Microsoft Defender XDR vs Secureworks Taegis XDR comparison


Comparison Buyer's Guide

Executive Summary

Categories and Ranking

Microsoft Defender XDR
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Microsoft Security Suite (1st)
Secureworks Taegis XDR
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
No ranking in other categories

Mindshare comparison

As of July 2024, in the Extended Detection and Response (XDR) category, the mindshare of Microsoft Defender XDR is 11.2%, up from 6.3% compared to the previous year. The mindshare of Secureworks Taegis XDR is 1.3%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
Unique Categories:
Endpoint Detection and Response (EDR)
Microsoft Security Suite
No other categories found

Featured Reviews

Jun 7, 2024
Good incident graphs and vulnerability scanning but AI needs to improve
I like the attack graph of each incident. It's really handy, and there's a summary. For example, you can see what had happened with a timeline. And if you go to investigate, the evidence will be there, including the users and devices. Co-pilot is integrated there as well. With just one click, you have a summary of what to do and the next steps. For young analysts, it is quite helpful. You can have security administrators or global administrators. You can set up different permission structures outside of Defender. The solution's security extends or covers more than just Microsoft technologies. Linux machines can be used, for example. It is possible to install an agent for Linux so you can monitor also Linux machines. Apart from having everything within the same console, you have alerts. The attack disruption capabilities positively affect our security operations. We can integrate with third parties. If an email comes in with a file attached, Microsoft's intelligence would be able to tell if it's a phishing scam, and it can automate the deletion. We do educate and train our users, however, it provides an extra security layer that catches suspect emails. It reduces the risk of users accidentally clicking on phishing emails. The solution adapts to evolving threats. It's a next-generation solution. The machine learning and AI are integrated. With the help of machine learning, it can block quite a bit of suspicious activity. It offers multi-tenant capabilities. We have four different tenants, and for each, we have a different console, so I don't directly deal with multi-tenant capabilities; however, it is possible. We do use the solution with a variety of others. We haven't reduced the number of other products we use for security. However, it's quite handy. It blocks a lot of malicious attempts. Nothing really gets by it. The automatic incident response and protection have kept us very safe, even though we do have other backups there on offer as well. We've saved a lot of time with the automated detection. It reduces the time we need to respond and react. We've saved maybe 30% to 40% of the typical amount of time it would take, thanks to automation. For example, if there is, a phishing email goes to the XDR if we had to do an analysis and a report, that alone might take 20 minutes to an hour. Then, we have to remediate, delete and block. With automation, we can save those 20 minutes to an hour. The process is automatic, so we don't have to manually do it. Also, if you have a bunch of suspicious domains or IPs, it will take time to manually go through everything, one by one. However, we can automate the blocking process and save ourselves a lot of time.
Feb 20, 2024
It's a complete solution package
More from the perspective of SOC to ensure that every endpoint is taken care of from a cybersecurity perspective. It's a complete solution package When I go into the portal, I can see how many endpoints are enrolled or how many of them are active in place. I can see the current number of threats…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"I like Defender XDR's reports and alerts. They give you updates about the latest hotfixes and zero-day vulnerabilities, which gives me all the information I need to maintain my servers."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Microsoft 365 Defender is simple to upgrade."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Microsoft 365 Defender is a stable solution."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The initial setup was straightforward."
"It's a complete solution package."


"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"Stability could be improved by avoiding frequent changes to the interface."
"The support team is not competent or responsive."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The pricing could be improved."
"We found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules."

Pricing and Cost Advice

"Microsoft Defender XDR's licensing is complicated."
"The solution is affordable, and we haven't been hit with any hidden costs. The subscription model is straightforward, and it's easy to understand how much additional features cost. If we need to cancel a license or feature, we do that well in advance to avoid being charged for it, but overall, the pricing and licensing are simple and easy."
"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."
"Defender plan 1 is tenant-wise, and Defender plan 2 is per-user, which makes it more expensive. To have certain features, you would need to purchase the E5 license. For all of the capabilities that the tool provides, the price, though it can be high, is fair."
"The license cost for a year is approximately forty-four thousand, and this annual saving is a significant factor in our decision to switch."
"Microsoft Defender XDR is included in our license."
"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."
"I believe that the pricing of the licensing is fair."
"The pricing is six out of ten."
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
792,098 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Computer Software Company
Financial Services Firm
Manufacturing Company
Computer Software Company
Financial Services Firm
Manufacturing Company

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What needs improvement with Microsoft 365 Defender?
Just like in any solution, the price can always be cheaper.
What needs improvement with Secureworks Taegis XDR?
Initially, we found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules. This functionality, available in the Cortex XDR platform, wasn't p...
What is your primary use case for Secureworks Taegis XDR?
More from the perspective of SOC to ensure that every endpoint is taken care of from a cybersecurity perspective. It's a complete solution package.

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
No data available



Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Information Not Available
Find out what your peers are saying about Microsoft Defender XDR vs. Secureworks Taegis XDR and other solutions. Updated: May 2024.
792,098 professionals have used our research since 2012.