We performed a comparison between Microsoft Defender for Identity and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of our users had the same password for every personal and company account. That was a problem because she started receiving phishing emails that could compromise all of her accounts. Defender told us that the user was not changing their password."
"The feature I like most is that you can create your own customized detection rules. It has a lot of default alerts and rules, but you can customize them according to your business needs."
"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"It automates routine testing and helps automate the finding of high-value alerts."
"The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud."
"Defender for Identity has not affected the end-user experience."
"Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"The best thing about Active Directory is its compatibility. It works with lots of third-party vendors. We're using multiple products, and they're all integrated with our Active Directory."
"The most valuable feature of Microsoft Entra ID is its security options, where we can provide highly effective security for user accounts during authentication."
"Having access to Azure Active Directory on the cloud gives us speed and use of the latest technology. The application services are very good, such as GitHub."
"The ability to speed up ability is an asset."
"It's very good at not disrupting the user experience."
"The feature that I have found most valuable is its authentication security. That is Azure Active Directory's purpose - making cloud services' security and integration easier."
"Azure Active Directory provides access to resources in a very secure manner. We can detect which user is logging in to access resources on the cloud. It gives us a comprehensive audit trace in terms of from where a user signed in and whether a sign-in is a risky sign-in or a normal sign-in. So, there is a lot of security around the access to resources, which helps us in realizing that a particular sign-in is not a normal sign-in. If a sign-in is not normal, Azure Active Directory automatically blocks it for us and sends us an email, and unless we allow that user, he or she won't be able to log in. So, the User Identity Protection feature is the most liked feature for me in Azure Active Directory."
"I like Intune's MDM and MI."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"The solution could be better at using group-managed access and they could replace it with broad-based access controls."
"And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."
"An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate."
"There is no option to remedy an issue directly from the console. If we see an alert, we can't fix it from the console. Instead, we must depend on other Microsoft products, such as MDE. That is a significant drawback. It simply works as a scanner, which can sometimes put enough load on the sensors. Immediate actions should be possible from the dashboard because. It can prevent issues from spreading further."
"The technical support needs significant improvement. Documentation for more minor issues in the form of guides or walkthroughs could help to resolve this issue. The number of tickets raised would decrease, removing some pressure from the support team and making it easier to clear the remaining tickets."
"The tracking instance needs to be configured appropriately."
"We observe a lot of false positives. Sometimes, when we go for a coffee break, we lock our screens. Locking the screen has a separate Windows event ID and sometimes I see it is detected as a failed login."
"Azure Active Directory could improve the two-factor authentication."
"When it comes to Azure, creating certain things or getting different resources isn't very clear. You need a certain level of knowledge of the system. It could be a little bit more friendly so that some of the things can be done easily, but after everything is created, it's easy to use."
"I think something that is key would be the group policies replication over the cloud, in order to prevent or to avoid relying on the on-premise Active Directory servers and to manage group policies."
"Its integration with open-source applications can be improved. I know that they are working on open-source authentication methods for integration with open-source applications, but they can make it more open."
"It would be good to have more clarity around licensing."
"A nice feature that is not currently present, would be if they had some visualization tools."
"Azure Active Directory could improve by having an authentication service for laptops or desktop computers running Mac and Linux operating systems. They currently have authentication capabilities for Microsoft Windows. Having this capability would benefit people because in today's world everybody is working from the home environment."
"If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great."
More Microsoft Defender for Identity Pricing and Cost Advice →
Microsoft Defender for Identity is ranked 8th in Microsoft Security Suite with 13 reviews while Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 190 reviews. Microsoft Defender for Identity is rated 9.0, while Microsoft Entra ID is rated 8.6. The top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". On the other hand, the top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Rapid7 InsightIDR, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Ping Identity Platform and Okta Workforce Identity. See our Microsoft Defender for Identity vs. Microsoft Entra ID report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.