We use it to monitor user behavior and activity. It also gives us analytics to protect the user identities and extensions stored in Active Directory. For one of the instances that we are managing, we have to sync it with Active Directory and protect user identity.
Solutions Architect at a computer software company with 1,001-5,000 employees
From process efficiency angle, we are definitely seeing benefits
Pros and Cons
- "Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency."
- "One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication."
What is our primary use case?
How has it helped my organization?
It is a basic SecOps tool. It has not increased or improved anything specifically for our organization, but I see it as a must-have for security ops.
It can help automate routine tasks and finding of high-value alerts. Our security operations are not very high-volume, but from the angle of process efficiency, it is definitely a very beneficial product.
Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency.
And there are a couple of aspects, time-wise. One is that the documentation makes everything so easy that we were able to understand it without much external support. The second is how it automates the process and gives everything in one console. It is helping us with process efficiency. I would estimate it is saving us 10 to 15 man-hours per month. But it is more an issue of process efficiency and having the right process in place. It is not for time-savings, primarily.
And it is likely to help us with our time to detect and respond, although we haven't faced one threat yet.
What is most valuable?
It's a little early to tell which features are most valuable, but by default, it gives analytics on user behavior. We have not been able to leverage it fully, but that is one of the interesting features. It's also very simple to use. The documentation has made it quite easy to implement and our team has been able to understand it.
And while we haven't had even one threat incident yet, functionality-wise, Defender for Office 365 can proactively detect threats and prevent them. It is not just a reactive mechanism.
What needs improvement?
One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication. The awareness of ecosystem information that is provided needs to be better.
Buyer's Guide
Microsoft Defender for Office 365
December 2024
Learn what your peers think about Microsoft Defender for Office 365. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
We implemented Microsoft Defender for Office 365 over the last month.
What do I think about the stability of the solution?
The stability of Defender for Office 365 is competitive.
What do I think about the scalability of the solution?
It is very scalable. I've seen implementations in organizations with thousands of employees.
For us, it is being used across endpoints for all the users in our organization, and it is multi-geographic as well. We are a small organization with only 10 users.
How are customer service and support?
Microsoft technical support is very good. For this particular product we have not reached out to them, but otherwise, we find Microsoft support to be quite good.
The product itself is so good that we rarely have to raise a support ticket. The product and documentation are self-explanatory and we are able to troubleshoot things ourselves.
How would you rate customer service and support?
Positive
What's my experience with pricing, setup cost, and licensing?
If we had compared it with other vendors, then I would have more to say about the cost, but we didn't. However, standalone, the cost is convenient.
Which other solutions did I evaluate?
We did not explore other vendors. This was a default choice for us.
What other advice do I have?
We have not faced any incidents so we are not able to comment on how well it handles them. But in our organization, we are using basic antivirus software and that aspect is covered in that solution as well. It also has functionality for prioritizing threats but we have not implemented it.
The solution does not require much maintenance. There is the setup and it is mainly a matter of monitoring after that.
When you consider a best-of-breed strategy versus a single vendor's security suite, I prefer a single vendor because of the failure points. If there are interconnected failure points, there is a single vendor to work with to fix them and identify the gaps. And when it is within the same ecosystem, the product releases are compatible with each other and, together, give us more value. While a multi-vendor strategy has its benefits, if we stick to a single vendor for the entire stack, it is a better scenario in which to manage and monitor.
If you're using Office 365, Defender for Office 365 is the default primary choice. There are no shortcomings in it, that I have seen, that should make someone look for an alternate solution. It is the default choice for this particular use case and it serves its purpose.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Protects from zero-day threats and ensures that attachments and links are safe, but has a lot of false positives and should have only one plan that takes care of everything
Pros and Cons
- "Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
- "In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
What is most valuable?
Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features.
What needs improvement?
In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.
For how long have I used the solution?
I have been using this solution for the last one year. I have its latest version.
What do I think about the stability of the solution?
It is stable. We didn't find any issues with that.
What do I think about the scalability of the solution?
It is highly scalable. We have deployed for around 7,000 accounts. Performance is not impacted.
How are customer service and technical support?
Their technical support can definitely be improved. They can avoid using templatized response.
Which solution did I use previously and why did I switch?
We had basic Exchange Online Protection.
How was the initial setup?
It was easy to configure and with one/two skilled the ongoing maintenance can be handled.
What's my experience with pricing, setup cost, and licensing?
