Try our new research platform with insights from 80,000+ expert users
IT infrastructure lead at 0
Real User
Top 5
Provides an ease of deployment and efficient security features
Pros and Cons
  • "The product is stable."
  • "There could be a better notification system."

What is our primary use case?

The product helps us monitor business devices for authentication and response on all endpoints, servers, passwords, and plans.

How has it helped my organization?

The primary value is enhanced security and efficient incident response. The integration with Microsoft infrastructure provides a seamless experience.

What is most valuable?

The product's ease of deployment is a major advantage, as it integrates seamlessly with our existing systems. The dashboard and backend profile provide comprehensive visibility into user activities and potential threats. Additionally, the product offers valuable security insights and advice on areas for improvement.

What needs improvement?

There could be a better notification system. Currently, the user sees an icon, but it would be beneficial to have messages prompting them to contact IT immediately or take their device offline if necessary.

I would like to see more system automation actions, such as user-initiated tests or more proactive alerts.

Buyer's Guide
Microsoft Defender Threat Intelligence
November 2024
Learn what your peers think about Microsoft Defender Threat Intelligence. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Microsoft Threat Intelligence for a few years now. 

What do I think about the stability of the solution?

The product is stable. 

What do I think about the scalability of the solution?

Scalability is quite flexible and depends on purchasing the appropriate licenses for the company.

How was the initial setup?

The setup is straightforward, typically taking about 15 minutes to an hour. The system allows for smooth switching between devices, whether online or offline.

What's my experience with pricing, setup cost, and licensing?

The product is a part of my Microsoft 365 subscription, so there is no additional cost. It is cost-effective.

What other advice do I have?

Unless you have very complex requirements, if you are already paying for a Microsoft subscription, you should take advantage of Microsoft Defender.

I rate it a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
James Selby - PeerSpot reviewer
Manager Security Division at Virtual-IT
MSP
Top 5Leaderboard
Offers multiple security components, including email security, local firewall, and anti-malware
Pros and Cons
  • "The global review and remediation of malicious code is probably the most valuable feature."
  • "Microsoft itself is a major target for attacks and threats due to its size and popularity. That could be considered Microsoft's Achilles heel."

What is our primary use case?

From a threat intelligence perspective, we use Microsoft Defender in conjunction with Azure and the cloud for our cloud-based customers. It helps us defend against various types of malicious code, whether it's through email inbounds or uploaded through USB sticks. It offers a wide range of capabilities.

What is most valuable?

Microsoft Defender is delivered in different components. One of them is the Microsoft community, where they share information about discovered malicious code, and remediation is promptly provided. This collaborative approach ensures that threats found in one country can be quickly addressed in other countries.

The global review and remediation of malicious code is probably the most valuable feature.

What needs improvement?

It's difficult to provide direct feedback to Microsoft, even as a Microsoft partner. However, the community out there supports and assists each other if that helps.

Microsoft itself is a major target for attacks and threats due to its size and popularity. That could be considered Microsoft's Achilles heel. Being the largest technology provider attracts significant threats. Microsoft is constantly fighting against threat actors trying to breach its technology. So by being the biggest, you attract the biggest threats.

I believe Microsoft could play more nicely with other IT security vendors. Currently, if you want your technology to integrate with Microsoft, you have to go through an extensive testing program to ensure compatibility with Azure. So, even the partnership program could be more efficient, allowing for smoother integration.

For how long have I used the solution?

I've been working with it since its inception. I've been involved in IT security for over thirty years, so I've seen it evolve.

What do I think about the stability of the solution?

If I were to rate the stability, I would say it's around an eight. However, there are occasional outages in Microsoft 365. So, stability can vary depending on the region, and there are instances of outages.

What do I think about the scalability of the solution?

I would give it an eight, without a doubt. It's highly scalable. Microsoft Defender can fulfill the needs of both small businesses and enterprise businesses effectively.

How are customer service and support?

Directly contacting Microsoft can be quite challenging. However, there is a community platform where users can find resolutions to specific issues. Microsoft also has an extensive patching program, and Microsoft releases updates to its solutions on the first Tuesday of every month.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Microsoft Defender is comprehensive. It covers areas such as email security, local firewall, and anti-malware. It's a comprehensive solution with different components within Defender. It also supports the operating system, Windows 11. 

It's not limited to a single function. Defender encompasses various security aspects, like email security, local firewall, and anti-malware. Moreover, it's designed to work seamlessly with Windows 11.

