Microsoft Defender for Office 365 Reviews

My main use case for Microsoft Defender for Office 365 is as an end user on my machine. It protects my machine through virus scans and ensures from a company perspective that I am not running any unauthorized programs. It also allows me to quickly scan files or things to give me peace of mind.

The feature I like the most about Microsoft Defender for Office 365 is that it typically runs in the background. You do not know it is there until you need to access it. Although, if it is doing a deep scan or an intensive check of your machine, that can impact what you are doing at the time. From an organization perspective, it allows my organization to manage it centrally, set policies, and push them down. Everyone has a unified layer of security, effectively.

Microsoft Defender for Office 365 helps automate some routine tasks by automating keeping my machine safe, effectively. It just runs in the background. Once it is set up and configured centrally, it does what it should do.

There are some improvements that can be made to Microsoft Defender for Office 365 because there is a push and pull between what end users need from their machine and what they need to do. Different people in an organization need different things from the machine. From a development point of view, if I wanted to do development on my actual machine where Defender is, the organization can set certain policies or Defender makes that prohibitive. You need admin access to overstep, and then it becomes opening back doors. Apart from that, for a typical end user, it is fine. It does what it needs to do.

I have been using Microsoft Defender for Office 365 for a good few years. I am not sure in total, but more than two.

I have never experienced downtime or crashes with Microsoft Defender for Office 365. If it is doing a really deep scan, it is going to impact RAM and CPU at times, but it is pretty easy to understand why it is doing it and make sure it is scheduled outside of when you are doing intensive work. That is the only other thing. I have never seen a crash.

Microsoft Defender for Office 365 prioritizes threats well. I do not know too much about the inner workings of it, but it is obviously up-to-date. It is managed through the cloud, so it is always up-to-date with vulnerabilities and different attack vectors. From a Windows perspective, there are typical attack approaches and it has them all covered.

I have seen some kind of return on investment from Microsoft Defender for Office 365 because as an organization, having multiple security wrappers around everything we do is incredibly important because everyone is obviously a target. What we do has different threat vectors that we need to be careful about. Also, from an auditing point of view and just being super safe in terms of what we do and interacting with customers, it is really important to be safe. It is one of the tools we use to do that.

Microsoft Defender for Office 365 threat intelligence does help me prepare for potential threats because it is never going to give you complete peace of mind, and there are other tools that we use for protection, especially for phishing attacks and other ways that you can be compromised. From an end user point of view, they are so far abstracted from all of that. They just want to get on with their job. I think it does a fairly good job of doing what it is supposed to do.

Microsoft Defender for Office 365 saves me time in how it is less about time and more about when it is running and doing its thing. Is it getting in the way? Are you getting lockups? Is it taking down the performance of your machine? For the most part, it is pretty good. It schedules fairly well when it is going to be running deep scans. I know where to find it. It is super easy to get hold of if I need to quickly scan something. It is built into context menus, which is really helpful. You do not have to go looking for it.

Microsoft Defender for Office 365 is pretty good overall. I have used many different tools in the past, and in terms of that world, it is pretty good. I would give it a rating of eight out of ten.

My main use cases for Microsoft Defender for Office 365 include email hygiene.

What I like the most about Microsoft Defender for Office 365 is the way it integrates with Exchange.

These features benefit my organization by allowing for anti-phishing, anti-spoofing capabilities, and a product that helps remove the noise and unwanted emails for us.

I think Microsoft Defender for Office 365 can be improved by creating more educational pieces about not just looking for malware. We are seeing a lot more malware-less emails that Defender for Office 365 has to tackle. It takes time, but getting to the point where it can identify and report on those would be the next step that would help.

I have been using Microsoft Defender for Office 365 for eight years.

I assess the stability and reliability of Microsoft Defender for Office 365 as quite an intelligent tool, since there are many threat detection points, which leads me to believe it is the product that does what it says it will do.

I haven't experienced any downtime, crashes, or performance issues.