It has a simple interface to configure and manage. From the pricing point of view, like any other product in the market, there is scope for negotiation.
Which other solutions did I evaluate?
Before we chose to settle with this product, we experimented with Cisco, Forcepoint, etc.
What other advice do I have?
I would advise others to do a proof of concept for at least a month before taking a decision.
I would rate Microsoft Defender for Office 365 a eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Microsoft Defender for Office 365
December 2024
Learn what your peers think about Microsoft Defender for Office 365. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Technical Support Specialist
Helps prioritize tasks, and keeps our platform secure, but is not user-friendly
Pros and Cons
- "The technical support is good and quick to resolve issues."
- "The UI needs to be more user-friendly."
What is our primary use case?
We use the solution to add and move staff when they leave to secure the laptops and other assets for the company. All our contractors work remotely.
How has it helped my organization?
The solution helps us prioritize threats across our entire enterprise.
I found the prioritization to be effective for the amount I have used it.
The solution helps us automate routine tasks and find high-value alerts. We use automation to create printers in terms of notifications that notify us when a device is trying to gain access.
The solution saved us between 24 and 48 hours of time.
The solution saved us money.
What is most valuable?
We are a small Software as a Service company, so when we hire contractors for projects, we usually move on to a different contractor with the relevant expertise. This means we have a lot of contractors coming in and out of the company, and the solution helps to keep our platforms secure when they have finished working by removing their credentials.
What needs improvement?
The solution provides us with visibility into threats; however, there is room for improvement in the threat visibility, as it could be more granular, refined, and detailed.
The UI needs to be more user-friendly. Some of the dashboard views are hard to follow and make the reporting complicated.
For how long have I used the solution?
I have been using the solution for two years.
How are customer service and support?
The technical support is good and quick to resolve issues.
How would you rate customer service and support?
Positive
What other advice do I have?
I give the solution a six out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sales Account Manager at a tech services company with 51-200 employees
Simple implementation, effective email threat detection, and secure
Pros and Cons
- "The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
- "They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
What is our primary use case?
Microsoft Defender for Office 365 was a product called Advanced Threat Protection(ATP) in the beginning and it was changed. Microsoft Defender for Office 365 is an email security. Our customers should know that it is only email security and not a full security feature solution. It is for checking the attachments of emails, and it will move them on if they are secure, and if they are not secure it will not move them forward.
What is most valuable?
The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not.
What needs improvement?
They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.
For how long have I used the solution?
I have been using Microsoft Defender for Office 365
What do I think about the scalability of the solution?
Microsoft Defender for Office 365 has been scalable.
How was the initial setup?
The implementation is simple, once you have the license you assign it to the end-user.
What was our ROI?
We have seen a return on investment because if we would have received a phishing email, Microsoft Defender for Office 365 would help out to detect the threat instead of crashing down the whole company. The solution keeps emails protected with high security benefiting the company, whether it's an inbound or outbound email.
What's my experience with pricing, setup cost, and licensing?
Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution.
What other advice do I have?
I would advise every customer who requires email security to purchase Microsoft Defender for Office 365.
I rate Microsoft Defender for Office 365 a ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer:
IT Specialist at a government with 51-200 employees
Stops evolving threats and offers peace of mind
Pros and Cons
- "The product is not resource-intensive."
- "We need to be able to whitelist data at the backend."
What is our primary use case?
We use the solution for wireless scanning, reporting, and monitoring.
How has it helped my organization?
The product is not resource-intensive.
What is most valuable?
The tool's most valuable feature is virus scanning, which has saved us from malware and ransomware.
What needs improvement?
We need to be able to whitelist data at the backend.
For how long have I used the solution?
I have been using the product for three years.
What do I think about the stability of the solution?
Microsoft Defender for Office 365 is stable.
What was our ROI?
We have seen ROI with the product's use.
What's my experience with pricing, setup cost, and licensing?
The tool's pricing is reasonable.
What other advice do I have?
Microsoft Defender for Office 365 can stop evolving threats, which provides peace of mind.
The solution has helped us discontinue other security products. It has helped us save time and money.
I rate the product a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Supervisor of IT Infrastructure & Cybersecurity at a comms service provider with 51-200 employees
Thorough examination of email and URLs for malicious content and great real-time updates
Pros and Cons
- "Does a thorough job of examining email and URLs for malicious content."
- "Configuration requires going to a lot of places rather than just accessing one tab."
What is our primary use case?
We are resellers of this solution and Microsoft partners.
