We performed a comparison between Bitdefender GravityZone XDR and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The integration, visibility, vulnerability management, and device identification are valuable."
"The most valuable feature is the network security."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"Microsoft 365 Defender is a good solution and easy to use."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"Scalability is pretty easy. It's easy to increase the capacity. You can just add on licenses to the existing license, and the duration of the license can be adjusted. For example, you've already bought a license for a year, and you want to add some more users. We can just add on licenses for the remaining period so that the entire organization can have the same expiry date. That makes renewal easier."
"The product has given us more insight into potential avenues for attack paths."
"It's quite a good product. It helps to understand the infections and issues you are facing."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."
"The solution's robust security posture is the most valuable feature."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The mobile app support for Android and iOS is difficult and needs improvement."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Another area of improvement is CPU utilization. CPU utilization could be improved."
"Microsoft Defender could be more centralized. For example, I still need to go to another console to do policy management."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
Bitdefender GravityZone XDR is ranked 19th in Extended Detection and Response (XDR) with 1 review while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Bitdefender GravityZone XDR is rated 9.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Bitdefender GravityZone XDR writes "Easy to use in terms of management and console is very user-friendly". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Bitdefender GravityZone XDR is most compared with Wazuh and Trend Vision One, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Endpoint and Microsoft Sentinel.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
