Share via

Differences between Microsoft Defender XDR and Sentinel

mara7 226 Reputation points
2023-12-12T06:56:53.72+00:00
  1. I wonder differences between Microsoft Defender XDR and Sentinel
  • I understand that Microsoft Defender XDR consolidates security alerts (including Cloud Defender, Identity Defender, Endpoint Defender, etc.).
  • While Sentinel can use various connectors for security analysis and correlations, does XDR just connect Defenders? or does they also can analysis correlation?

Is it accurate to say that XDR cannot perform correlation analysis and only provides a dashboard for a quick overview of security alerts?

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Microsoft Security | Microsoft Sentinel

Answer accepted by question author

Clive Watson 7,951 Reputation points MVP
2023-12-12T09:11:43.31+00:00

Hello, The new unified portal, Microsoft Defender XDR when enabled, does show a consolidated view of all Alerts from any Defnder product + Microsoft Sentinel.

You can then use Advanced Hunting to correlate / join the data from Microsoft Defender based sources with Microsoft Sentinel for example.

Was this answer helpful?

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.