We performed a comparison between Microsoft Defender XDR and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"This is stable and scalable."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The stability is very good."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Ability to get forensics details and also memory exfiltration."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The integration with other Microsoft solutions is the most valuable feature."
"When you download the executable file from the internet, it automatically sandboxes to make sure it's not doing anything incorrectly."
"WatchGuard Threat Detection and Response is a reliable solution."
"The tool provides automated responses."
"I like WatchGuard's network segmentation features. It's easy to configure user policies."
"The most valuable feature is the correlation of logs from different devices."
"WatchGuard is very user-friendly. It provides us with all of the security services we need."
"The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
"The interface is very good."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I haven't seen the use of AI in the solution."
"The only minor concern is occasional interference with desired programs."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The dashboard isn't easy to access and manage."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The price should be adjustable by region."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The reporting isn't so good. If they worked to improve this aspect of the solution, it would be much stronger."
"When it comes to live-monitoring, the user-interface could be improved to make things easier."
"The interface is not the best."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"The solution is a bit confusing and there are unusual complications with setup."
"The website must provide more information on the product."
"The ease of detecting where an issue is should be improved."
"I'd like a few extra features, especially around threat severity assessment."
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 80 reviews while WatchGuard Threat Detection and Response is ranked 26th in Endpoint Detection and Response (EDR) with 12 reviews. Microsoft Defender XDR is rated 8.4, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Cortex XDR by Palo Alto Networks, whereas WatchGuard Threat Detection and Response is most compared with CrowdStrike Falcon, Darktrace, Trend Vision One, SentinelOne Singularity Complete and Huntress. See our Microsoft Defender XDR vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
