Try our new research platform with insights from 80,000+ expert users

Microsoft Defender Threat Intelligence vs VirusTotal comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Aug 11, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender Threat I...
Ranking in Threat Intelligence Platforms
4th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
31
Ranking in other categories
Advanced Threat Protection (ATP) (11th), Microsoft Security Suite (18th)
VirusTotal
Ranking in Threat Intelligence Platforms
3rd
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
11
Ranking in other categories
Anti-Malware Tools (3rd)
 

Mindshare comparison

As of April 2025, in the Threat Intelligence Platforms category, the mindshare of Microsoft Defender Threat Intelligence is 2.7%, up from 2.1% compared to the previous year. The mindshare of VirusTotal is 4.1%, down from 4.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Threat Intelligence Platforms
 

Featured Reviews

Nim Nadarajah - PeerSpot reviewer
A native Microsoft solution the provides great ROI and continuously improves its offering
We have Microsoft bias. We generally don't have any significant negative feedback or improvement points around Defender, EDR and CMDR platforms. It does a good job across the board. The price point is something they can improve slightly for those who don't have an M 365 E5. I believe it's a $2.80 cents add-on. In Canadian, that's expensive. If they can drop it to a dollar, for those who don't have M 365 E5, they're going to open up market share and increase affordability for an entire market segment in the medium business category. Other than that, we have no major negative feedback.
Chinmay Banerjee - PeerSpot reviewer
Helps businesses collect threat data while keeping privacy in mind and apable of detecting, blocking, and removing viruses and malware
There are two gray areas I still need to explore. I have worked with VirusTotal because it easily integrates with over seventy antivirus scanners and blacklisting services. In addition to those there is much scope to improve and add other services or integrations. The areas for improvement are that VirusTotal is not using much AI or generative AI models, while other competitors are starting to build them. For example, VirusTotal's work is based on the setup done by their engineers. If you want to do scanning or protection activities for a specific site, app, or device, that is the area VirusTotal is currently focused on. But other competitors are building AI models that can do things like left-side scanning and provide auto-generated reports. VirusTotal has predefined reports, but there is a lot of manual effort involved. Secondly, the API is very limited if I want to integrate VirusTotal with other applications. They need to build more connectors and provide support for Webhook connectors for the API. If you can't build your own connector, it's always good to have provisions for Webhook setup connectors across platforms. Thirdly, Kaspersky, a competitor of VirusTotal, is using a methodology called "gatekeeper." A gatekeeper is a security system that protects the inside of a building from outside threats. This is the model Kaspersky is currently using. You have your website set up, but the entire army of VirusTotal or Kaspersky is standing guard, protecting you from the first gate itself. Right now, VirusTotal detects threats from your domain, but it is always better to verify inside the domain and protect it from the first level when people or malware are entering. This first level of protection is lacking in VirusTotal right now. The security bridge and protection gate are missing.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It just runs in the background. I don't have to worry about, making sure it's Intelligence. So, you know, this kind of makes it very easy, have to worry about installing. It is easy to use."
"The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes."
"The product’s most valuable feature is the ability to provide threat detection and protection simultaneously."
"The technical support services are excellent."
"The solution blocks incoming threats on the local PC or any cloud-based threats."
"The solution is well integrated with other Microsoft security products."
"Microsoft's integration into the security stack works quite well."
"The tool is managed from the cloud, because of which the maintenance is very low."
"The initial setup is easy."
"VirusTotal provides 95% to 98% accurate information."
"The feature I like the most is the ability to see the MD5 or SHA-256 signature of the file, and also the composition of the file according to its segments."
"VirusTotal provides 95% to 98% accurate information."
"The most valuable feature is the worldwide malware information database."
"It allows us to see if there have been previous reports on certain indicators of compromise, providing insights from other security professionals."
"It gives detailed information about suspicious IPs, which is one of its most valuable features."
"It is quite simple for anyone if they just want to check some suspicious URLs."
 

Cons

"It's a bit complicated to manage because you have many dependencies of servers, many dependencies in queue, and so on. Entries or different endpoints, and you make different configuration topics for each one. So that's a major problem."
"The product's dashboard and incident reports functionality needs enhancement."
"The solution could be more stable and precise because, at times, the threats detected are not legitimate."
"The price could be improved."
"Having up-to-date documentation and real-time reflections in all portals would be beneficial to keep users informed about any changes. Additionally, the frequent changes in Microsoft's UI and the movement of features between different products in the set pose difficulties."
"A stable licensing model is absent"
"Microsoft Defender Threat Intelligence is evolving and needs to fix and enhance numerous issues like stability and licensing. The continuous rebranding and licensing changes are confusing."
"The tool's onboarding of users that use on-premise or hybrid environments needs to be improved."
"The platform could improve in the areas of endpoints and networks."
"VirusTotal is hard to understand because you need to know Google Docs to create queries, and it doesn't have documentation for that."
"VirusTotal has different versions, and sometimes the parameters of the API are not very clear."
"I would like to see improvements in the score consistency and accuracy."
"VirusTotal has predefined reports, but there is a lot of manual effort involved."
"I would like to see an improved user interface and some automation."
"They can improve the telemetry. Whenever we handle a sample, they cannot provide any information about a victim."
"There should be room for improvement, particularly in the API side of things."
 

Pricing and Cost Advice

"Considering Microsoft is constantly changing licensing, I would give it a seven out of ten. It can be difficult to get your head around it, especially for small to medium-sized enterprises (SMEs)."
"It is an expensive product."
"The solution is relatively expensive; however, our status as a gold partner provides us with several complimentary licenses, which offsets the cost."
"I rate the product's price a six or seven on a scale of one to ten, where one is expensive, and ten is cheap."
"The tool is expensive as a stand-alone solution. However, it is not cheap when you purchase it as a bundle."
"The pricing of the solution is good."
"It's reasonably priced, though there's room for further improvement."
"There is a need to make yearly payments towards the licensing charges attached to the product."
"VirusTotal is an expensive solution."
"We are using VirusTotal with free licenses, managing the license limits across three or four accounts, thus incurring no costs."
"The pricing is reasonable."
"The pricing is very economical."
report
Use our free recommendation engine to learn which Threat Intelligence Platforms solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
12%
Educational Organization
11%
Government
10%
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft Defender Threat Intelligence?
It just runs in the background. I don't have to worry about, making sure it's Intelligence. So, you know, this kind of makes it very easy, have to worry about installing. It is easy to use.
What needs improvement with Microsoft Defender Threat Intelligence?
Some of the customization features could be improved by providing a portion of it as open source. This would allow integration with other solutions, enhancing Threat Intelligence. Providing code cu...
What is your primary use case for Microsoft Defender Threat Intelligence?
We are using Microsoft Defender ATP specifically as an email security solution, as well as for our critical servers as a web security solution. We have almost eleven hundred users utilizing it for ...
What do you like most about VirusTotal?
With VirusTotal, I can check for any hash, malware, file, domain, IP URL, or malicious URL, and Kaspersky stays clean.
What is your experience regarding pricing and costs for VirusTotal?
I do not know about the pricing or licensing as our organization services VirusTotal for our clients.
What needs improvement with VirusTotal?
I would like to see improvements in the score consistency and accuracy. VirusTotal should add more details like those from competitors such as URL Void or Symantec URL Checker, which show the categ...
 

Overview

Find out what your peers are saying about Microsoft Defender Threat Intelligence vs. VirusTotal and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.