Microsoft Defender for Office 365 scales very well with the growing needs of my organization. When I add licenses or users, I can update the licenses and the policies get filtered down.

Prior to adopting Microsoft Defender for Office 365, I was using Proofpoint.

My experience with deployment was straightforward. Intune was set up, so it was very straightforward to put the policies in, and there were no issues on the deployment side.

I have seen a return on investment by not getting hacked, which is always a savings.

My experience with pricing, setup, and licensing is that it's actually quite reasonable even on the licensing side as a standalone product. It's very competitive compared to what competitors are charging.

Before I switched over, Proofpoint was the other solution I considered before selecting Microsoft Defender for Office 365.

Microsoft Defender for Office 365 allows me to prioritize threats across my enterprise. It allows us to report emails that we want our IT to be aware of, so other users can be made aware of those threats and can be treated accordingly.

Microsoft Defender for Office 365's threat intelligence helps prepare me for potential threats before they hit and allows us to take proactive steps. From an email hygiene perspective, if we see what kind of emails or phishing attacks come in, it allows us to prepare for what's out there, including zero-day attacks.

This threat intelligence has affected my security operations by reducing the time it takes to investigate emails because of the automation. We also get the threat intelligence from Microsoft because many other users are using the same product.

Microsoft Defender for Office 365 helps automate routine tasks and helps identify high-value alerts. Automation is key because it allows us to be fast and enables us to push those policies across the company without using individual machines.

Microsoft Defender for Office 365 has saved me time overall. It's difficult to quantify how much time I save per week or per month because of the automation and the way the system is designed, but I would estimate it has saved about ten to fifteen percent of my IT staff's day with automation, as the system allows our IT folks not to analyze every email.

I cannot know the exact dollar figure or amount of money it has saved, but if I quantify that based on the time it has saved, I would draw a parallel between those two compared to just the straight product cost.

Microsoft Defender for Office 365 has decreased my time to detection and time to respond by one hundred percent.

I would rate Microsoft Defender for Office 365 as a seven to eight on a scale of one to ten. My advice to other organizations is to invest in Microsoft technologies and use the single pane of glass.

Public Cloud

Microsoft Azure

We use many Microsoft Security products, and overall, it's helping us with our overall security posture. Though we see some challenges, we want to see if the Security Copilot can help, but overall, it's very helpful and essential to our operations.

Microsoft Defender for Office 365 helps prioritize threats across our enterprise. The security products provide good visibility, allowing us to see and prioritize various events, which is crucial given the daily volume of events. We can see what's going on and prioritize. Because there are many different events, we can focus on the most important ones first. This prioritization of threats is very important. Otherwise, it may not be usable because we will be handling thousands of events every day.

The threat intelligence offered by Microsoft Defender for Office 365 helps us prepare for potential threats before they hit. It offers visibility and a focused response needed to manage threats promptly. The security features can effectively and quickly identify and prioritize threats, contributing to rapid threat response.

Our application is a SaaS solution, so we have many customers, and the cloud infrastructure is essential to our business. The security features of Microsoft Defender for Office 365 can quickly identify and prioritize threats, allowing our SecOps team to act quickly to respond to the threats.

Microsoft Defender for Office 365 has saved us time and money. It has decreased our time to detection or time to respond by approximately 10 times because we have 100 gigabytes of logs every day, and without automation, it would be impossible for humans to handle.

This will be a potential risk because if there's any security incident, that will cause reputational and financial damage. Being able to maintain our overall security posture with Microsoft Defender for Office 365 is invaluable.

The DLP feature of Microsoft Defender for Office 365 is pretty good. The DLP feature of Microsoft Defender for Office 365 is valuable, and we also use the DLP feature for email real-time detection. The value of the DLP feature is significant to us because we have internal data, sometimes sensitive, and the users may not always be aware of security and privacy, which might lead them to send out information mistakenly to external parties.