How was the initial setup?

On a scale of one to ten, where one is the most difficult and ten is the easiest, I would say it's around a seven or eight. No software is perfect, including Microsoft.

Most organizations are moving to the cloud now, so the majority of deployments are in the cloud. However, we don't provide extensive support for that. The deployment depends on how the customer wants to set it up. A lot of it is in the private cloud, but it is essentially in public areas. It's a combination of both.

What about the implementation team?

The deployment process can vary, but on average, it can take anywhere from two to twenty-four hours, depending on the tenant and whether it's a single or multiple tenancy setup. So, it depends on the specific circumstances.

What's my experience with pricing, setup cost, and licensing?

Considering Microsoft is constantly changing licensing, I would give it a seven out of ten. It can be difficult to get your head around it, especially for small to medium-sized enterprises (SMEs) like most of my clients. We typically deal with E3 licensing rather than the larger corporate E5 licensing.

So, the pricing is subject to changes, and it can be complex, especially for SMEs. It's traditionally based on E3 licensing for our clients.

Which other solutions did I evaluate?


What other advice do I have?

I wouldn't always advise my clients to exclusively rely on Microsoft products. However, they should derive maximum benefits from the licensing they pay for. For example, you can't simply purchase Defender on its own because it's bundled with the operating system. So, that question loses some relevance since you already have it regardless of choice. So, the value of Defender is already included with the operating system, and users don't have the option to choose whether to have it or not.

However, you can explore other solutions to enhance the security of Windows 11 or Windows 10, such as cloud-based options. But I would suggest making the most out of Defender. If you encounter any limitations, then you can consider other technologies to fill those gaps. So, it's about maximizing the potential of Defender and, if necessary, supplementing it with additional technologies.

You have the option to bolster the security of your Windows system with other solutions if needed, but Defender should be your primary focus.

Overall, I would rate it an eight out of ten because it is bundled with Windows OS. However, it doesn't cover all threats, and it remains a target for threat actors. So, depending on your business needs and the specific areas where Defender falls short in delivering effective security, you may need to supplement it with other technologies to strengthen your overall security position.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Buyer's Guide
Microsoft Defender Threat Intelligence
November 2024
Learn what your peers think about Microsoft Defender Threat Intelligence. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
TapabrataSamanta - PeerSpot reviewer
Lead Architect at Zones
MSP
Top 5
A cost-effective solution for monitoring and security but lacks supports for non-Microsoft products
Pros and Cons
  • "It helps to monitor by providing the best 24/7 monitoring integrated with Sentinel and IBM systems."
  • "Non-Microsoft products may not integrate as smoothly."

How has it helped my organization?

It helps to monitor by providing the best 24/7 monitoring integrated with Sentinel and IBM systems.

What is most valuable?

It works well when customers also use Azure, an added advantage. Even the cloud is from Microsoft, making it a complete Microsoft ecosystem. Sometimes, the customer has no other choice but to go with Microsoft because everything is integrated with Microsoft products. However, this can disadvantage non-Microsoft products, as they may not integrate as smoothly.

What needs improvement?

There are weaknesses, and  Microsoft is working on addressing them. Over the past three to four years, the ATP and other components have improved significantly, and the integration has also advanced.

We are using third-party services. While we have Microsoft Threat Intelligence, which leverages Microsoft's facilities, we also utilize additional third-party threat intelligence. As of today, we don't completely rely on Microsoft for certain regions. This is an area where Microsoft needs to improve. Consequently, we use Anomali, a third-party threat intelligence provider. We integrate our product's intelligence with Anomali, from which we obtain threat insights.

Microsoft products offer significant advantages, especially in the realm of threat intelligence. It works very well with Microsoft products. However, you might need additional services if you have non-Microsoft products in your environment. For instance, if you use Apple or Linux, Microsoft's solutions alone might not be sufficient.

If they can work more effectively, especially with zero-day attack speed and other sophisticated threats, it will help us provide our customers with timely newsletters about new attacks. 

For how long have I used the solution?

I have been using Microsoft Defender Threat Intelligence as a partner and reseller.

What's my experience with pricing, setup cost, and licensing?

Microsoft offers a package with a per-system cost. After discounts, it can be less than two to two and a half dollars.

What other advice do I have?

