Microsoft Defender XDR vs Qualys Multi-Vector EDR comparison

Microsoft and Qualys are both solutions in the Endpoint Detection and Response (EDR) category. Microsoft is ranked #5 with an average rating of 8.4, while Qualys is ranked #71. Additionally, 97% of Microsoft users are willing to recommend the solution, compared to 100% of Qualys users who would recommend it.

Microsoft Defender XDR

Read 89 Microsoft Defender XDR reviews

5,852 Views
4,413 Comparison Views

97% willing to recommend

Qualys Multi-Vector EDR

Read 1 Qualys Multi-Vector EDR review

162 Views
107 Comparison Views

100% willing to recommend

Microsoft Defender XDR

Qualys Multi-Vector EDR

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Microsoft Defender XDR and Qualys Multi-Vector EDR based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: September 2024).

Buyer's Guide

Endpoint Detection and Response (EDR)

September 2024

Download the complete report

Helped 813,418 peers since 2012

Categories and Ranking

Microsoft Defender XDR

Ranking in Endpoint Detection and Response (EDR)

5th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Extended Detection and Response (XDR) (5th), Microsoft Security Suite (2nd)

Qualys Multi-Vector EDR

Ranking in Endpoint Detection and Response (EDR)

71st

Average Rating

8.0

Number of Reviews

Ranking in other categories

Network Detection and Response (NDR) (25th)

Featured Reviews

Desray Liu

Project Manager at Freedom Systems Inc.

Nov 28, 2023

A time-saving and easy-to-integrate product that needs to offer a control center to users

As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.

Read full review

reviewer1668453

Director, Security Innovation at a insurance company with 10,001+ employees

Nov 24, 2021

Provides contextual alerts and risk ratings on findings

It's kind of difficult to quantify areas for improvement. In the larger picture, one challenge is that the NDR space is very crowded today. I can mention half a dozen names just off the top of my head. There are at least 12 to 20 different players. All of them are well-known brand names, and it's difficult to compare them. They all claim to be giving you the same network difference capability: catching malware, dealing with all the minor taxonomy of attack, all that. Still, it's very difficult to compare them side by side because they all do things a little differently, and they all have different presentations and output. We haven't deployed it, so I can't give you what we felt about it exactly. But in the larger perspective, the critical feature is really giving a clear separation between a low, high, and medium criticality. You need a rating that is really true to the actual attack. There's one other capability we are evaluating them for, and it's for custom alerts detection. A lot of these products are trying to profile the threats that are already out there in the industry. They're very well known and published. Today, there are targeted acts being played against organizations, so you have to be sensitive to how your firewalls, protocols, and your HTTP are all operating. You might have some fine-tuned threats that are targeting you, and you should be able to build custom defenses. They should have some openness in terms of how you specify your threats. You get a standard library of threats. On top of it, every organization builds its own.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable aspect is undoubtedly the exploration capability"

"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."

"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."

"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."

"Microsoft 365 Defender is simple to upgrade."

"Advanced hunting is good. I like that. We can drill down to lots of details."

"The most valuable features are spam filtering, attachment filtering, and antivirus protection."

"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."

More Microsoft Defender XDR pros

"They can provide you very contextual alerts on if something bad is happening—coming into your network or going out of your network. As part of that, they gather a lot of threat intelligence and map your connections against that. The larger benefit is that they give you a risk rating on their findings."

Cons

"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."

"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."

"Defender's AI for identifying suspicious activity could be improved. Also, I do a lot of home updates. Maybe there is a way to set it up faster. For example, let's say that I want to automatically update seven computers, servers, etc. I wouldn't do it to a user, but maybe the server. I don't mind if the server restarts automatically."

"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."

"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."

"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."

"The solution does not offer a unified response and standard data."

"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."

