No more typing reviews! Try our Samantha, our new voice AI agent.

Abnormal Security vs Microsoft Defender for Office 365 comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 3, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare One
Sponsored
Ranking in Email Security
20th
Average Rating
8.6
Reviews Sentiment
6.5
Number of Reviews
23
Ranking in other categories
Secure Web Gateways (SWG) (13th), Data Loss Prevention (DLP) (22nd), Cloud Access Security Brokers (CASB) (13th), Distributed Denial-of-Service (DDoS) Protection (9th), Software Defined WAN (SD-WAN) Solutions (12th), Access Management (11th), Bot Management (3rd), ZTNA as a Service (9th), ZTNA (4th), Secure Access Service Edge (SASE) (9th), Remote Browser Isolation (RBI) (3rd)
Abnormal Security
Ranking in Email Security
6th
Average Rating
9.4
Reviews Sentiment
7.5
Number of Reviews
11
Ranking in other categories
Secure Email Gateway (SEG) (4th)
Microsoft Defender for Offi...
Ranking in Email Security
2nd
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
61
Ranking in other categories
Email Archiving (1st), Advanced Threat Protection (ATP) (3rd), Microsoft Security Suite (8th), Secure Email Gateway (SEG) (2nd)
 

Mindshare comparison

As of July 2026, in the Email Security category, the mindshare of Cloudflare One is 1.7%, up from 1.5% compared to the previous year. The mindshare of Abnormal Security is 4.0%, down from 7.5% compared to the previous year. The mindshare of Microsoft Defender for Office 365 is 6.1%, down from 12.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Email Security Mindshare Distribution
ProductMindshare (%)
Microsoft Defender for Office 3656.1%
Abnormal Security4.0%
Cloudflare One1.7%
Other88.2%
Email Security
 

Featured Reviews

CV
Network Architect at IP Dimension
Cloud security has improved remote access and has reduced costs for smaller client sites
I have used Cloudflare One's Identity-Aware Proxy, and it is quite straightforward from what I have seen so far. The app registration on the Azure side integrates fully into Cloudflare, and I am very satisfied with that part because it is easy to set up. The integration of Cloudflare One's Secure Web Gateway and Zero Trust Network Access works without any issues. That part is pretty automatic, and if you complete the rest of the setup, it comes together by itself with no issues from my side. What makes it nice is that we can actually start replacing on-site firewalls at this stage for the smaller clients because it does not matter if they go to a coffee shop or work from home; they are still secured by the same connection. The hops get shorter and you get better latency. We have done testing to see if it is better. One thing that we did notice with our proof of concept with our current client is that they have people connecting from the UK. When they used their previous VPN solution, uploading CAD drawings and other files to the server took a long time. They mentioned that it is much quicker on Cloudflare One's solution. I definitely believe that is part of the improved performance, and I am satisfied with that as well. What is nice about Cloudflare One is that it makes the setup easier and also easier to train technicians to maintain it. Compared to legacy systems, we do not need to get fancy firewalls in place that are costly. That is definitely also a cost-saver with Cloudflare One.
reviewer2251509 - PeerSpot reviewer
Senior Director, Information Technology at a insurance company with 51-200 employees
AI has helped classify threat types more accurately but product ownership can improve
Ease of use is important, and Abnormal Security's responsiveness and ability to deliver solutions when issues arise are crucial. However, there is always room for improvement, as achieving a perfect 10 means there is no more room for enhancement. For Abnormal Security, it's about leveraging AI even more, which they are already working on in their roadmap.
Emeka Ndulu - PeerSpot reviewer
Cloud Solutions Architect at a tech services company with 201-500 employees
Improves threat visibility and response while reducing manual tasks and training users against phishing
I appreciate the attack simulation feature whereby I get to train users and educate them on how to identify phishing emails and spam emails, as well as the anti-spam protection. It gives me visibility into my threat environment and threat landscape to ensure that I am one step ahead of any likelihood of threats within my environment. I get to detect it and respond, so the threat intelligence is very effective. Microsoft security solutions save my time. It saves money because once I protect my environment, I don't lose money. It has decreased my detection time and my time to respond.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Using Cloudflare One makes my work quite easy because for DDoS protection, all I need to do is understand the OSI model and click; it makes it easier than trying to write a command line or use a Linux command."
"Cloudflare DDoS mitigates DDoS attacks."
"Enables me to work from two locations."
"The capabilities of the software are strong enough for me to do what it's supposed to do. For me, we don't need to do a lot of configuration on our site. We just enable it and monitor it."
"It is a stable solution."
"The solution has different options that can be used to differentiate DDoS attacks."
"We mostly use Cloudflare WAF, and gets basic Cloudflaire DDoS, caching as extra bonus . We like the factor these features are all integrated into 1 console, simple to manage."
"Cloudflare Access is part of the Zero Trust philosophy."
"Their ability to take things out of the mailbox and catch things much faster than users is excellent."
"I have never encountered any stability issues with Abnormal."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"It does some really cool stuff that other tools aren't doing. We found it to be really effective, and the AI/ML functionality is really what differentiates them."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"It protects us from being business email compromised, which is invaluable for maintaining our security."
"I like Abnormal's threat protection with auto-remediation, but I also love its abuse mailbox feature, which automatically responds to the end user. That feature has a super-valuable security component and helps improve the user experience."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the e-mail to the workstation itself."
"The two main features that prove most beneficial for us are URL scanning and attachment scanning."
"Microsoft Defender for Office 365 is a stable solution."
"It definitely is a must for email protection and O365 app DLP, and combined with Microsoft Defender for Endpoint, Microsoft Defender for Identity, and MCAS, it provides a holistic solution for threat protection, email protection, O365 apps protection, and DLP for both internal and external risks."
"My experience deploying Microsoft Defender for Office 365 was seamless."
"Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency."
"The product's scalability is good."
"Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links."
 

