Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Identity vs Varonis Platform comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

No sentiment score available
No sentiment score available
Varonis Platform's technical support is praised for responsiveness and effectiveness, despite occasional delays and team transfers.
 

Room For Improvement

No sentiment score available
Sentiment score
5.1
Varonis Platform needs cloud integration, improved performance, enhanced troubleshooting, and better interface to address complexity and dependency issues.
 

Scalability Issues

No sentiment score available
Sentiment score
7.2
Varonis Platform is scalable for large environments, especially SaaS, but expanding requires expertise; handles increased data loads efficiently.
 

Setup Cost

No sentiment score available
No sentiment score available
Varonis Platform's pricing varies from average to expensive, better suited for large enterprises with distinct licensing needs.
 

Stability Issues

No sentiment score available
Sentiment score
6.9
Varonis Platform is stable, reliable, but faces performance issues with new plugins and large data, needing permanent fixes.
 

Valuable Features

No sentiment score available
Sentiment score
7.9
Varonis Platform offers 24/7 support, strong behavior analytics, data security, and compliance features, praised for monitoring and flexibility.
 

Categories and Ranking

Microsoft Defender for Iden...
Ranking in Identity Threat Detection and Response (ITDR)
1st
Average Rating
8.8
Reviews Sentiment
7.8
Number of Reviews
17
Ranking in other categories
Advanced Threat Protection (ATP) (5th), Microsoft Security Suite (7th)
Varonis Platform
Ranking in Identity Threat Detection and Response (ITDR)
6th
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
13
Ranking in other categories
Data Loss Prevention (DLP) (13th), Data Governance (8th), SaaS Security Posture Management (SSPM) (4th), Data Security Posture Management (DSPM) (8th), Compliance Management (8th), Ransomware Protection (9th)
 

Mindshare comparison

As of November 2024, in the Identity Threat Detection and Response (ITDR) category, the mindshare of Microsoft Defender for Identity is 31.7%, down from 38.8% compared to the previous year. The mindshare of Varonis Platform is 5.1%, down from 6.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Identity Threat Detection and Response (ITDR)
 