Customization was not available before, but now there are many options. You can customize various features. However, there is still a long way to go regarding setting and seasons. Currently, the advanced features are perfect for Microsoft code. Defender and Second Agent Services are about integrating your team and security systems. You need to identify threats, zero-day attacks, and other issues before they occur. Your feeds and other tools can actively prevent security incidents.

 We have integration with Anomali and IBM. We use Microsoft, but on top of it, we have some additional pay. We use Microsoft 365 and cloud apps, and they are very strong.

Overall, I rate the solution a seven to eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
Deputy Manager - Radio Frequency Planning at RF-SMART
Real User
Top 5Leaderboard
Highly effective safeguarding against cyber threats with robust security features, timely threat intelligence and efficient performance
Pros and Cons
  • "Its user-friendliness is its most valuable aspect."
  • "It would be beneficial to enhance the pricing structure and make it more affordable."

What is our primary use case?

The protection provided by Microsoft Defender Threat Intelligence is robust and effective.

How has it helped my organization?

It efficiently helped us in threat hunting.

The malware virus posed significant security challenges, but Microsoft played a pivotal role in addressing and resolving the incident.

The timeliness and accuracy of Threat Intelligence are commendable.

The primary advantage lies in its robust security and overall performance.

What is most valuable?

Its user-friendliness is its most valuable aspect. I am satisfied with its performance in general.

What needs improvement?

It would be beneficial to enhance the pricing structure and make it more affordable.

For how long have I used the solution?

I have been using it for six months.

What do I think about the stability of the solution?

It provides good stability capabilities with occasional delays. I would rate it eight out of ten.

What do I think about the scalability of the solution?

I would rate its scalability abilities eight out of ten.

Which solution did I use previously and why did I switch?

I used Norton previously, but that was quite some time ago.

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

Deployment is quick, typically ranging from five to ten minutes. I was responsible for the deployment. First, you need to install the antivirus software on the system. Then proceed with the installation process.

What's my experience with pricing, setup cost, and licensing?

It's reasonably priced, though there's room for further improvement.

What other advice do I have?

I would recommend it because of its strong security and user-friendly interface. Overall, I would rate it eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
MOHAMEDTRABELSI - PeerSpot reviewer
Senior infrastructure engineer at Cubic Information Systems
Real User
Top 5Leaderboard
Has efficient antivirus features and a simple setup process
Pros and Cons
  • "The product provides efficient email security for sending links and file attachments."
  • "We encounter problems connecting the product deployed on the user endpoints with the servers."

What is our primary use case?

We use the product as a defender for Office 365, endpoints, and security-dependable cloud apps.

What is most valuable?

The product provides efficient email security for sending links and file attachments. It has valuable features for anti-spam and antivirus. It integrates well with Microsoft Sentinel as well.

What needs improvement?

We encounter problems connecting the product deployed on the user endpoints with the servers. Additionally, the license model for the servers needs improvement.

For how long have I used the solution?

We have been using Microsoft Defender Threat Intelligence for two years.

What do I think about the stability of the solution?

It is a very stable product.

What do I think about the scalability of the solution?

Microsoft Defender Threat Intelligence is scalable.

How was the initial setup?

The initial setup is simple. However, it takes a lot of bandwidth to scan the device. It is challenging to deploy backups of thousands of computers. We have to configure the integration between the Defender for the endpoint and the server. The deployment and maintenance process requires one technical engineer to troubleshoot issues by reviewing PCs and setups.

What's my experience with pricing, setup cost, and licensing?

They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses.

Which other solutions did I evaluate?

I have evaluated Kaspersky.

What other advice do I have?

I advise others to develop a good infrastructure and a vision for security before deploying any product. I rate Microsoft Defender Threat Intelligence a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2075328 - PeerSpot reviewer
Operational Cyber Security Specialist at a non-profit with 1,001-5,000 employees
Real User
Highly scalable and stable solution
Pros and Cons
  • "It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company."
  • "It's a bit complicated to manage because you have many dependencies of servers, many dependencies in queue, and so on. Entries or different endpoints, and you make different configuration topics for each one. So that's a major problem."

What is our primary use case?

We use it for Cloud Security and Endpoint Protection. We have offices in each country on the planet. And so we have many, many, many external people who work with this solution. 

What needs improvement?

It's a bit complicated to manage because you have many dependencies of servers, many dependencies in queue, and so on. Entries or different endpoints, and you make different configuration topics for each one. So that's a major problem.

I would like to see a feature that would allow us to easily manage our Defender configurations.

It needs high-level administration.