Cons

"For the topic of improvement, providing some training material is one of my suggestions."
"They don't have a person to provide support for customers using the solution under their free plan."
"Operating and tuning the product is difficult."
"When there are any dynamic changes in complex applications, the tool takes a lot of time, making its analytics-related area a major matter of concern where improvements are needed."
"From a logging perspective, it is still a bit difficult to see exactly what users are being blocked with the current views."
"Feedback could be enhanced."
"Feedback could be enhanced. While I work efficiently with Clover as a partner in Mexico City, sometimes the information and requests are easier to manage with more concrete solutions."
"The tool should provide on-premise versions. Currently, all versions are cloud-based."
"The biggest pain point for us is the lack of support for on-premise email systems."
"Abnormal should add more automatic reports. I have an open request to our account team for more notification and report types that can be sent automatically. For example, they have an awesome report that gets sent weekly, and I also want them monthly, so I don't need to do so much adding up when my director wants numbers over time."
"When we're working on something as engineers, and we find an idea or a method of doing something that would be greatly improved by doing it another way, there should be an ability for me to click the ideas button, type in an idea that I have, and submit it to a product review team or developers to have them think through the process a little bit more."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"One feature I'd love to see is outbound scanning."
"I, as such, do not have anything that I do not like or would like to add, but you could argue that because they are doing it API-based, there is a chance that something could slip through temporarily before they are able to pull it out. In theory, it could happen just because of the nature of the system. They are not in line with the delivery of the mail. They are kind of asynchronous, which is a pro as well as a con. If it is synchronous, then I know it would always stop them, but because it is asynchronous, things could get through temporarily or because of some system issues on the Microsoft side or their side. It is the nature of the beast, but it is a little bit of a con."
"I would like to have the ability to customize the auto-remediation feature."
"For Abnormal Security as a product, I would say probably somewhere around a seven, as there are some other areas where they can improve to achieve a higher rating."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"The XDR dashboard has room for improvement."
"We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email."
"If you look at other products, such as Wiz or Palo Alto's cloud, because they also have similar components in terms of how they protect cloud infrastructure or enable cloud security, Microsoft Defender for Office 365 is not up to that extent."
"Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once."
"We still see many false positives from time to time with Microsoft Defender for Office 365, so it would be good if we can reduce those false positives and provide better workflows for our end users, as sometimes they may not know what to do when they encounter a false positive."
"Sometimes, phishing emails manage to pass through the filter, so the system needs to enhance its phishing email detection capabilities."
"The UI needs to be more user-friendly."
 