Featured Reviews

Sachin Vinay - PeerSpot reviewer
Easily detects advanced attacks based on user behavior
The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud. Identity harvesting is the most common threat. Legacy Microsoft solutions and Amazon face the same issues in the cloud. Users don't implement other security mechanisms in the cloud. In an on-premise environment, we would have multiple security devices like firewalls and several layers of security. Cloud users are less bothered because cloud features are there and only need to be configured. Microsoft Defender for Cloud is the best solution because all threats are completely visible, and it has a great dashboard. The dashboard displays each threat and score, so we can identify the threat rating and act efficiently to avoid compromising user identities. We have a single sign-on feature on the cloud. If we lose a single set of identities, it can compromise the entire organization, including cloud and on-premise. The same identities are being used everywhere. The user activity has to be completely visible on the dashboard, and it has to generate a pattern. It will notify us if there is any security breach. It is a complete monitoring set. Minor changes in the user identity can lead to data leakage. If a password is changed in the cloud, it will be reflected automatically in the on-premise. This minor change will trigger an alert in Microsoft Defender for Identity. It ensures that each cloud identity is well protected from spoofing. It has a comprehensive database of well-known spoofing techniques, enabling us to provide cloud identity protection completely. It has a vast scope because it is completely single sign-on. In the emerging industry, we use single sign-on because users need to authenticate, but it's challenging to remember multiple passwords. Once your user signs in, you can access all the data. An identity compromise would lead to various issues and affect the data on-premises. Defender maintains a constantly updated database with the latest signatures, attack models, and threats. If it detects one threat, it will monitor the suspicious event and give us frequent alerts. Identity protection is vital because we use an identity mechanism for everything, including firewall-related activities. The exact identity used in the cloud is used in the most complex firewalls. We require an excellent migration technique to regain this user credential if something gets compromised. Blocking this requires a massive set of procedures. Microsoft Defender comprehensively monitors identity and provides frequent alerts regarding any issue, so we don't need to think of anything else. Defender's bidirectional sync capabilities are helpful because we need to sync data from multiple directions, including tenant-to-tenant, on-premise-to-cloud, and cloud-to-cloud syncing. As a university, we have multiple tenants, so we need to sync or access data across platforms. That way, everything is more secure, and Microsoft Defender for Cloud also provides ample security for cloud transfers. The bidirectional sync capabilities are flawless—10 out of 10. Our on-premise Active Directory is perfectly synced with the Azure AD. Everything is synced with on-premise, and changes are reflected in minutes. If a problem with identity is addressed on the cloud, the fix will be mirrored on-premise and vice versa. Microsoft Defender for Cloud and Identity are bundled. If we have these two solutions, we don't need to worry about anything else or third-party antivirus. Microsoft Defender for Identity acts as a link to all the Microsoft security features that require identity-based validation. Microsoft Defender instantly provides identity security for all our applications, and users need not worry about typing their passwords. Even in situations with less complex encryption mechanisms, users don't need to worry about typing in their passwords. Defender will check and monitor if there are any flaws in that, and it will let us know if there are any issues. We're a Microsoft shop, so everything works together. If one feature isn't working, everything will be affected. If Defender isn't working, half of our Microsoft security features will be dead. Without identity security, user data can easily be compromised, and data can fall into the hands of intruders or other hackers. The solutions have to complement each other. If anything got wrong, the entire setup would have flaws. Microsoft security has a legacy security mechanism. A while back, we might have gone with Defender for Endpoint, but Microsoft has also grown into the face of the cloud. The same Defender solution is completely maintaining cloud security. We can imagine Microsoft's vast scale and how Defender can protect the cloud environment from vulnerabilities and attacks. We are definitely delighted with Microsoft products. The dashboard features are fantastic because it provides a comprehensive overview. It has a great alert mechanism and log inspector that tracks when users access various servers. With this kind of identity validation, we can control which servers the users can access. We have total visibility from the dashboard. We can track identity usage even if there are no issues. That is an essential advantage.
Frederic  Delos - PeerSpot reviewer
Offers the ability to identify sensitive areas, allowing you to drill down into the sensitive data
The most effective feature for me is its ability to identify sensitive areas, allowing you to drill down into the sensitive data, provided you have access, to determine whether it's a false positive or a true positive. That's the best thing for me, out of all of it. It's got everything, like other ones, but I like to be able to look at something if I'm doing forensics on the alert and say, "Okay, do I really need to do something with this?" For example, we don't want sensitive data in our OneDrive. So it identifies the sensitive data that's possibly in the OneDrive. And what I can do is look at it and identify whether it's actually sensitive data in Datalert or whether it looks like sensitive data, but I know it's a false positive. If it is a false positive, I can basically say ignore this pattern based on X, Y, and Z, you know, whether it's Redjax or keyword proximity. So I like that. With other tools, I gotta go through a whole process because it's a little bit more complex. Here, I can tag it and bag it in one shot. And the next good time I scan, it slips over it. So it helps in that.
report
Use our free recommendation engine to learn which Identity Threat Detection and Response (ITDR) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
14%
Government
9%
Manufacturing Company
7%
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
10%
Insurance Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft Defender for Identity?
Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence.
What needs improvement with Microsoft Defender for Identity?
The solution could improve how it handles on-premises Android-related attacks. Without Microsoft Defender, it can be challenging to check which accounts are compromised and to analyze activities on...
What is your primary use case for Microsoft Defender for Identity?
We use Microsoft Defender for Identity to prevent user account-level attacks such as lateral move attacks and pass-the-hash attacks on our on-premises servers. We leverage its features to mitigate ...
What do you like most about Varonis Platform?
The solution has significantly improved data security and compliance posture by allowing us to track and monitor activities. We can see who accesses data and when files are created and understand w...
What needs improvement with Varonis Platform?
The solution's areas of improvement are the interface and the dependency on on-premises deployment for some components. The interface has improved with the move to a SaaS model, but aspects could s...
What is your primary use case for Varonis Platform?
Customers use the product to identify sensitive information, correlate it with access permissions, and utilize its automation engine for remediation. It includes fixing broken permissions and manag...
 

Also Known As

Azure Advanced Threat Protection, Azure ATP, MS Defender for Identity
No data available
 

Learn More

 

Overview

 

Sample Customers

Microsoft Defender for Identity is trusted by companies such as St. Luke’s University Health Network, Ansell, and more.
Nottingham Building Society
Find out what your peers are saying about Microsoft Defender for Identity vs. Varonis Platform and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.