• Home
  • Forescout XDR vs. Microsoft Defender for Cloud

Forescout XDR vs Microsoft Defender for Cloud comparison

Cancel
You must select at least 2 products to compare!
Forescout Logo

Forescout XDR

Read 1 Forescout XDR review
64 views|35 comparisons
0% willing to recommend
Microsoft Logo

Microsoft Defender for Cloud

Read 46 Microsoft Defender for Cloud reviews
16,179 views|12,312 comparisons
95% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
SOC as a Service
March 2024
Executive Summary

We performed a comparison between Forescout XDR and Microsoft Defender for Cloud based on real PeerSpot user reviews.

Find out what your peers are saying about Arctic Wolf Networks, Palo Alto Networks, Netsurion and others in SOC as a Service.
To learn more, read our detailed SOC as a Service Report (Updated: March 2024).
Download the complete report
768,886 professionals have used our research since 2012.
Featured Review
Utpal Sinha
Provides efficient network access control, but its support services need improvement
Daniella Duran
Helped detect dangerous scenarios right away and reduced risk for our users
From a security perspective, it reduced the amount of risk for employees, contractors, and users who might try to go to dangerous sites, as we... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc."

More Forescout XDR Pros →

"The entire Defender Suite is tightly coupled, integrated, and collaborative.""The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts.""The integration with Logic Apps allows for automated responses to incidents.""The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act.""We saw improvement from a regulatory compliance perspective due to having a single dashboard.""The product has given us more insight into potential avenues for attack paths.""It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem.""The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."

More Microsoft Defender for Cloud Pros →

Cons
"The product is more expensive than other vendors in terms of features."

More Forescout XDR Cons →

"Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority.""Pricing could be improved. There are limited options based on pricing for the government.""The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome.""They could always work to make the pricing a bit lower.""Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do.""Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark.""Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured.""From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."

More Microsoft Defender for Cloud Cons →

Pricing and Cost Advice
  • "The product is more expensive than other vendors in terms of features."

    • More Forescout XDR Pricing and Cost Advice →

  • "I'm not privy to that information, but I know it's probably close to a million dollars a year."
  • "We are using the free version of the Azure Security Center."
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."

    • More Microsoft Defender for Cloud Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which SOC as a Service solutions are best for your needs.
    See Recommendations
    768,886 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Forescout XDR?
    Top Answer:The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc.
    What is your experience regarding pricing and costs for Forescout XDR?
    Top Answer:The product is more expensive than other vendors in terms of features. In comparison, Qualys offers good support services, and Splunk offers additional on-premise resources.
    What needs improvement with Forescout XDR?
    Top Answer:The product's support services have limitations. We have to connect with their senior executives to get correct and immediate solutions. They should maintain the SLA properly. Additionally, the… more »
    How is Prisma Cloud vs Azure Security Center for security?
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a… more »
    What do you like most about Microsoft Defender for Cloud?
    Top Answer:The entire Defender Suite is tightly coupled, integrated, and collaborative.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft Defende...
    Top Answer:Our clients complain about the cost of Microsoft Defender for Cloud. Microsoft needs to bring the cost down. What we're doing to their detriment is simply lowering the amount of log retention we're… more »
    Read all 31 answers   →
    Ranking
    9th
    out of 27 in SOC as a Service
    Views
    64
    Comparisons
    35
    Reviews
    1
    Average Words per Review
    271
    Rating
    6.0
    2nd
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    16,179
    Comparisons
    12,312
    Reviews
    21
    Average Words per Review
    1,043
    Rating
    7.9
    Comparisons
    Also Known As
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Learn More
    Forescout
    Video Not Available
    Microsoft
    Interactive Demo
    Forescout
    Demo Not Available
    Microsoft
    Watch a demo
    Overview

    Forescout XDR is an eXtended detection and response solution that converts telemetry and logs into high fidelity, SOC-actionable probable threats.

    It automates the detection, investigation, hunt for and response to advanced threats across all connected assets – IT, OT/ICS, IoT and IoMT – from campus to cloud to data center to edge. Forescout XDR combines essential SOC technologies and functions into a unified, cloud-native platform, viewable and actionable from a single console.

    Forescout XDR Business Value

    • Reduces business risk: Reduce the risk and magnitude of a successful attack, business disruption or data breach by eliminating alert noise so you can quickly and accurately detect, investigate, and respond to the broadest range of advanced threats.
    • Optimize security operations: Streamline the analyst function and speed complex investigation and threat-hunting processes with enriched, normalized, and contextualized data correlated to produce a small number of detections that warrant investigation – all in a unified console that integrates with case management systems and other security tools.​
    • Support Compliance: Combine long-term log storage with automated threat detection and threat intelligence to close the potential gap between when a breach or disruption is noticed and when a response action is taken.​
    • Lower costs: Consolidate point solutions (data lake, security analytics, SOAR, UEBA, threat intel platform) and reduce costs related to data onboarding, rules management and analyst turnover with a solution that simplifies and supports their workflow.​
    • Leverage multi-vendor security investments: Derive more value from existing solutions and make better use of asset data and threat intel via automation across case management and incident response systems, sensors (network, endpoint, cloud) and enforcement points. ​


    Improve SOC efficiency by 450x with better detection and response of true threats

    Security operations center (SOC) teams face a daily barrage of incomplete and inaccurate alerts that lack vital contextual information, many of them false positives. As a result, analysts miss critical threats and take longer to investigate and respond to them, increasing the risk of a breach. In fact, the typical SOC receives an estimated 11,000 alerts per day, or 450 alerts per hour – most of them low fidelity, low confidence alerts, and false positives. 

    With Forescout XDR, that number is reduced to one SOC-actionable detection an hour – or one probable threat that warrants human investigation.

    Key Features

    • Data ingestion: Natively supports Forescout eyeSight, eyeInspect and Medical Device Security data – and over 170 vendor- and EDR-agnostic sources including: security, infrastructure, enrichment, applications and cloud/SaaS.
    • Data onboarding: Helps ensure that you extract maximum detection value to support your most important use cases. Forescout data engineers work alongside your team to plan and prioritize the data sources to be onboarded, then help configure the data pipeline and ensure your data is being properly parsed, cleansed, normalized, and enriched. ​
    • Advanced data pipeline: Applies a rigorous data science-centric approach to manage data flowing from enterprise-wide sources into its advanced threat detection engine.

    Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

    The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

    Sample Customers
    Information Not Available
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company18%
    Retailer18%
    Manufacturing Company11%
    Financial Services Firm9%
    REVIEWERS
    Computer Software Company24%
    Consumer Goods Company10%
    Recruiting/Hr Firm10%
    Agriculture10%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company8%
    Government7%
    Company Size
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise14%
    Large Enterprise61%
    REVIEWERS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise65%
    Buyer's Guide
    SOC as a Service
    March 2024
    Download Free Report
    Find out what your peers are saying about Arctic Wolf Networks, Palo Alto Networks, Netsurion and others in SOC as a Service. Updated: March 2024.
    DOWNLOAD NOW
    768,886 professionals have used our research since 2012.

    Forescout XDR is ranked 9th in SOC as a Service with 1 review while Microsoft Defender for Cloud is ranked 2nd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Forescout XDR is rated 6.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Forescout XDR writes "Provides efficient network access control, but its support services need improvement". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Forescout XDR is most compared with CrowdStrike Falcon and Arctic Wolf Managed Detection and Response, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint.

    We monitor all SOC as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.