We performed a comparison between Microsoft Defender XDR and Microsoft Purview Information Protection based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"The most valuable feature is the network security."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"We can restrict access or specify who can see sensitivity labels, which can be based on the classification level. We can encrypt restricted content and limit who can see that from an internal view, too, so Purview is a powerful tool."
"It ensures that sensitive data is automatically safeguarded, even for email attachments, regardless of the user or device."
"The UI is user-friendly, and I have observed that it improves further each year."
"Before using it, we had a lot of unlabeled data, and the tool helped us quickly and accurately label a large number of documents."
"Incorporating data loss prevention capabilities built into the Microsoft platform to endpoints, such as Windows 10 and Windows 11 computers, can also help prevent data loss and is highly advantageous."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"There is potential for more integration in the use of AI."
"Microsoft Purview Information Protection can improve in terms of scan concurrency and scan processing time."
"There is room for improvement with the policy tips feature."
"Microsoft can improve the affordability of Purview Information Protection by offering it at a lower cost."
"Our primary concern is third-party application visibility. Many people choose other DLP tools, as they can search the Office 365 suite and detect sensitive information across thousands of other apps. The product is weak compared to the competitors on the DLP front, but the classification is good; the tool needs a bit more maturation."
More Microsoft Purview Information Protection Pricing and Cost Advice →
Microsoft Defender XDR is ranked 1st in Microsoft Security Suite with 82 reviews while Microsoft Purview Information Protection is ranked 19th in Microsoft Security Suite with 5 reviews. Microsoft Defender XDR is rated 8.4, while Microsoft Purview Information Protection is rated 7.8. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Microsoft Purview Information Protection writes "Provides protection across multiple environments, can classify data and represent it graphically, and has the option for customer-managed teams to encrypt and manage data". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Cisco SecureX, whereas Microsoft Purview Information Protection is most compared with Microsoft Purview Data Governance, Varonis Platform, BigID, Informatica Axon and Securiti. See our Microsoft Defender XDR vs. Microsoft Purview Information Protection report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.