Microsoft Defender Threat Intelligence Reviews

It helps to monitor by providing the best 24/7 monitoring integrated with Sentinel and IBM systems.

It works well when customers also use Azure, an added advantage. Even the cloud is from Microsoft, making it a complete Microsoft ecosystem. Sometimes, the customer has no other choice but to go with Microsoft because everything is integrated with Microsoft products. However, this can disadvantage non-Microsoft products, as they may not integrate as smoothly.

There are weaknesses, and  Microsoft is working on addressing them. Over the past three to four years, the ATP and other components have improved significantly, and the integration has also advanced.

We are using third-party services. While we have Microsoft Threat Intelligence, which leverages Microsoft's facilities, we also utilize additional third-party threat intelligence. As of today, we don't completely rely on Microsoft for certain regions. This is an area where Microsoft needs to improve. Consequently, we use Anomali, a third-party threat intelligence provider. We integrate our product's intelligence with Anomali, from which we obtain threat insights.

Microsoft products offer significant advantages, especially in the realm of threat intelligence. It works very well with Microsoft products. However, you might need additional services if you have non-Microsoft products in your environment. For instance, if you use Apple or Linux, Microsoft's solutions alone might not be sufficient.

If they can work more effectively, especially with zero-day attack speed and other sophisticated threats, it will help us provide our customers with timely newsletters about new attacks. 

I have been using Microsoft Defender Threat Intelligence as a partner and reseller.

Microsoft offers a package with a per-system cost. After discounts, it can be less than two to two and a half dollars.

Customization was not available before, but now there are many options. You can customize various features. However, there is still a long way to go regarding setting and seasons. Currently, the advanced features are perfect for Microsoft code. Defender and Second Agent Services are about integrating your team and security systems. You need to identify threats, zero-day attacks, and other issues before they occur. Your feeds and other tools can actively prevent security incidents.

 We have integration with Anomali and IBM. We use Microsoft, but on top of it, we have some additional pay. We use Microsoft 365 and cloud apps, and they are very strong.

Overall, I rate the solution a seven to eight out of ten.

The protection provided by Microsoft Defender Threat Intelligence is robust and effective.

It efficiently helped us in threat hunting.

The malware virus posed significant security challenges, but Microsoft played a pivotal role in addressing and resolving the incident.

The timeliness and accuracy of Threat Intelligence are commendable.

The primary advantage lies in its robust security and overall performance.

Its user-friendliness is its most valuable aspect. I am satisfied with its performance in general.

It would be beneficial to enhance the pricing structure and make it more affordable.

I have been using it for six months.

It provides good stability capabilities with occasional delays. I would rate it eight out of ten.

I would rate its scalability abilities eight out of ten.

I used Norton previously, but that was quite some time ago.

The initial setup was straightforward.

Deployment is quick, typically ranging from five to ten minutes. I was responsible for the deployment. First, you need to install the antivirus software on the system. Then proceed with the installation process.

It's reasonably priced, though there's room for further improvement.

I would recommend it because of its strong security and user-friendly interface. Overall, I would rate it eight out of ten.

We use it to monitor endpoints for threats and duplicates on the server and defend identity and trust.

The solution monitors threat intelligence. It provides valuable insight and visibility into malicious activity at the endpoint.

The solution could have integrated pricing. We have an enterprise license. We still need to pay to activate Defender for Trend Micro Identity. The enhanced pricing model will empower organizations to manage their security costs effectively.

The product is stable.

The solution is scalable. In our organization, ten users are using this solution.

We use Microsoft resources for access-level support.

We initially used Trend Micro to defend endpoints. It's a solution that runs concurrently with our EDR. The setup serves and trains Trend Micro and EDR so they can play complementary roles. We activate all the licenses for some activities. We're using a combination of Trend Micro EDR and Defender.

The initial setup is straightforward, and takes three days to activate it.

Since it is a cloud-based solution, you must activate and continue using the license.

If you want to activate beyond the starting threshold, you have to pay an additional fee. Combining this within the license would be more scalable, economical, and better for the organization.

Three or four people are required for the solution’s maintenance. I recommend this solution.

Since Microsoft Defender Threat Intelligence provides a high volume of recommendations, there must be a methodology for prioritizing high-risk assets and sessions. Focusing on remediating these high-risk sessions is crucial.

Overall, I rate the solution a seven out of ten.

We use the product for endpoint security of machines. It includes threat detection, defining compliance rules, and governance policies. It helps us with extracting reports as well.

