Buyer's Guide
Security Information and Event Management (SIEM)
February 2023
Get our free report covering Microsoft, Palo Alto Networks, Cisco, and other competitors of Microsoft 365 Defender. Updated: February 2023.
687,256 professionals have used our research since 2012.

Read reviews of Microsoft 365 Defender alternatives and competitors

Cyber Security Analyst at a consultancy with 10,001+ employees
Real User
Top 20
Easy to maintain with advanced protection and helpful support
Pros and Cons
  • "We can scale the product as needed."
  • "We'd like to see a few more integrations."

What is our primary use case?

We primarily use the solution for the XDR.

We have integrated this with all of our endpoints. Basically, we are using it for incident response. We have a SOC team here, so we are using it in a SOC and the Workload solution. For two or three months, we have been migrating to Workload Security. It is mainly for incident response.

What is most valuable?

We are able to observe attack techniques and targeted attack detection. 

We need to explore more on it since it is still a new product for us. 

It is quite advanced, and it can help us protect our organization against threats. The targeted threat detection is great.

My understanding is the initial setup is pretty straightforward. 

The solution has been stable. 

We can scale the product as needed. 

Technical support is helpful.

It is easy to maintain. 

What needs improvement?

We'd like to see a few more integrations. Specifically, we'd like to see more IOC integration tools. 

We haven't implemented the automation piece just yet; however, we will go through that soon. We just need more time to see how it all works. 

For how long have I used the solution?

I've been using the solution for six or seven months. 

What do I think about the stability of the solution?

This solution seems to be pretty stable so far. I haven't come across any issues. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

The product is scalable. When we started, we had a few agents and very few endpoints. At this point, we've integrated with most of them. We haven't seen any issues as we've scaled up.

How are customer service and support?

Support has been quite helpful overall. We've dealt with them multiple times, and they have always been helpful. We tend to get the help we need within two or three hours. They ask many questions and get down to solving the problem at hand. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I also work with Microsoft Defender. 

We were using OfficeScan and ApexOne as well. 

We decided to work with this product as it had a good reputation.

How was the initial setup?

While I wasn't directly involved with the setup, my understanding is it was straightforward. I do not recall hearing about any complexities coming up. The deployment itself took a few months.

In terms of maintenance, we do get hotfixes every once in a while. It's pretty simple to maintain. 

What about the implementation team?

Trend Micros assisted our team with the setup process. However, it was mostly handled in-house. 

What's my experience with pricing, setup cost, and licensing?

I can't speak to the exact cost.

What other advice do I have?

I'm an end-user. We are using the latest version of the solution. 

The support is pretty good. It is really straightforward. It is very easy to understand, and therefore, I highly recommend the solution.

I'd rate the solution nine out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Sathya Paul - PeerSpot reviewer
Director Of Information Technology at TollPlus LLC.
Real User
Top 10
An AI-driven solution that self-activates to find issues and provide alerts
Pros and Cons
  • "The solution is silent and sits on your system as one single agent."
  • "Technical support could be better than what is currently offered."

What is our primary use case?

Our company's line of business includes financial transactions with an insurance policy that requires EDR protection. Compliance is part of our policy and agreement with customers. 

We currently have 1,100 users of the solution. 

What is most valuable?

The solution is silent and sits on your system as one single agent.

Only one or two MB of memory are consumed which is much less than other products. 

The solution is AI-driven so it self-activates to find issues and provide alerts or notifications rather than running all the time.

The portal is very user-friendly so it is not difficult to manage. 

The solution doesn't require system restarts. That is one disadvantage of Symantec or Kaspersky because they require restarts when you uninstall or reinstall. 

What needs improvement?

Technical support could be better than what is currently offered. 

For how long have I used the solution?

I have been using the solution for three months. 

What do I think about the stability of the solution?

The solution is stable with no issues. 

We have only used the solution for three months so will continue to monitor stability for the next several months. 

I rate stability an eight out of ten. 

What do I think about the scalability of the solution?

The solution is scalable. We do not yet have the requirement to take an in-depth look at scalability. 

I rate scalability an eight out of ten. 

How are customer service and support?

Technical support could be better because there are ownership issues. 

For example, when you raise a support case there is not much communication between the account manager and support. The account manager is supposed to own the case but instead is disconnected from it. 

I rate support a six out of ten. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used Symantec and Kaspersky. 

How was the initial setup?

The setup is pretty easy to walk through without much trouble. 

I rate setup an eight out of ten. 

What about the implementation team?

We utilized a third-party for implementation. They helped us with the admin console, training, and the pilot setup that we eventually took over. Our internal team included two security staff and four support staff.

We were moving from Symantec and Kaspersky. We targeted our servers first because Symantec is difficult to uninstall and there is an interim process for removal. Once completed, we installed the solution. 

It took about two months to complete implementation across all systems. 

What was our ROI?

We did our homework in advance for cost or other things to calculate ROI. The solution met our expectations so ROI is rated a seven out of ten. 

What's my experience with pricing, setup cost, and licensing?

The pricing is competitive and includes all features and support.

I rate pricing an eight out of ten. 

Which other solutions did I evaluate?

We evaluated Microsoft Defender, Sophos, Symantec, and Trend Micro before choosing the solution. 

What other advice do I have?

I recommend using the solution and rate it an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Security Information and Event Management (SIEM)
February 2023
Get our free report covering Microsoft, Palo Alto Networks, Cisco, and other competitors of Microsoft 365 Defender. Updated: February 2023.
687,256 professionals have used our research since 2012.