We performed a comparison between Cybereason XDR and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Cybereason XDR's most useful feature is the investigation."
"The solution has an investigation feature, which is useful for building storylines."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The solution is well integrated with applications. It is easy to maintain and administer."
"Cybereason's customer support could be better."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"The data recovery and backup could be improved."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The tool gives inconsistent answers and crashes a lot."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The web filtering solution needs to be improved because currently, it is very simple."
Cybereason XDR is ranked 18th in Extended Detection and Response (XDR) with 2 reviews while Microsoft Defender XDR is ranked 6th in Extended Detection and Response (XDR) with 76 reviews. Cybereason XDR is rated 8.6, while Microsoft Defender XDR is rated 8.4. The top reviewer of Cybereason XDR writes "Provides effective incident response and investigation features". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". Cybereason XDR is most compared with Cortex XDR by Palo Alto Networks, Wazuh, Cynet, Mandiant Advantage and TEHTRIS XDR, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One. See our Cybereason XDR vs. Microsoft Defender XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
