We performed a comparison between ExtraHop Reveal(x) 360 and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is scalable."
"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."
"It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The most valuable feature is the network security."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"It has great stability."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"There needs to be more support."
"A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations."
"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers."
"Stability could be improved by avoiding frequent changes to the interface."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The logs could be better."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The licensing is a nightmare and has room for improvement."
ExtraHop Reveal(x) 360 is ranked 23rd in Extended Detection and Response (XDR) with 3 reviews while Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 78 reviews. ExtraHop Reveal(x) 360 is rated 8.6, while Microsoft Defender XDR is rated 8.4. The top reviewer of ExtraHop Reveal(x) 360 writes "A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". ExtraHop Reveal(x) 360 is most compared with ExtraHop Reveal(x), Forescout Platform and Corelight, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One. See our ExtraHop Reveal(x) 360 vs. Microsoft Defender XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.