Try our new research platform with insights from 80,000+ expert users

Microsoft Defender XDR vs Symantec Endpoint Detection and Response comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender XDR
Ranking in Endpoint Detection and Response (EDR)
5th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
101
Ranking in other categories
Extended Detection and Response (XDR) (3rd), Microsoft Security Suite (3rd)
Symantec Endpoint Detection...
Ranking in Endpoint Detection and Response (EDR)
28th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Microsoft Defender XDR is 2.9%, down from 4.3% compared to the previous year. The mindshare of Symantec Endpoint Detection and Response is 0.5%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Gabor Nyerd - PeerSpot reviewer
Includes four services and four products, which can help organizations a lot
We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.
YusufAhmed - PeerSpot reviewer
Easy to use and competitively priced
Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product. The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Defender is easy to use. It has a nice console, and everything is all in one place."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"Microsoft Defender XDR has significantly improved our operational security."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"What I like most about the product is its all-in-one solution. With Microsoft Defender XDR, we get coverage for various aspects like endpoint security, cloud security, and image-related cases, all within a single platform. This eliminates the need for multiple products or technical controls to address incidents. The main benefit became evident immediately after deployment, especially in its ability to analyze files and phishing emails quickly. By submitting suspicious files or emails, we receive quick results on whether they are legitimate, suspicious, or malicious, saving time."
"The most valuable aspect is undoubtedly the exploration capability"
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The most valuable features of the solution are that it is easy to use and has good support."
"The pricing is good."
"IPS and the user interface are good features."
"The interface is quite easy to use."
"The setup is quite easy."
"The solution does its job with no issues."
"The most valuable features of Symantec Endpoint Detection and Response are its immediate response and investigation."
"The most valuable feature of Symantec Endpoint Detection and Response is its ability to conduct large scans on the endpoints without affecting the network."
 

Cons

"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"Intrusion detection and prevention would be great to have with 365 Defender."
"I do think that maybe having a feature within my organization where there are three different domains within which we have to operate would be helpful, as there is currently no unified view within the domains."
"Sometimes, configurations take much longer than expected."
"The solution does not offer a unified response and standard data."
"The support team is not competent or responsive."
"The initial time spent setting up and configuring Defender XDR is a bit longer than the other solutions. If everything were on one portal, the platforms for managing policies or alerts would be simpler. We must automate and manage policies on Intune rather than the same portal."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface."
"It would be beneficial to have more integration and compatibility with other platforms."
"The Symantec portfolio is not big enough to cover the organization in all 360 degrees."
"I would like to see better scanning capabilities."
"It would be nice to see more granular timeline analysis."
"The interface is very complicated."
"Technical support is not as good as we expect, and resolving problems should be more timely."
"In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial."
 

Pricing and Cost Advice

"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."
"Microsoft purposely makes its license combinations complex and includes combinations like Microsoft 365 E3 and Microsoft 365 E5, Office 365 E3, Office 365 E5, and Office 365 E1, so you get confused. Microsoft tries to sell you a bundle of a lot of things together."
"Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
"Purchasing Microsoft Defender XDR as part of a Microsoft 365 bundle can be cost-effective, but acquiring it as a standalone product may be more expensive."
"The license cost for a year is approximately forty-four thousand, and this annual saving is a significant factor in our decision to switch."
"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."
"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."
"With the little idea I have about the costs, I can say that XDR tools tend to be a bit expensive. If you are using Microsoft Defender XDR, then you need to go for a subscription-based pricing model."
"We pay around $100,000 for 5000 licenses every year."
"The price is really high and it should be lower."
"It's a yearly subscription."
"Symantec Endpoint Detection and Response is expensive."
"Compared to the tools of competitors, Symantec Endpoint Detection and Response is a cheaply priced product."
"The product is cheap."
"We are satisfied with the pricing."
"It is an expensive solution."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
861,803 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
8%
Manufacturing Company
8%
Government
7%
Computer Software Company
12%
Financial Services Firm
12%
Manufacturing Company
8%
University
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What is your experience regarding pricing and costs for Microsoft 365 Defender?
The pricing for Microsoft Sentinel operates on a pay-as-you-go model based on data ingestion. I recall that Defender XDR pricing is based on the number of endpoints.
What needs improvement with Microsoft 365 Defender?
For Microsoft Defender XDR ( /categories/extended-detection-and-response-xdr ), there is currently no ability to reset passwords for on-premises accounts, which is a key challenge. Incident managem...
What is your experience regarding pricing and costs for Symantec Endpoint Detection and Response?
I am not aware of the pricing details, as that falls under the management's responsibility.
What needs improvement with Symantec Endpoint Detection and Response?
There are several areas where Symantec Endpoint Detection and Response can improve, including shell features, web control, asset management, and device control. Specifically, the application contro...
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
No data available
 

Overview

 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Information Not Available
Find out what your peers are saying about Microsoft Defender XDR vs. Symantec Endpoint Detection and Response and other solutions. Updated: June 2025.
861,803 professionals have used our research since 2012.