How has it helped my organization?
Defender for Office 365 helps in securing your users' email which is the number one method of compromise for most networks.
What is most valuable?
The solution does a thorough job of examining emails for malicious content and examines the URLs and potential malicious content in emails. It offers peace of mind with more real-time updates as far as what they're looking for as opposed to a signature-based solution. It's probably the most valuable feature in my mind. I've deployed it for a couple of clients in a 365 environment and it seems to be a pretty solid solution.
What needs improvement?
This is not really a defined product. You have to go to a lot of different places to enable things so it would be nice if you could go to one tab that says 365 Defender for Office 365 or something similar. You would be able to make all the settings and changes there, rather than having to go to lots of different places in the admin center to get it configured.
Configuring Defender for Office 365 is not as easy as I would like but with some research and patience, you can tweak the solution to meet your needs. There are some pretty good articles online that assist in setting up Defender for Office 365 to meet your needs.
Creating a path for your Security Awareness Training (SAT) phishing tests to go around the Defender filtering is way too complex for our current solution KnowBe4. But I learned that is a KnowBe4 limitation. Phin SAT has a much easier method of injecting test phishing emails that do not require such acrobatics to configure.
For how long have I used the solution?
I've been using this solution for two years.
What do I think about the stability of the solution?
This is a stable solution.
What do I think about the scalability of the solution?
Defender is very scalable, it sits on the 365 environment so however big your 365 environment is, is how much you can expand. We've probably set up 300 or 400 users so far. There's no maintenance and you don't have to deploy updates. It's all taken care of in the background by Microsoft so it's pretty much set and forget it once you get it configured.
How are customer service and support?
The support is mostly responsive, but I've had instances going for longer than a week that shouldn't have taken that long.
Which solution did I use previously and why did I switch?
There's no specific solution I would relate to, Microsoft just seems like a cleaner solution as opposed to having a third party. We've used some other solutions in the past where we have to send the mail to that solution and then forward it from there to Microsoft. In this case, it all takes place in the Microsoft environment.
How was the initial setup?
Like most Microsoft products, it's not the easiest thing to get installed, but it seems to work once you have it deployed. You can easily do it in half a day, especially once you get familiar with it, but it's not particularly time-consuming. It's best to start out with more lenient definitions so you're not working on every mail, but we can tune it after that. Our in-house IT department deals with deployment.
What was our ROI?
We haven't done any sort of analysis with regard to ROI, but in my mind, if you can stop one piece of ransomware or malware from getting onto your network, it's priceless.
What's my experience with pricing, setup cost, and licensing?
The solution is not too expensive.
Which other solutions did I evaluate?
This is the first option I tried. I'm considering looking into others to see if they are easier to set up and manage.
What other advice do I have?
I'd highly recommend reading the documentation. It was pretty helpful in getting the solution set up.
I rate the solution an eight out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Deputy Chief SAP BASIS Administrator at a comms service provider with 201-500 employees
Easy to use and simple to configure but requires better scanning capabilities
Pros and Cons
- "The basic features are okay and I'm satisfied with the Defender."
- "I'd like some additional features any product can give me to protect our environment in a better way."
What is our primary use case?
We are using Defender to protect different kinds of attachments, emails, and safe links, and things like that.
What is most valuable?
The basic features are okay and I'm satisfied with the Defender.
The initial setup is pretty simple. It's easy to configure.
Microsoft products are always easy to use.
The solution has been stable and reliable.
What needs improvement?
I was looking for some advanced features, like if I would receive an email that contains a legitimate file type, but the content is malicious, how I can protect against that? Normally, we are dealing with so many phishing and spam emails. I'd like some additional features any product can give me to protect our environment in a better way.
There is always a chance to continue to improve the product in some way.
For how long have I used the solution?
We've been using the solution since 2015. It's been a few years now.
What do I think about the stability of the solution?
Microsoft so far and been good. We haven't faced any kind of disruption or anything else. It's a good product and good platform, I must say. Overall, it's a good product and good service and we haven't dealt with bugs or glitches.
What do I think about the scalability of the solution?
It's scalable. It's software as a service, so it's always scalable. You have to just purchase the additional licenses and you can increase your database. It's nothing that would be considered too difficult.
How are customer service and support?
They offer different kinds of support levels. If you have the Premier Support contract with Microsoft you're good. If you have purchased a good support level agreement with Microsoft, then their support is very fantastic. We never faced any kind of issue. The engineer is always available when we create the ticket and the support is good. Due to the fact that we are a big organization, we have a support level agreement with the Microsoft.
