We performed a comparison between Forescout Platform and Microsoft 365 Defender based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Forescout users say the product could be better at resolving connectivity and license issues. Users also want more compatibility with different devices and operating systems, along with better logging and troubleshooting capabilities. Microsoft 365 Defender offers effortless integration with other Microsoft solutions. Users praised its flexibility and comprehensive protection against multiple threat types. Microsoft 365 Defender could upgrade its machine learning and AI capabilities. Some users suggested adopting Zero Trust features.
Service and Support: Some users reported positive experiences with Forescout support, but others requested better responsiveness and training. Some of our reviewers were satisfied with Microsoft's support, but others complained about slow responses and lackluster problem-solving capabilities.
Ease of Deployment: Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive. Setting up Microsoft 365 Defender is potentially complex and may involve integrating with existing policies. Some users reported longer deployment times.
Pricing: The total cost of Forescout Platform can be high depending on the level of customization and integration required. Some users say that Microsoft 365 Defender is good value, but others perceive it as more expensive than similar competing products.
ROI: Forescout Platform yields a solid ROI by improving network access control and overall security. Microsoft 365 Defender offers savings, attack prevention, consolidation of security measures, and proactive threat detection.
Comparison Results: Our users prefer Forescout Platform over Microsoft 365 Defender. Forescout offers exceptional agentless visibility, extensive device fingerprinting, and detailed configuration options. The platform also stands out for its excellent orchestration features, discovery capabilities, classification buckets, and flexible policies. Microsoft 365 Defender falls short in terms of visibility and customization compared to Forescout Platform.
"We think it's simple. We think it's very useful and we really like reports and everything."
"The user management has been very easy for the most part."
"Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it."
"We really like that we get full visibility of devices in the local network."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"It allows for good detection of all the vendor products we have on-site."
"The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."
"The product is very easy to work with and easy to deploy."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Microsoft Defender XDR is scalable."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The integration with other Microsoft solutions is the most valuable feature."
"The most valuable aspect is undoubtedly the exploration capability"
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"Forescout Platform's technical support is slow to respond and could be more knowledgeable."
"Multitenancy should be included in the next version so it could be used as a managed service provider."
"Can be expensive if it's only being used for one feature."
"Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns."
"The cost is too high."
"Two things can be improved in the Forescout Platform. First of all, the support for some certain proprietary protocols from other vendors, but they are very widely used. If the TechEx from Cisco, was added to Forescout, then it will be a full solution for me."
"It does not support the TACACS+ protocol."
"I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The solution does not offer a unified response and standard data."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 79 reviews. Forescout Platform is rated 8.4, while Microsoft Defender XDR is rated 8.4. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One. See our Forescout Platform vs. Microsoft Defender XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.