The platform ensures that the environment is fully protected. Its operational excellence helps us reduce resource costs. We do not need a large team to manage security. The subscription models provide monthly and short-term -plans. We can the number of items scale according to the requirements, and dynamically adjust resources during lean periods. It doesn’t require us to purchase long-term licensing plans.

The product’s most valuable feature is the ability to provide threat detection and protection simultaneously. It doesn’t require additional power for processing similar to other products.

One area where Microsoft Defender could be improved is in its support for non-Microsoft products, particularly for systems running Linux or other open-source platforms across ecosystems.

We have been using Microsoft Defender Threat Intelligence for five years.

We have 7000 Microsoft Defender Threat Intelligence users. It scales automatically depending on the requirements. It is a highly available application.

The technical support team responds immediately to the queries.

Positive

The initial setup is straightforward. It has a good amount of documentation available to refer to the steps. It is a cloud-based application and thus, easy to implement compared to an out-of-the-box version. It can be deployed on endpoint devices as well.

The product has multiple subscription models. The pricing is expensive, but it is justifiable considering the amount of threat-related information it provides.

The platform is built for threat detection and protection. It saves the environment from zero-day attacks. It offers an intermittent mechanism for new operating system updates. It can be integrated with many enterprise-grade solutions. We can build APIs and explore the logs as well.

Microsoft Defender has played a crucial role in addressing security incidents related to auditing and compliance within our organization. During audits, a common requirement is to ensure that the environment is fully patched, updated, and compliant with all necessary security measures. With Defender in place, it allows auditors direct access to relevant reports, and verify them.

I advise others to use the product if they are planning to move to a cloud environment. It gives a sufficient amount of information or threat intelligence data.

I rate it a nine out of ten.

It can be used as an API solution to sign and send threat intelligence to a security operations center (SOC). This allows the SOC to detect and respond to threats more effectively.

Detection is good—also, analytics based on Gartner.  The solution is also well integrated with other Microsoft security products.

I would like to see more integration with other solutions. For example, integration well with Microsoft but not with other solutions. 

I have been providing this solution for one year. 

I would rate the stability a nine out of ten. We do not have a large number of users using the solution because it is not the technician's preferred solution.

We have around ten end users using this solution. 

There is no problem with scalability. The solution has a capacity of up to 10,000. 

Customer service and support are very good.

The initial setup is very easy. It just takes a few days. 

The deployment process is simple. We used Microsoft Intune, Microsoft's software distribution tool, to deploy the solution to our endpoints.

We only needed one technician for the deployment. One to manage without interrupting and to manage this solution. All our technicians manage the platform for accounts.

The ROI is good because the solution provides good protection. The solution can help you to prevent data breaches, which can save you a lot of money.

Usually, the licensing cost is yearly. But we got the solution through a solution distributor's agreement which usually helps. There are no additional costs. 

I surely recommend using this solution. The strongest point is integration capability with other Microsoft products. 

Overall, I would rate the solution a nine out of ten.  

We employ this solution within our Office 365 environment, focusing primarily on email security through features like application guard, safe attachments, and safe URLs. This setup significantly aids our cybersecurity operations, helping us mitigate various threats. The team is designing a couple of policies and will revise the usage depending on the threat.

The solution has notably improved our IT operations by facilitating seamless integration with other Microsoft tools like Intune and Azure. This integration simplifies our IT management process and enhances our overall cybersecurity framework.

The most valuable aspects are its integration capabilities with other Microsoft products like Intune, Office 365, and Azure cloud applications. The intuitive user interface and reporting are also positive features of the solution. These features provide a unified experience, making it easier for our IT team to manage and navigate between screens efficiently.

While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats. 

The stability of the solution also requires some improvement. 

Future releases could benefit from enhanced predictive analytics tools and deeper AI integration to better predict and mitigate potential threats.

I have been using Microsoft Defender Threat Intelligence for six months. My company has a partnership with Microsoft, giving us access to their latest security enhancements.

The solution is stable, scoring an eight out of ten, indicating a reliable performance with room for minor improvements.

Due to limited endpoints, scalability is not our primary concern currently. But as of now, the endpoints and the infrastructure we have are covered with the tools we already have. The existing setup adequately supports our needs without requiring significant scaling. Regularly, two hundred and fifty users use the solution.

We already have competent engineers on our team. While we rarely need external support or have raised a ticket, our interactions with Microsoft's customer service have generally been satisfactory, fulfilling most of our technical needs, if not all and the answers that we were seeking.

Positive

The setup was straightforward, aligning with our move towards cloud-based operations and authentication of our users and policies, thus simplifying the overall deployment process.