We still see many false positives from time to time with Microsoft Defender for Office 365, so it would be good if we can reduce those false positives and provide better workflows for our end users, as sometimes they may not know what to do when they encounter a false positive. Those kinds of workflows will help make it easier to use.

We have been using Microsoft Defender for Office 365 since 2018.

Overall, the stability and reliability of Microsoft Defender for Office 365 are good, but we do see some hiccups from time to time. Maybe twice last year, we lost the Teams connection, but overall, it is within the SLA range.

Microsoft Defender for Office 365 scales transparently for us, as we grew from 1,000 users to 3,000 users, and we didn't notice much difference.

The technical support and customer support we received for Microsoft Defender for Office 365 are pretty good; we opened tickets, and they typically resolve them quickly.

Positive

We have been using it from the beginning.

It is pretty straightforward, but fine-tuning the rules takes time. We see false positives from time to time, so we need to find the rules to fix our situation.

We started with on-premises. Currently, it's like 80% cloud and 20% on-premises. Exchange and SharePoint are on the cloud, but AD is still hybrid.

Security is very important for us, and we are also a public company, so any security incident will cause serious damage, but it's hard to quantify the return on investment we've seen from Microsoft Defender for Office 365.

It's within our expectations and also competitive in the market.

We didn't evaluate other solutions.

Currently, we do not have automation actions with Microsoft Defender for Office 365. We mainly focus on the detection part because we find some false positives from time to time, so we are not 100% confident to turn on the fully automated mode.

I would rate Microsoft Defender for Office 365 a nine out of ten.

Public Cloud

Microsoft Azure

My main use case is to showcase Microsoft Defender for Office 365 to help demonstrate the product so we can assist Microsoft in selling it to other companies.

The coolest feature of Microsoft Defender for Office 365 is its ability to look for phishing emails. That has been one of the biggest problems I have seen in my previous companies—detecting phishing emails and identifying bad actors who are trying to steal information, whether they are posing as managers to subordinates or even as our clients. Microsoft Defender for Office 365 stops that in its tracks.

Microsoft Defender for Office 365 works really well. It gets better each year as the technology develops. It saves us time—I would say it saves us 50% less time instead of having to manually look at emails in Outlook.

I use Microsoft Defender for Office 365 to automate tasks. You can use the AI agents to automate the tasks and then they can do it for you. That is where the time savings come in.

Microsoft Defender for Office 365 saves us time and money. Time is money, and money is time.

I think if Microsoft Defender for Office 365 could provide a report at the end of each month showing how many emails it has stopped and how well our systems are working, along with suggestions on ways we can improve our own systems and other products we could use that work better with it, that would be helpful. I do not see that functionality right now while we are developing this.

Our company designs these products to showcase Microsoft Defender for Office 365, so I have been using it since I started two or three years ago.

I have not noticed any downtime or crashes with Microsoft Defender for Office 365.

Microsoft Defender for Office 365 scales with time. We try a lot of Microsoft products because they are our biggest client.

Microsoft Defender for Office 365 works pretty. Sometimes I have to recategorize things when it takes the wrong step and I do not want it to classify something as suspicious. But most of the time it works when you play with the tool and make it work for you in a better way.

For the most part, Microsoft Defender for Office 365 prioritizes threats by making sure, especially in Office 365, that people do not click on links and things of that nature. If it detects a threat, I can go in and double check those emails to determine if it is correct or wrong. I think it does a pretty good job at that. But once in a while it goes the wrong way and I have to recategorize it.

Mostly the important threats are getting detected by Microsoft Defender for Office 365.

For us to design Microsoft Defender for Office 365 for Microsoft, we deployed it in our own email systems to see how it works and to figure out how many emails it stops. Once we know how the program functions, we can present it so Microsoft can sell it more effectively. I would rate this product a ten out of ten.

My main use cases for Microsoft Defender for Office 365 include application and endpoint security for end users.

