Microsoft Defender XDR vs Microsoft Purview Audit comparison

"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."

"Microsoft 365 Defender is simple to upgrade."

"Microsoft Defender XDR is very comprehensive, covering a lot of the services, tools, and applications that we use, so it's very efficient, and it works out of the box."

"The feature I find most valuable is Defender for Endpoint."

"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."

"What I like most about the product is its all-in-one solution. With Microsoft Defender XDR, we get coverage for various aspects like endpoint security, cloud security, and image-related cases, all within a single platform. This eliminates the need for multiple products or technical controls to address incidents. The main benefit became evident immediately after deployment, especially in its ability to analyze files and phishing emails quickly. By submitting suspicious files or emails, we receive quick results on whether they are legitimate, suspicious, or malicious, saving time."

"The ability to integrate and observe a more cohesive narrative across the products is crucial."

"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."

"The platform has significantly enhanced our operational insight into the overall Microsoft 365 environment."

"The overall user experience with Microsoft Purview Audit is of higher quality than when it was branded as Compliance Center, and Microsoft consistently updates and evolves functionalities and the overall experience."

"We're easily saving at least one hour per day using this solution."

"Microsoft Defender XDR can be improved as a solution because it's still quite costly; it's part of E5, E5 security, so the cost is still quite high, especially considering SME and C customers, or SMB customers."

"There is no comprehensive visibility, making it less user-friendly."

"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."

"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."

"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."

"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."

"Intrusion detection and prevention would be great to have with 365 Defender."

"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."

"We are still in the early stages of leveraging Microsoft Purview Audit. Currently, it's primarily used for the audit function."

"We do have a Denial of Access happening."

"Areas for product improvement include enhancing customization options and integrating more comprehensive compliance features."

"The product is fairly priced for what we get from it."

"It is fairly priced because we get complete integrated services with the E5 license."

"On average, we pay around 55 euros per user for the services and features we receive."

"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."

"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."

"I believe that the pricing of the licensing is fair."

"The solution is affordable, and we haven't been hit with any hidden costs. The subscription model is straightforward, and it's easy to understand how much additional features cost. If we need to cancel a license or feature, we do that well in advance to avoid being charged for it, but overall, the pricing and licensing are simple and easy."

"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."