Microsoft Defender for Office 365 and Defender for Identity both compete in the cybersecurity space, focusing on email and identity protection. Defender for Office 365 seems stronger in email and information protection while Defender for Identity offers comprehensive identity security.
Features: Microsoft Defender for Office 365 provides anti-phishing, data loss prevention, and integrates with Microsoft's cloud infrastructure, delivering visibility into threats and simplifying threat management. Defender for Identity excels with advanced threat detection, monitoring in hybrid environments, and strong identity protection, integrating seamlessly with other Defender products to fortify security architectures.
Room for Improvement: Defender for Office 365 requires better multi-OS support and improved handling of non-Microsoft file types. Users call for enhanced threat detection in emails and simpler configuration. Defender for Identity needs improved integration for streamlined operations, better anomaly detection, and enhanced threat detection for on-premises setups.
Ease of Deployment and Customer Service: Microsoft Defender for Office 365 is versatile, supporting deployment in hybrid and public cloud environments. Documentation can be improved, though strong community support exists. Customer service experiences vary, with mixed reviews on response times. Defender for Identity mirrors this with similar deployment capabilities and support discrepancies impacting user satisfaction.
Pricing and ROI: Microsoft Defender for Office 365 is packaged with Office 365, complicating standalone pricing assessments, yet users find value in its bundled nature. Defender for Identity, often included in higher-tier Microsoft 365 licenses, is seen as cost-effective relative to other SIEM solutions. Both products are recognized for delivering substantial ROI, particularly in threat detection and data protection, with varying investment levels based on organization size and licensing agreements.
It has also decreased our time to detection and response by about 15 to 20 percent.
Overall, cost of owning and operating our system goes down.
It's hard to quantify the return on investment we've seen from Microsoft Defender for Office 365.
Generally, the support is more effective than other providers like Oracle.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
The people I normally use for support are very knowledgeable, especially when they help remote in and get to where I need to go and show me much faster and help me understand what I should be doing.
Over the past two years, there have been no critical problems.
we opened tickets, and they typically resolve them quickly.
With a subscription for Microsoft Defender for Office 365, it is an eight. Without it, it is a six.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
We have never faced scalability problems, and Microsoft manages it effectively.
Microsoft Defender for Office 365 scales transparently for us, as we grew from 1,000 users to 3,000 users, and we didn't notice much difference.
Microsoft Defender for Office 365 scales with the growing needs of my company well.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
We do not see any issues with the stability of Microsoft Defender for Identity.
Having recently started using it, reliability is affirmed, but manual investigation is often performed to verify if alerts identified by auto-remediation are accurate.
I would rate the stability of Microsoft Defender for Office 365 as 10 over 10 because it's highly available, it works, and it does the job it is meant to do.
I have not experienced any downtime, crashes, or performance issues because of Defender.
The solution is stable, as we have been using it for the past two years.
If Microsoft could develop a feature that indicates when impossible travel is caused by VPN connections, it would prevent unnecessary password resets and session disruptions, especially for VIP users in organizations.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
Reducing false positives is something we've been working on with Microsoft.
The main area for improvement is simplifying the implementation and rollout process.
Microsoft could improve by offering recommendations for domain spoofing attacks, especially scenarios where DNS records like SPF, DKIM, and DMARC are not properly published.
There is a different console for different things; I just want one consolidated console.
If they can reduce the costs, organizations will be happy, and it will compensate for using the Azure environment, which is more expensive on the infrastructure as a service side.
Ensuring a fair price according to market standards.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
We've likely saved 30% of costs.
Money-wise, it is a part of the Office 365 suite, making it slightly more expensive compared to Trend Micro.
Microsoft is quite affordable with a lot of features available for any size organization.
We receive an advance report of risky users, allowing us to take preemptive action before an attack causes damage to organization details.
The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect.
The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks.
It ranks the threats and allows us to prioritize those hitting us the hardest, such as email threats.
It provides end-to-end visibility on email threats such as phishing, extending beyond Exchange Online Protection.
The value of the DLP feature is significant to us because we have internal data, sometimes sensitive, and the users may not always be aware of security and privacy, which might lead them to send out information mistakenly to external parties.
| Product | Market Share (%) |
|---|---|
| Microsoft Defender for Office 365 | 9.7% |
| Microsoft Defender for Identity | 4.5% |
| Other | 85.8% |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 4 |
| Large Enterprise | 14 |
| Company Size | Count |
|---|---|
| Small Business | 23 |
| Midsize Enterprise | 10 |
| Large Enterprise | 31 |
Microsoft Defender for Identity offers real-time threat detection and protection for hybrid Active Directory environments. It integrates with Microsoft 365 components for seamless security and monitors advanced behaviors, enhancing identity protection across cloud and on-premises environments.
Microsoft Defender for Identity provides detailed threat insights and user behavior analytics to detect unauthorized access and notify anomalies. It allows setting custom detection rules, enhancing threat response automation. While it needs improvements in cloud security, SIEM integration, and access controls, users leverage its ability to mitigate identity threats like suspicious logins and ransomware. Enhanced integration with Microsoft security products ensures a coordinated threat response for identity control and privilege management.
What are the key features of Microsoft Defender for Identity?In specific industries, organizations implement Microsoft Defender for Identity to secure on-premises and hybrid Active Directory environments through user and entity behavior analytics, malicious activity detection, and integration with Microsoft security tools. This approach enhances security posture assessment and helps mitigate identity threats like identity harvesting and unauthorized access.
Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.
With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.
This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.
Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.
Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