More Microsoft Defender XDR cons

"My challenge is actually comparing offerings from different vendors across a threat spectrum that is very large. We are talking about millions of threats. How are you confident that Blue Hexagon is catching all one million of them and Palo Alto is doing the same thing? They all have their strengths. Within that, Blue Hexagon might cover 990,000 of them. Palo Alto might cover another 990,000. It's a bit difficult to compare them and say, "Oh, are they catching the same 990,000?" I don't know."

Pricing and Cost Advice

"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."

"Microsoft Defender XDR is included in our license."

"The licensing fee for Microsoft 365 Defender is fair."

"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."

"Microsoft Defender XDR is already included in our Office 365 licensing. It is better because we're saving money by using it."

"Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."

"We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."

"The price of the solution is high compared to others and we have lost some customers because of it."

More Microsoft Defender XDR pricing and cost advice

"It's difficult to state the setup cost. All the NDRs range anywhere between $500,000, plus or minus, to $2 million. There's a spread of pricing here, depending on who you are talking to. Obviously the major brand names want more money. They typically bundle it with their other offerings. With Cisco, for example, you don't just buy an NDR. So, typically it gets rolled into the cost."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

813,418 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

Manufacturing Company

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing is reasonable. It's cheaper than other options.

See all answers

What needs improvement with Microsoft 365 Defender?

The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...

See all answers

Ask a question

Earn 20 points

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 38% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 9% of the time

Wazuh vs Microsoft Defender XDR

Compared 8% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 5% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

Code42 Incydr vs Qualys Multi-Vector EDR

Compared 69% of the time

CrowdStrike Falcon vs Qualys Multi-Vector EDR

Compared 31% of the time

More Qualys Multi-Vector EDR Competitors

Product Reports

Buyer's Guide

Microsoft Defender XDR

October 2024

Download Microsoft Defender XDR product report

Buyer's Guide

Endpoint Detection and Response (EDR)

September 2024

Download Qualys Multi-Vector EDR product report

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Blue Hexagon

Learn More

Microsoft

Qualys

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Qualys Multi-Vector EDR is designed for real-time threat detection and response, offering comprehensive visibility into potential security breaches across endpoints.

This solution integrates seamlessly with other Qualys modules, facilitating automated workflows that streamline incident management and enhance efficiency in monitoring and mitigating cyber threats. With features like real-time monitoring, detailed reporting, and proactive alerting, security teams can quickly identify and address vulnerabilities. While appreciated for its scalability and ease of deployment, users suggest improvements in integration, reporting, and configuration to further enhance its capabilities.

What are the key features of Qualys Multi-Vector EDR?

Real-time Threat Detection: Continuously monitors endpoints to detect potential threats immediately.
Seamless Integration: Integrates with other Qualys modules and existing systems for streamlined operations.
Automated Response: Automates incident response workflows to enhance efficiency and reduce manual tasks.
Detailed Reporting: Provides in-depth reports to support proactive security measures and quick remediation.
Scalability: Suitable for businesses of varying sizes due to its scalable architecture.

What are the benefits and ROI to look for when evaluating Qualys Multi-Vector EDR?

Enhanced Security: Comprehensive threat detection ensures robust security measures.
Improved Efficiency: Automated workflows save time and reduce manual intervention.
Quick Remediation: Real-time alerts and detailed reports facilitate swift vulnerability mitigation.
Cost-effective Deployment: Scalable and resource-efficient architecture suitable for businesses large and small.

Qualys Multi-Vector EDR is implemented across industries such as finance, healthcare, and retail, where real-time threat detection and automated response are critical. Its ability to integrate with existing systems and provide detailed reporting makes it a valuable asset for enhancing cybersecurity measures in diverse environments.

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Pacific Dental Services, Greenhill and Co, Heffernan Insurance Brokers

Buyer's Guide

Endpoint Detection and Response (EDR)

September 2024

Download Free Report

Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Endpoint Detection and Response (EDR). Updated: September 2024.

DOWNLOAD NOW

813,418 professionals have used our research since 2012.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.