The features I appreciate most about Microsoft Defender for Office 365 are admin notifications for potential threats along with protecting our Microsoft apps such as Outlook from potential phishing attacks. These features have definitely benefited our organization, especially when we've had phishing attacks occur, and we have highly secure data because we're in financial services, so data security is pretty critical for us. Along with that, endpoint security for our applications is essential as a lot of our Excel files contain proprietary financial information that we want to protect. It's really important to have that capability.

To improve Microsoft Defender for Office 365, it would be nice to have more accessibility for users to see on their end what they are doing that could cause a threat. Sometimes users do things without realizing they may be causing an issue until we inform them, so better processes for notifications would be useful.

I have been using Microsoft Defender for Office 365 for probably the past two years, around a year and a half.

The stability and reliability of Microsoft Defender for Office 365 is quite stable compared to our previous service, and while there are things that could be improved, it is definitely better and more cost-effective than other solutions we looked at. I have not experienced any downtime, crashes, or performance issues because of Defender.

Microsoft Defender for Office 365 scales very well with the growing needs of my organization because we are a slower-growing organization and stay at the same pace, so there's not much scaling needed. However, it does perform well because it is within our Azure subscription and runs seamlessly within our tenant.

We have expanded usage by migrating everyone to Intune-managed devices so they are on Microsoft Defender for Office 365, which was one of our big projects this year to move off our old system.

I would evaluate the customer service and technical support as great since we have been able to get pretty good service, and I haven't had any downtime or outages with our Azure service. On a scale from one to ten, I would rate my customer service and technical support as an eight. I give them an eight because I think a ten is hard to achieve since it would need to be almost perfect, and there have been some Azure outages causing minor issues. Overall, it has been a much better process than we used to have.

Positive

Prior to adopting Microsoft Defender for Office 365, we were using another solution to address similar needs. We used Sophos before, and several factors led us to consider a change including performance, cost, support, and scalability. It caused performance issues for end users because it needed to use a lot of resources, and it was also going to cost more to maintain. Additionally, it wasn't the most up-to-date cloud solution which we now get through Azure and Microsoft Defender for Office 365.

My experience with the deployment has been a lot more seamless as we use Autopilot for that, so it's easier than manually installing a local cyber defending service on each user's endpoints, definitely saving us time there.

I believe I have seen a return on investment because in the long run, we're saving money on subscription costs for a different service and having everything under one roof.

My experience with the pricing, setup costs, and licensing is not too specific, but having all our users with Entra ID accounts and being on Intune made it a lot more seamless and easy, as most of our devices and subscriptions are through Microsoft.

I am not too sure about the other solutions we considered before selecting Microsoft Defender for Office 365, but I know that Defender was our first and most ideal choice since we do use the Microsoft suite.

My advice to another organization considering Microsoft Defender for Office 365 is that if you're already using Microsoft 365 for your end users, it's a great product to put on top of that because it integrates seamlessly within your existing Microsoft suite and is a lot easier to manage than having a separate security service. I would rate this product a nine.

Hybrid Cloud

Microsoft Azure

I use Microsoft Defender for Office 365 on my personal computer, and it's easier here because I don't use the internet to visit inappropriate pages or download anything suspicious from rare sites.

I use Microsoft Defender for Office 365 only on-premises, not cloud, because for cloud services, I use my Gmail account.

Microsoft Defender for Office 365 meets my security needs, as it helps me monitor how my computer is performing. Although I am a cybersecurity specialist and have other tools, I use Microsoft Defender for Office 365 to check my computer and those of my parents or friends.

I am using Microsoft Defender for Office 365, as well as Microsoft Process Explorer, but not much else yet because I work everything in virtual machines.

Microsoft Defender for Office 365 is always active on Windows; I didn't need to configure anything, and if there's something different or suspicious, it alerts me immediately. It's very easy to use. I know that it's a very simple defense, but I use my computer very carefully.

What I appreciate about Microsoft Defender for Office 365 is that it's free and comes as an on-premise product by default, so no additional setup is required. It comes by default and gives the client a safety sensation, allowing people to be careful and more relaxed with their computer.