Pricing and Cost Advice

"The prices are slightly expensive."
"The pricing of the solution is cheap. The licensing cost is also very low. I rate the cost and pricing a three out of ten."
"The solution's pricing lacks transparency."
"My company has to make yearly payments towards the licensing costs attached to the solution. There are no hidden charges apart from the licensing costs of the solution."
"Cloudflare Zero Trust Platform's pricing is good."
"The price tag is no longer $200,000, but rather $300,000 to $400,000. It's twice."
"The solution is not that expensive."
"The pricing is somewhere in the middle. I would rate the pricing a seven out of ten."
"Abnormal Security, on the other hand, provides the same level of functionality for just over $60,000 – that's half the price!"
"Overall, we'd certainly prefer lower pricing, but Abnormal Security doesn't seem unreasonable compared to similar offerings in the market."
"The license is based on the user count, so the number of users that have an email address in the organization."
"The pricing appears fair, and they demonstrate a genuine willingness to work with us on it."
"The license is expensive because the cost is based on the number of users."
"From the pricing point of view, like any other product in the market, there is scope for negotiation."
"It's a user-base subscription."
"Microsoft Defender is expensive. I typically recommend it only if clients have the budget. Otherwise, I would suggest an alternative."
"The pricing has become expensive."
"Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
"I was working in the government and it was too expensive for us to use our Microsoft products."
"The product is very expensive."
report
Use our free recommendation engine to learn which Email Security solutions are best for your needs.
903,118 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
19%
Comms Service Provider
10%
Financial Services Firm
9%
Manufacturing Company
8%
Financial Services Firm
10%
Computer Software Company
10%
Manufacturing Company
9%
Government
6%
Computer Software Company
12%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise1
Large Enterprise12
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise2
Large Enterprise8
By reviewers
Company SizeCount
Small Business24
Midsize Enterprise11
Large Enterprise32
 

Questions from the Community

What needs improvement with Cloudflare Zero Trust Platform?
In my opinion, Cloudflare One can be improved mainly through compatibility, as the integration should be much simpler...
What is your primary use case for Cloudflare Zero Trust Platform?
Cloudflare One's primary use case for my organization is to protect servers and to provide remote access with the VPN...
What is your experience regarding pricing and costs for Abnormal Security?
I find the pricing to be favorable, but I did not disclose the exact cost.
What needs improvement with Abnormal Security?
Ease of use is important, and Abnormal Security's responsiveness and ability to deliver solutions when issues arise a...
What is your primary use case for Abnormal Security?
The main use case for Abnormal Security is as a spam filter and for mail hygiene. This use case is for the finance in...
What is your experience regarding pricing and costs for Microsoft Defender for Office 365?
My experience with pricing, setup, and licensing is that it's actually quite reasonable even on the licensing side as...
What needs improvement with Microsoft Defender for Office 365?
I think Microsoft Defender for Office 365 can be improved by creating more educational pieces about not just looking ...
What is your primary use case for Microsoft Defender for Office 365?
My main use cases for Microsoft Defender for Office 365 include email hygiene.
 

Also Known As

Cloudflare Area 1 Email Security, Cloudflare Bot Management, Cloudflare Gateway, Cloudflare Zero Trust Platform, Cloudflare DDoS, Cloudflare SASE & SSE Platform
No data available
MS Defender for Office 365
 

Overview

 

Sample Customers

23andMe
Foot Lcoker, Xerox, Liberty Mutual, Mattel, Boston Scientific
Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
Find out what your peers are saying about Abnormal Security vs. Microsoft Defender for Office 365 and other solutions. Updated: June 2026.
903,118 professionals have used our research since 2012.