Microsoft Defender for Endpoint and Microsoft Defender for Identity compete in the cybersecurity category. Defender for Endpoint seems to have the upper hand due to its comprehensive integration with Microsoft 365 and wide deployment versatility.
Features: Microsoft Defender for Endpoint offers antivirus and anti-malware capabilities, threat analytics, and integration with Microsoft 365. Microsoft Defender for Identity focuses on identity protection using hybrid artificial intelligence to secure identities and prevent unauthorized access.
Room for Improvement: Microsoft Defender for Endpoint could improve its user interface, reduce the frequency of updates to conserve system resources, and enhance integration with non-Microsoft products. Microsoft Defender for Identity needs to provide more detailed threat analysis data, better handle false positives, and improve integration with other security products.
Ease of Deployment and Customer Service: Microsoft Defender for Endpoint supports versatile deployment environments, including on-premises, public, private, and hybrid clouds. It is complemented by mixed reviews on customer service. Microsoft Defender for Identity is limited primarily to public and private clouds, which may be less flexible for some, and similarly has varied customer service experiences.
Pricing and ROI: Microsoft Defender for Endpoint offers flexible pricing, particularly benefiting Microsoft 365 E5 license holders, thus enhancing ROI with reduced dependency on additional security products. Microsoft Defender for Identity, included in the E5 suite, provides cost-effective ROI by mitigating identity breaches, though it may appear pricier as an add-on outside a comprehensive suite.
The return on investment is primarily in time savings and better observability of what's happening.
The level-one support seems disconnected from subject matter experts.
I rate Microsoft support 10 out of 10.
Due to our size, we don't have access to direct technical support, but the knowledge base, Microsoft Learn, and the articles available are really good.
Generally, the support is more effective than other providers like Oracle.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
We managed to scale it out in a short amount of time, with two months of planning and three months of implementation on 10,000 computers.
Microsoft Defender for Endpoint is scalable enough to handle various devices across environments, whether they are laptops, Android devices, or operating in hybrid environments.
It's pretty easy to scale with Microsoft, as they make it easy if you look into the documentation.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
I haven't seen any outages with Microsoft.
I rate Defender 10 out of 10 for stability.
Defender for Endpoint is extremely stable.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
Repeated interactions are necessary due to Level One's lack of tools and knowledge, hindering efficient problem-solving and negatively impacting our experience with Microsoft support.
We use Microsoft partners to help govern the platform, and as part of an alliance, we want to gather data from each tenant and combine them for a complete view.
Providing more detailed information on how Microsoft Defender for Endpoint detects vulnerabilities.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
Reducing false positives is something we've been working on with Microsoft.
There is room for improvement in delivering knowledge to technical users, especially regarding what we can gain from the solution and how to apply it.
Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs.
It costs $15 per VM for the P2 plan, which is seen as affordable for customers.
The pricing, setup, and licensing were very easy and simple.
Ensuring a fair price according to market standards.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
Defender for Endpoint's coverage across different platforms in our environment is pretty good. We have devices running Linux, Mac OS, Windows, iOS, and Android. It covers all of them.
Microsoft Defender for Endpoint provides a unified management interface allowing customers to manage their on-premises and hybrid infrastructures from a single pane.
Web filtering is the most valuable feature of Microsoft Defender for Endpoint because it effectively maintains security for website access.
The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect.
The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks.
The most valuable features of Microsoft Defender for Identity include its automatic remedies, possibilities for avoiding incidents, the privilege manager, and the generation of logs that facilitate a safer environment.
Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.
With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.
Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.
Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.
Microsoft Defender for Identity integrates with Microsoft tools to monitor user activity, providing advanced threat detection and analysis using AI. It enhances proactive threat response and security visibility, making it essential for securing on-premises and cloud environments like Active Directory.
Microsoft Defender for Identity offers comprehensive monitoring and AI-driven user behavior analysis. It detects threats through real-time alerts and identifies lateral movements and entity tagging, ensuring robust security management. With excellent visibility via its dashboard, it supports customized detection rules and seamlessly integrates with SIEM platforms. While SecureScore and SecureScan provide robust environment security, there is room for improvement in cloud security, on-premises application integration, and remediation capabilities. Azure integration is limited, and the administrative interface could be more user-friendly. Users experience frequent false positives, affecting threat detection efficiency.
What key features stand out in Microsoft Defender for Identity?In specific industries such as education and finance, Microsoft Defender for Identity is crucial for securing on-premises Active Directory and Azure Active Directory environments. It effectively detects suspicious activities and manages conditional access policies, offering user and entity behavior analytics, endpoint detection and response capabilities. This helps prevent unauthorized access and strengthens overall security, making it an invaluable asset for organizations aiming to safeguard their digital infrastructure.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.