The solution is relatively expensive; however, our status as a gold partner provides us with several complimentary licenses, which offsets the cost.

Currently, we are only using Office 365 and Defender for Endpoint 32-bit. Previously, one from our management was a part of the trial, but not anymore. As we have layers of policies placed, they cover everything. 

Microsoft is very dynamic, and when it comes to their products, sometimes they change the licensing cost or the features. So, I think the product should have a license model. Since we read about Micorosft daily as users, we should be aware of the changes they bring. 

I rate the overall solution an eight out of ten. 

At our company, we use Microsoft Defender Threat Intelligence for vulnerability management. The solution's infrastructure and overall software are improving. 

A new valuable feature from the solution allows an user to close all tickets from a single console. At our company, we are also working on the CM side to analyze the solution's behavior and we have noticed that our customers prefer to use a single console. 

A stable licensing model is absent with Microsoft Defender Threat Intelligence. Implementation of the product can be difficult if the team on the customer's end is not willing to work on pilots. 

I have been using the solution for five years. 

I am satisfied with the technical support provided for the solution. I would rate technical support an eight out of ten. 

Positive

I find the Sentinel solution, its Hunting feature, automation rules, and customization rules valuable. Our company sometimes recommends Carbon Black, CrowdStrike, and Fidelis instead of Microsoft Defender Threat Intelligence because there have been fewer security incidents. 

The product can be easily implemented for customers who are already using Microsoft Cloud. For hybrid or on-prem customers of our organization, deployment is difficult. 

With Microsoft, at our company, we have one or three-year TCO, and we have to renew the license for this solution two times per year. I am looking to integrate a CRM product from Microsoft with the solution so that the pricing is more reasonable and transparent.

At our company, we are willing to integrate multiple Microsoft solutions: EDR for infrastructure and server end, another for vulnerability, and Microsoft Defender Threat Intelligence for endpoint security, and we offer the same to our customers.

The implementation cost versus the license cost needs to be analyzed for Microsoft Defender Threat Intelligence. When some of our company's customers are not comfortable with Microsoft products, we provide them with a different option. 

Real-time threat detection usage of the solution depends upon the varying strategies and maturity of our organization's customers. At our company, we are implementing the mesh as well as cybersecurity laws. Our company is focusing on implementing observations instead of threat hunting with Microsoft Defender Threat Intelligence.  

At our company, we are offering Sentinel solutions to Tier-1 customers. The integration capabilities of the solution have improved the security posture of our customers but it also depends upon the maturity. Few of the customers of our company are using an in-house solution so they are aware of the posture and the rating. Our organization offers solutions to the customers, but often, they develop their own road map for expansion. 

The actionable insights of the solution have aided in incident response by mitigating major attacks. Our company rarely utilizes customization options for the solution, as customers can start using the product comfortably in the default configuration. For vulnerability management with Microsoft Defender Threat Intelligence, our company needs to adapt and apply the processes followed by the customer's organization; there are limited opportunities for customization.

I would recommend the product to others. But as part of our company offerings, a pilot can also be provided to the customers for comparison on the KPIs. I am satisfied with the product as it meets all the expectations on the infrastructure and security aspects. A user should choose between Microsoft Defender Threat Intelligence and other competitive products after verifying the feature expectations. 

I would overall rate the product an eight out of ten. The product can be effortlessly integrated with the existing system of cloud based customers. 

I use Microsoft Defender Threat Intelligence at my home for its threat prevention and blocking capabilities.

I can't comment on the valuable features offered by Microsoft Defender Threat Intelligence as the PC at my home is currently used by my family while I use my office laptop.

In Microsoft Defender Threat Intelligence, automatic threat blocking and in-memory attacks are areas of concern where improvements are required.

The stability of the product is an area of concern where improvements are required.

I have been using Microsoft Defender Threat Intelligence for a couple of years. I am a user of the product.

It is a stable solution. I rate the product's stability a six out of ten.

It is not a scalable solution since I use it on a PC at home, so per PC, a license amount is paid.

Only one person uses the solution at my home.

The product's initial setup phase was straightforward.

The product's installation phase just requires me to enable it on my system, as Microsoft Defender Threat Intelligence is a product that came along when I purchased my laptop.

The product is deployed based on the product's licenses, so it doesn't matter whether it is deployed on an on-premises model or on the cloud.

The basic requirements offered by the product are good enough for home-based PCs.

I use the product's default version, which is a free one and not the licensed version.

I rate the overall product a six to seven out of ten.