I have seen benefits from using Microsoft Defender for Office 365, as it gives users a relaxed feeling of being protected. I don't usually experience any alerts unless I am playing in Hack The Box and using a virtual machine.

The integration of Microsoft Defender for Office 365 with other Microsoft products enhances my security, as I don't have any problems with the whole Microsoft product suite.

I think that Microsoft Defender for Office 365 could be improved if it could use VirusTotal to compare the programs or anything that I download. VirusTotal helps to identify viruses, malware, trojans, and worms. For example, if I download software to edit videos, if it could scan it through VirusTotal before I execute the installation, it would tell me if the software has anything suspicious.

I have been using Microsoft Defender for Office 365 for approximately two years.

I rate technical support from Microsoft a 10 because when I have a problem with my computer, they have always been very good.

Positive

At this moment, I'm not using any solutions because I was only making a market study of Proofpoint and Perception Point.

The threat investigation tools in Microsoft Defender for Office 365 don't influence my security response times too much because now I am not working with it, but I am very careful with my computer since I know how the field is.

I am not using any artificial intelligence with Microsoft Defender for Office 365; I only use ChatGPT for my personal use.

I haven't recommended Microsoft Defender for Office 365 yet, but if I have a situation where I need to recommend it, I would do so.

I rate Microsoft Defender for Office 365 a nine out of ten.

On-premises

Google

We use Microsoft Defender for Office 365 as part of Microsoft XDR solution. It offers native integration within Microsoft Ecosystem and provides proactive recommendations that help enhance our organization's security. Additionally, it is used to protect on-premises mail flow by redirecting it to Defender EOP.

The solution saves time due to its easy policy configuration and licensing process. It integrates naturally with Sentinel, which simplifies IT and technical configuration tasks with minimal clicks, offering flexibility and efficiency.

Microsoft Defender for Office 365 provides natively integrated cybersecurity tools that are part of Microsoft Ecosystem. It offers proactive recommendation tasks to enhance organizational security. It provides end-to-end visibility on email threats such as phishing, extending beyond Exchange Online Protection. The scalability is managed by Microsoft as a cloud-hosted tool, relieving us of those concerns.

Microsoft could improve by offering recommendations for domain spoofing attacks, especially scenarios where DNS records like SPF, DKIM, and DMARC are not properly published. It's essential to enhance awareness about these issues within organizations.

I have experience in Microsoft Defender for Office 365 for the past three years.

Deployment is straightforward due to a comprehensive guide provided by Microsoft. It's easy to deploy, and anyone with a security background can apply it without difficulty.

The solution is stable, as we have been using it for the past two years. Sometimes it generates false positive alerts, but adjusting policies resolves these issues. Security products occasionally provide false positives, so alignment of configuration is necessary.

As a cloud-hosted tool, scalability is great. We have never faced scalability problems, and Microsoft manages it effectively. We only need to focus on configuring policies.

I would rate customer service at a five out of five. Over the past two years, there have been no critical problems. Any issues are addressed quickly by Microsoft's support.

Positive

Microsoft offers an affordable and feature-rich security solution compared to third-party email security tools like Trend Micro.

The initial setup is easy due to Microsoft's deployment guide.

Microsoft is quite affordable with a lot of features available for any size organization.

Overall, I would rate Microsoft Defender for Office 365 at a ten. My experience with the visibility into threats is positive; Microsoft provides transparency and regularly improves its products. Most of the customers using Microsoft Defender for Office 365 in our region belong to the financial sector.

Public Cloud

Other

I use Microsoft Defender for Office 365 for various compliance tasks. For example, I can use it for eDiscovery to search mailbox content. Just today, a manager requested all emails for a departing user who no longer had an active license. Using Defender's content search feature, I exported the user's entire mailbox as a PST file for the manager to import into Outlook. Beyond eDiscovery, Defender also helps us monitor compliance and security scores, manage quarantine emails, investigate phishing alerts, and configure data classification, labeling, anti-spam, and anti-malware policies.