Which solution did I use previously and why did I switch?
Earlier, we were using the on-prem solution of Exchange, then we migrated to the cloud, so we cannot just compare the feature set and the price of Defender with any other security software, email security software.
How was the initial setup?
The initial implementation is not very difficult. Microsoft products are always very easy to configure and use. It's not a big deal. It's the philosophy of Microsoft to make it easy for the users. That's why they always attract the users and users happily migrate to them as compared to using any other product or any other service.
What's my experience with pricing, setup cost, and licensing?
I haven't actually evaluated the cost against other products. For example, it's bundled with the licenses that we have procured, so everything is included in that. We haven't purchased the Defender separately.
We cannot just say that it's a product which is costly as compared to the other products available in the market or not, as it's a bundled offer. We can calculate the price of one license or an Office 365 license with any other cloud service partner's license cost, however, we cannot just compare the price of any specific feature with the services available in the market.
Which other solutions did I evaluate?
We are not using any other product, so we are not actually in a position to compare it with other security products.
What other advice do I have?
While the deployment is a hybrid model, we have migrated all the mailboxes to Office 365. We are completely running the services from the cloud.
I'd rate the solution at a seven out of ten. there's always room for improvement.
It's a bundled offer. When we procured the licenses of Office 365, it came up under those licenses. We are not using any other product, so I cannot say or I'm not in a position to say that any other product is good or Defender is not good, as I am not using any other product.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Technology Manager at a performing arts with 51-200 employees
Easy to set up with no configuration required, and the support is good
Pros and Cons
- "The good part is that you don't have to configure it, which is very convenient."
- "We need a separate license and we don't know how to get the license that is required."
What is our primary use case?
We are using it with Laptops that go directly to the end-user. We used the Defender because it was already there.
What is most valuable?
The good part is that you don't have to configure it, which is very convenient.
What needs improvement?
We are waiting for better software to block viruses. The feedback that we receive is that it is weaker when compared with other products such as Cisco and Palo Alto.
The only concern that we have is that this product is user-based, but we have requirements to run separate PCs or servers that are not on the same subscription. We need a separate license and we don't know how to get the license that is required.
We also wonder if it can prevent attacks from new types of viruses such as Widefire.
For how long have I used the solution?
We started using Microsoft Defender for Office 365 after the pandemic started.
How are customer service and technical support?
Technical support is very good. They are knowledgeable and respond quickly.
We have had other issues with Word, but we have not had any issues with the Defender product.
Which solution did I use previously and why did I switch?
Previously, we used Symantec Endpoint Protection. They seemed to have some sort of software issue where you couldn't renew your license.
How was the initial setup?
The initial setup was quite straightforward. There was nothing complex for both IT and the user.
There is no installation, you just enable it on the cloud to have it work automatically.
It's very convenient for remote support or remote installation.
What's my experience with pricing, setup cost, and licensing?
It's a user-base subscription.
Licensing is on a monthly basis. It's part of Office 365, so you really can't tell how much it costs. It's part of the bundle.
It's difficult to compare prices with other companies.
What other advice do I have?
I feel Defender is a product that is good enough, especially for small to medium-size businesses.
I would rate this solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Microsoft Defender for Office 365 Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
Proofpoint Email Protection
Cisco Secure Email
Microsoft Exchange Online Protection (EOP)
Cloudflare One
Fortinet FortiMail
Check Point Harmony Email & Collaboration
Abnormal Security
Trend Micro Email Security
TitanHQ SpamTitan
Trellix Collaboration Security
Perception Point Advanced Email Security
Buyer's Guide
Download our free Microsoft Defender for Office 365 Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which solution do you prefer: Microsoft Defender for Office 365 or Proofpoint Email Protection?
- Is Defender for Office 365 enough? Or should we be using a product like Mimecast?
- Have you done a comparison between BeyondTrust Endpoint Privilege Management and Microsoft Defender?
- Which product do you prefer: Symantec Messaging Gateway or Microsoft Defender?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Messaging Security, what aspect do you think is the most important to look for?
- Which Email Security enterprise solution would you choose: Cisco Secure Email vs Forcepoint Email Security vs Barracuda Email Security Gateway?
- What is the best email encryption software for small enterprises using Office 365?
- What security measures should businesses prioritize to support secure remote work?
- When evaluating Email Security tools, what aspects do you think are the most important to look for?