We performed a comparison between Microsoft Defender XDR and Microsoft Entra ID Protection based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"I have found the ability to delete unwanted threats beneficial."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"I use conditional access most of the time."
"The primary and most valuable aspect of Azure AD identity is its ability to function seamlessly on both on-premise and cloud infrastructure, eliminating the need for extensive updates. However, this dual solution can pose vulnerabilities that require substantial support and security measures in the on-premise environment. Despite the challenges, it is currently not feasible to completely abandon AD, especially for companies in the sales and energy sectors. The integration with Microsoft Defender is crucial for enhancing security, making identity and security the primary focus and purpose of Azure AD."
"The reverse proxy feature provides additional security that is not available in other solutions."
"The solution helps us with authentication."
"The tool is simple and you can find a lot of tutorials, and videos on YouTube that can help you."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The web filtering solution needs to be improved because currently, it is very simple."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The solution is not optimized to work with Mac devices on a granular level. They work seamlessly with Windows but have a lot to improve to work with Mac devices. It also needs to improve stability and scalability."
"Identity labeling and sensitivity needs improvement."
"The solution's sync should be faster since it can take about 30 minutes to two hours to complete a simple sync. The tool needs to sync instantly. It also needs to improve scalability, support, and stability."
"Azure AD could improve by enhancing the availability of specialized courses for security, such as NETSCOUT security or other relevant certifications. It would be beneficial to have specific courses for security, to provide in-depth knowledge and skills related to Azure AD. While there are micro-learning resources available for various concepts, many people in the IT industry may not have the time to go through all the courses to properly configure and utilize Azure Active Directory. Simplifying the implementation process and making it easier for individuals to join a company with Azure AD could also be considered areas for improvement."
"Integrating some notifications, not necessarily all, but at least for important events or alerts, would be beneficial as it would function as a team solution or something similar."
More Microsoft Entra ID Protection Pricing and Cost Advice →
Microsoft Defender XDR is ranked 1st in Microsoft Security Suite with 79 reviews while Microsoft Entra ID Protection is ranked 13th in Microsoft Security Suite with 5 reviews. Microsoft Defender XDR is rated 8.4, while Microsoft Entra ID Protection is rated 8.4. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Microsoft Entra ID Protection writes "Enables smooth user sign-on experience, seamlessly deployment, and scales well". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One, whereas Microsoft Entra ID Protection is most compared with Microsoft Defender for Identity, CrowdStrike Identity Protection, BloodHound Enterprise, Microsoft Entra Permissions Management and Microsoft Sentinel. See our Microsoft Defender XDR vs. Microsoft Entra ID Protection report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.