Microsoft Defender XDR vs Trellix XDR comparison

"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."

"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."

"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."

"The incident-level visibility across the cyber attack chain when using Microsoft Defender XDR is great."

"The unified view of the threat landscape on a central dashboard is the most valuable feature."

"One of the most valuable features of Microsoft Defender XDR is its ability to provide preemptive reports regarding excessive privileged access."

"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."

"On the Windows side, Microsoft Defender XDR is definitely integrated into the operating system. Once we have it on the security dashboard, we can see a real-time storyline."

"The analytics assessment and flexibility of the platform are valuable."

"It contributes to our system's robust event detection and analysis, enabling us to respond effectively to incidents."

"Trellix XDR is an excellent solution that is continually improving."

"Microsoft could improve on threat hunting and build more on threat detection and handling."

"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."

"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."

"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."

"The support team is not competent or responsive."

"Intrusion detection and prevention would be great to have with 365 Defender."

"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."

"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."

"The platform should enhance compatibility with all other SIEM solutions."

"Technical support is crucial, especially when facing critical issues. It's rated six out of ten. Improvements are needed in the support sector, with a focus on providing expert assistance during production periods."

"The EdgeGear solution is an area that requires attention, specifically regarding AI solutions and intelligence features."

"It is 15 dollars per server per month. It is worth it, but it can be costly. It depends on the company's size."

"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."

"The product is fairly priced for what we get from it."

"The price of the solution is high compared to others and we have lost some customers because of it."

"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."

"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."

"Defender XDR is included in the E5 license, but it's a bit too expensive."

"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."