Before using Microsoft Defender for Office 365, we were plagued by phishing and ransomware emails, especially for our board members. To combat this, we implemented a Defender policy that triggers alerts for emails containing keywords like "bank account" or "credit card details." Additionally, a policy tip and disclaimer appear in user mailboxes for such emails. This disclaimer clarifies the email's external origin and allows users to move it directly to junk with a single click. Simultaneously, an alert goes to the administrator, who investigates the email: if legitimate, it's released, otherwise it's blocked.

Our organization operates a single, hybrid tenant environment with a mix of on-premises and cloud-based mailboxes, with the majority residing in the cloud. This small, non-multi-tenant setup supports approximately 2,000 users.

While Microsoft Defender for Office 365 integrates with third-party solutions, our organization prioritizes Microsoft technologies for security. We only integrate external tools with explicit management approval. This focus extends to data backup. Even though Office 365 is a cloud service, we recently purchased Barracuda, a tool that seamlessly integrates with Office 365 for data backup.

Prior to my arrival, our organization lacked a dedicated Office 365/Microsoft 365 security specialist, with IT admins relying on web searches for configuration. Upon identifying vulnerabilities, I implemented Microsoft Defender and other security measures. Our compliance score, which was around 30 percent a year and a half ago, now consistently ranges from 75 to 85 percent, thanks in large part to Microsoft Defender for Office 365.

Microsoft Defender for Office 365 helps prevent advanced attacks like business email compromise by stopping lateral movement within the network. It also includes data loss prevention features, where our custom policies have helped block malicious emails, ransomware, and spam before they ever reach our servers. While not perfect, Microsoft Defender has significantly improved our email security, offering around 80 to 90 percent effectiveness, which we're quite happy with.

Microsoft Defender for Office 365 has significantly improved our security team's efficiency. The comprehensive security analytics dashboard provides insightful information on threats, including the number of phishing attempts and attacks on our servers. This data can be easily exported for clear reporting to management. Overall, Microsoft Defender for Office 365 saves us time and simplifies security analysis presentations.

Our long-established organization has faced recent economic downturns, leading to employee departures. Managers frequently request departing users' SharePoint data, Mailboxes including PST files, and other associated information. So the most valuable feature of Microsoft Defender for Office 365 is data backups that we can provide through ticket requests.

Microsoft Defender for Office 365's Mac functionality requires improvement to deliver the same level of protection found on Windows devices.

I have been using Microsoft Defender for Office 365 for two years.

I would rate the stability of Microsoft Defender for Office 365 nine out of ten.

Microsoft Defender for Office 365 is highly scalable.

I've found that Microsoft's third-party support teams are slow to resolve issues. While they do eventually fix the problem, it can take a week for issues that should only take a day or two. In contrast, Microsoft employees can typically resolve issues within two days.

Neutral

While deploying Microsoft Defender for Office 365 in my previous organization with multiple tenants was complex, the current single-tenant setup was easy.

We had a team of four involved in the deployment. Two were in the United States and Belgium and two were in India. 

The implementation was completed in-house.

While Microsoft Defender for Office 365 necessitates pricier E3 or E5 subscriptions, the extensive functionality offered by these licenses across various Microsoft products justifies the investment.

I would rate Microsoft Defender for Office 365 eight out of ten.

Microsoft Defender for Office 365 is deployed in multiple regions in India, China, Belgium, Italy, and the United States.

So far, no maintenance has been required yet, but we regularly check Microsoft's security advisories and discuss them in our scrum meetings. If an advisory requires action, we'll address it accordingly.

I would recommend Microsoft Defender for Office 365 to others.

With over ten years of experience using Microsoft 365 and Microsoft 365 Defender exclusively, I've successfully implemented it at multiple companies. While the upfront cost may seem high, it delivers value based on your infrastructure size. Overall, Microsoft Defender is an excellent security product for any environment, regardless of size.

Hybrid Cloud

Microsoft Azure