vs. Microsoft Entra ID and other solutions. Updated: May 2024.
      DOWNLOAD NOW
      787,779 professionals have used our research since 2012.
      See our Microsoft Defender XDR vs. Microsoft Entra ID report.
      See our list of best Microsoft Security Suite vendors.

      We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.