For how long have I used the solution?

We have been using it for about six months.

What do I think about the stability of the solution?

It is a very stable product.

What do I think about the scalability of the solution?

It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company.

Which solution did I use previously and why did I switch?

I used Trend Micro. Trend Micro has an easier grid, but the functions are the same.

The advantage is to have only one vendor, which provides Office tickets, communication, storage, and cloud. It's just one solution from one end, from one provider.

How was the initial setup?

We have our documents and processes in the cloud, in the Microsoft cloud.

The maintenance is done by Microsoft. We are on-premises, and our configuration allows access outside the company's local data center.

What other advice do I have?

I would recommend using this solution. It works. We have no problems with it.

Overall, I would rate the solution an eight out of ten. 

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Deputy Manager (Network & Security) at Tata Projects Limited
Real User
Top 10
Has efficient report-generating features and good stability
Pros and Cons
  • "The technical support services are excellent."
  • "There could be AI functionality included for features like reporting and dashboard preparation."

What is our primary use case?

We use the product to capture the logs, collect data, and understand patterns.

How has it helped my organization?

The product provides smooth functioning for our service desk and the technical team. It helps in efficiently generating reports to update the management.

What needs improvement?

There could be AI functionality included for features like reporting and dashboard preparation.

For how long have I used the solution?

We have been using Microsoft Defender Threat Intelligence for more than a year.

What do I think about the stability of the solution?

The product has high stability.

What do I think about the scalability of the solution?

The product has high scalability.

How are customer service and support?

The technical support services are excellent.

How was the initial setup?

The initial setup process is straightforward. It took us three months to deploy.

What about the implementation team?

We implemented the product with the help of an integrator.

What was our ROI?

Microsoft Defender Threat Intelligence generates a good return on investment.

What's my experience with pricing, setup cost, and licensing?

The product’s pricing is worth it.

What other advice do I have?

I recommend Microsoft Defender Threat Intelligence to others and rate it a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
DineshKumar25 - PeerSpot reviewer
Solution architect at Rackspace
MSP
Top 5
Provides threat detection capabilities and protects the environment from zero-day attacks
Pros and Cons
  • "The product’s most valuable feature is the ability to provide threat detection and protection simultaneously."
  • "One area where Microsoft Defender could be improved is in its support for non-Microsoft products, particularly for systems running Linux or other open-source platforms across ecosystems."

What is our primary use case?

We use the product for endpoint security of machines. It includes threat detection, defining compliance rules, and governance policies. It helps us with extracting reports as well.

How has it helped my organization?

The platform ensures that the environment is fully protected. Its operational excellence helps us reduce resource costs. We do not need a large team to manage security. The subscription models provide monthly and short-term -plans. We can the number of items scale according to the requirements, and dynamically adjust resources during lean periods. It doesn’t require us to purchase long-term licensing plans.

What is most valuable?

The product’s most valuable feature is the ability to provide threat detection and protection simultaneously. It doesn’t require additional power for processing similar to other products.

What needs improvement?

One area where Microsoft Defender could be improved is in its support for non-Microsoft products, particularly for systems running Linux or other open-source platforms across ecosystems.

For how long have I used the solution?

We have been using Microsoft Defender Threat Intelligence for five years.

What do I think about the scalability of the solution?

We have 7000 Microsoft Defender Threat Intelligence users. It scales automatically depending on the requirements. It is a highly available application.

How are customer service and support?

The technical support team responds immediately to the queries.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward. It has a good amount of documentation available to refer to the steps. It is a cloud-based application and thus, easy to implement compared to an out-of-the-box version. It can be deployed on endpoint devices as well.

What's my experience with pricing, setup cost, and licensing?

The product has multiple subscription models. The pricing is expensive, but it is justifiable considering the amount of threat-related information it provides.

What other advice do I have?

The platform is built for threat detection and protection. It saves the environment from zero-day attacks. It offers an intermittent mechanism for new operating system updates. It can be integrated with many enterprise-grade solutions. We can build APIs and explore the logs as well.

Microsoft Defender has played a crucial role in addressing security incidents related to auditing and compliance within our organization. During audits, a common requirement is to ensure that the environment is fully patched, updated, and compliant with all necessary security measures. With Defender in place, it allows auditors direct access to relevant reports, and verify them.

I advise others to use the product if they are planning to move to a cloud environment. It gives a sufficient amount of information or threat intelligence data.

I rate it a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user