We performed a comparison between Microsoft Defender for Cloud Apps and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT."
"The most valuable feature of this solution is its monitoring."
"It is very easy to use, which is what we look for in these types of solutions."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need."
"The product helps us with privileged identity management to control who has access to what and for how long."
"It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"The comprehensiveness of Microsoft's threat detection is good."
"The integration between all the Defender products is the most valuable feature."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."
"Generally, the pricing can always be improved along with the management system."
"The interface needs to be more user-friendly."
"It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis."
"Sometimes the support is actually lacking."
"I would like more customization of notifications. Currently, you either get everything or you get limited information. I would like to have something in between where we can customize the data that is included in notifications."
"Intrusion detection and prevention would be great to have with 365 Defender."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"The management and automation of the cloud apps have room for improvement."
"The web filtering solution needs to be improved because currently, it is very simple."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews while Microsoft Defender XDR is ranked 1st in Microsoft Security Suite with 79 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Microsoft Defender XDR is rated 8.4. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One. See our Microsoft Defender XDR vs. Microsoft Defender for Cloud Apps report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.