• Home
  • Forescout Platform vs. Mandiant Advantage

Forescout Platform vs Mandiant Advantage comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 79 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
Forescout Logo
Forescout Platform
Read 69 Forescout Platform reviews
462 views|249 comparisons
87% willing to recommend
Mandiant Logo
Mandiant Advantage
Read 3 Mandiant Advantage reviews
971 views|624 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Forescout Platform vs. Mandiant Advantage
March 2024
Executive Summary

We performed a comparison between Forescout Platform and Mandiant Advantage based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Forescout Platform vs. Mandiant Advantage Report (Updated: March 2024).
Download the complete report
769,599 professionals have used our research since 2012.
Featured Review
Sear Mahmood
It lets us prioritize threats and automate responses, but the threat intelligence could be better
Defender XDR enables us to prioritize threats according to the algorithm or our custom rules. We can prioritize threats and have the option to... Read more →
Anonymous User
Very flexible with a great discovery mode feature
As a result of using Forescout, we had a better overview of all the devices, known and unknown, that were connected to our network; it was a real... Read more →
Joshua Garnett
It gives us peace of mind that issues can be addressed when our core IT team isn't working
Mandiant gives us peace of mind that their SOC will resolve issues when our core IT team is not online.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there.""In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments.""The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update.""Defender is easy to use. It has a nice console, and everything is all in one place.""The threat intelligence is excellent.""The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team.""The solution is well integrated with applications. It is easy to maintain and administer.""The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."

More Microsoft Defender XDR Pros →

"I can integrate Forescout with products from multiple vendors in my environment, and also, the integration is searchable. It can be used with 802.1X and non-802.1X to integrate with my existing network. I don't need to upgrade any existing networks in my system, and I don't need to replace existing devices to integrate with Forescout. I find value in not having to spend money upgrading existing devices and networks.""The interface is easy to use.""The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good.""Forescout Platform has granular features and one of the most impressive features is the agentless feature.""The initial setup is quite simple. It's not too complex or difficult to set up.""The solution's implementation and operation are very easy.""You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as.""The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."

More Forescout Platform Pros →

"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far.""The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats.""The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."

More Mandiant Advantage Pros →

Cons
"The web filtering solution needs to be improved because currently, it is very simple.""The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports.""The logs could be better.""The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization.""When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc.""The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process.""In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things.""The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."

More Microsoft Defender XDR Cons →

"Search - needs boolean functionality (or pseudo operand now working).""They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment.""Definitely, having more third-party integration would be an improvement.""The initial setup was complex.""Forescout needs to upgrade its development in the future.""The fact that Forescout Platform doesn't have a presence in the South African region is a weakness because of which you can't ask for help from them if you have any problems.""Custom integrations need to be better.""Forescout Platform could improve the integration or compatibility with other solutions, such as Chinese-made solutions. They do not have any integration with S33 which is a switch. They do not have good integration with new solutions in the market. They do integrate well with Rocket, Cisco, Juniper, and quite a few more but they could expand the integration."

More Forescout Platform Cons →

"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client.""I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform.""They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."

More Mandiant Advantage Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "Devices with multiple IP's count multiple times against your license count."
  • "The fact that we were allowed to spin up as many servers as we had need of to support our geographic requirements while paying for licensing as an enterprise truly set Forescout apart from the crowd and improved the way we could design our access."
  • "We went with the virtual appliance option. The biggest cost to running these types of appliances would be to either have multiple virtual appliances at every data center or running Remote SPAN hardware to provide you the real-time network visibility."
  • "The ROI is priceless."
  • "It might not be the cheapest solution, but you get what you pay for."
  • "Time savings in finding rogue devices as well as identifying potentially unwanted devices on the network has saved the organization time and money."
  • "The setup cost, pricing, and licensing are on the high side."
  • "Forescout Platform is too expensive, so the price should be reduced."

    • More Forescout Platform Pricing and Cost Advice →

    Information Not Available
    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    769,599 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:The integration, visibility, vulnerability management, and device identification are valuable.
    Read all 39 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:There is the cost of the license, and there is the cost of implementation services. Only by enabling a license for your… more »
    Read all 30 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:The web filtering solution needs to be improved because currently, it is very simple. It is very important. Integrations… more »
    Read all 38 answers   →
    What advice do you have for others considering Forescout Platform?
    Top Answer:Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block… more »
    Read all 41 answers   →
    What advice do you have for others considering Forescout Platform?
    Top Answer:I would rate the Forescout Device and Visibility Control Platform at a six out of ten.
    Read all 41 answers   →
    What advice do you have for others considering Forescout Platform?
    Top Answer:I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place… more »
    Read all 41 answers   →
    What do you like most about Mandiant Advantage?
    Top Answer:The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to… more »
    Read all 2 answers   →
    What needs improvement with Mandiant Advantage?
    Top Answer:I think that the data query that is used for data cloud language should be improved. It's really hard to query actual… more »
    Read all 2 answers   →
    What is your primary use case for Mandiant Advantage?
    Top Answer:Our primary use case was monitoring the threat actors that our clients were concerned about. We also used Mandiant… more »
    Read all 2 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT
    Mandiant Threat Intelligence
    Learn More
    Microsoft
    Forescout
    Mandiant
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Forescout Platform provides today’s busy enterprise organizations with policy and protocol management, workflow coordination, streamlining, and complete device and infrastructure visibility to improve overall network security. The solution also provides concise real-time intelligence of all devices and users on the network. Policy and protocols are delineated using gathered intelligence to facilitate the appropriate levels of remediation, compliance, network access, and all service operations. Forescout Platform is very flexible, integrates well with most of today’s leading network security products, and is a very cost-effective solution.

    Forescout Platform Features

    • Real-time complete visibility: With Forescout eyeSight, each and every device is classified when any attempt to access your network has been made. This includes - but is not limited to - desktops, laptops, android devices, virtual machines, switches, VoIP phones, USB memory sticks, webcams, IoT devices, and more.

    • Policy-based and manual controls: In today’s busy robust environment, networks are continually changing; there are different types and amounts of devices connected, various software applications, network compliance requirements, and the constant potential for risk make managing an IT network a very daunting challenge. The Forescout Console is used to simplify the administration and management of important alerts, remediation, and access controls to keep the network secure.

    • Intuitive real-time dashboards: Forescout Dashboards, a component of Forescout WebClient, is a comprehensive web-based intelligence center that gives full visibility and real-time insight of the complete network using both out-of-the-box and user-created widgets. The dashboards are very intuitive and deliver robust, easy-to-understand information about device visibility, compliance, health monitoring, and more.

    • Advanced reporting capabilities: The Forescout Reports Plugin will generate numerous valuable reports indicating real-time and overall status information about endpoint compliance, device details, networks guests, protocols, and more. The reports help to ensure IT administrators, executives, security teams, and other important shareholders stay well-informed about all network activity at all times.

    • Comprehensive third-party overview: Forescout eyeExtend facilitates seamless information sharing with third-party vendors, networks, and IT management solutions supporting improved automated workflows, productivity, cost-effectiveness, and overall security.

    Real User Reviews

    An important main feature of Forescout is the visibility the solution offers.

    One reviewer who is a Consultant at a tech services company, says, "Within three or four days, you can have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."

    Users also appreciate that the user interface is clear and easy to understand.

    An Instructor at a tech services company, shares, "The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."

    Mandiant Advantage is a multi-vendor XDR platform that provides security teams of all sizes with frontline intelligence. Mandiant Advantage aims to speed up operational as well as strategic security and risk decision making. Mandiant Advantage provides security teams with an early knowledge advantage through the Mandiant Intel Grid, which provides platform modules with current and relevant threat data and analysis capabilities. Organizations are better protected from cyber attacks and more confident in their readiness when they have access to continuous security validation, detection, and response.

    Mandiant Advantage Features

    Mandiant Advantage has many valuable key features. Some of the most useful ones include:

    • Threat intelligence: Front-line intelligence that enables a defender to be aware of the strategies and tactics that opponents are employing at this moment. Organizations will be able to contextualize, prioritize, and implement the most pertinent new intelligence by fusing ASM and threat intelligence.
    • Security validation: This allows security teams to optimize, rationalize, and prioritize their security activities from a budget and manpower viewpoint. It measures the effectiveness of security controls applied within an organization. Controls can be evaluated against the most recent TTPs actively used by threat actors by incorporating information into the security validation procedure. Organizations can determine whether their security policies are successfully thwarting or detecting attacks against their external attack surface by integrating ASM and security validation.
    • Automated Defense: In order to fuel SOC event/alert correlation and triage, Automated Defense combines knowledge and intelligence with machine learning. This is similar to integrating a machine-based Mandiant analyst into your security program. By merging ASM and Automated Defense, more context is given to Automated Defense, enhancing the relevance and usefulness of alarms.
    • Attack surface management: ASM offers a continuous, scalable method for locating hundreds of different asset and exposure types within on-premises, cloud, and SaaS application environments. In addition to assets being found, technologies in use are also identified, and vulnerabilities are confirmed rather than just speculated. Cyber defenders are able to effectively and efficiently limit their external exposures by integrating the full Mandiant Advantage suite into ASM, which prioritizes and validates the information regarding the attack surface.

    Mandiant Advantage Benefits

    There are many benefits to implementing Mandiant Advantage. Some of the biggest advantages the solution offers include:

    • Boost your current security investments: No matter what security policies you have implemented, you may improve your security capabilities by automating Mandiant's expertise as a virtual extension of your team.
    • Improve your visibility and priority: View the threats Mandiant is continuously monitoring across your attack surface and internal controls in order to prioritize and drive focus.
    • Flexible deployment: Depending on your needs, Mandiant Advantage can be supplied as technology, along with support, or as a fully managed contract.
    • Scale efficiently: Without the need for time-consuming and expensive human labor, a SaaS-based strategy deploys in hours, scales with your environment, and provides constant expert analysis.
    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust
    Stater Bros. Markets, Rush Copley, Blackboat, CapWealth
    Top Industries
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Government11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm17%
    Government12%
    Manufacturing Company10%
    Computer Software Company10%
    VISITORS READING REVIEWS
    Educational Organization29%
    Computer Software Company11%
    Government8%
    Financial Services Firm7%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company13%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business37%
    Midsize Enterprise12%
    Large Enterprise51%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise36%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise16%
    Large Enterprise67%
    Buyer's Guide
    Forescout Platform vs. Mandiant Advantage
    March 2024
    Free Report: Forescout Platform vs. Mandiant Advantage
    Find out what your peers are saying about Forescout Platform vs. Mandiant Advantage and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    769,599 professionals have used our research since 2012.

    Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Mandiant Advantage is ranked 21st in Extended Detection and Response (XDR) with 3 reviews. Forescout Platform is rated 8.4, while Mandiant Advantage is rated 8.6. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Mandiant Advantage is most compared with Cortex Xpanse, CrowdStrike Falcon, Microsoft Defender External Attack Surface Management, Cymulate and Cortex XDR by Palo Alto Networks. See our Forescout Platform vs. Mandiant Advantage report.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.