We use the software to scan malware for email attachments by identifying and blocking phishing emails.
IT Security Manager at LIVING GOODS
Stable software with valuable malware-scanning features
Pros and Cons
- "The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes."
- "The software is expensive."
What is our primary use case?
What is most valuable?
The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes.
What needs improvement?
The software is expensive.
For how long have I used the solution?
We have been using Microsoft Defender Threat Intelligence for almost a year now.
Buyer's Guide
Microsoft Defender Threat Intelligence
November 2024
Learn what your peers think about Microsoft Defender Threat Intelligence. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
The software is stable, similar to Office 365.
What do I think about the scalability of the solution?
We have 400 Microsoft Defender Threat Intelligence users. It is a scalable product. However, the cost increases as we increase the number of users.
How are customer service and support?
We receive technical support services via the integrator as well as the vendor.
How was the initial setup?
The software is deployed on the cloud. The setup requires technical knowledge or assistance from the integrators.
What was our ROI?
The product generates ROI for securing the company resources at minimum cost. We don't need to employ two to three analysts for this purpose.
What's my experience with pricing, setup cost, and licensing?
It is an expensive product. We purchase its yearly license.
Which other solutions did I evaluate?
We evaluated a few products before.
What other advice do I have?
I rate Microsoft Defender Threat Intelligence a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Manager at Yarix S.r.l.
Efficient threat detection capabilities and highly scalable solution
Pros and Cons
- "The solution is well integrated with other Microsoft security products."
- "I would like to see more integration with other solutions. For example, integration well with Microsoft but not with other solutions."
What is our primary use case?
It can be used as an API solution to sign and send threat intelligence to a security operations center (SOC). This allows the SOC to detect and respond to threats more effectively.
What is most valuable?
Detection is good—also, analytics based on Gartner. The solution is also well integrated with other Microsoft security products.
What needs improvement?
I would like to see more integration with other solutions. For example, integration well with Microsoft but not with other solutions.
For how long have I used the solution?
I have been providing this solution for one year.
What do I think about the stability of the solution?
I would rate the stability a nine out of ten. We do not have a large number of users using the solution because it is not the technician's preferred solution.
We have around ten end users using this solution.
What do I think about the scalability of the solution?
There is no problem with scalability. The solution has a capacity of up to 10,000.
How are customer service and support?
Customer service and support are very good.
How was the initial setup?
The initial setup is very easy. It just takes a few days.
What about the implementation team?
The deployment process is simple. We used Microsoft Intune, Microsoft's software distribution tool, to deploy the solution to our endpoints.
We only needed one technician for the deployment. One to manage without interrupting and to manage this solution. All our technicians manage the platform for accounts.
What was our ROI?
The ROI is good because the solution provides good protection. The solution can help you to prevent data breaches, which can save you a lot of money.
What's my experience with pricing, setup cost, and licensing?
Usually, the licensing cost is yearly. But we got the solution through a solution distributor's agreement which usually helps. There are no additional costs.
What other advice do I have?
I surely recommend using this solution. The strongest point is integration capability with other Microsoft products.
Overall, I would rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Microsoft Defender Threat Intelligence
November 2024
Learn what your peers think about Microsoft Defender Threat Intelligence. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Cyber Security Manager at a manufacturing company with 1,001-5,000 employees
Good threat intelligence, straightforward to set up and integrates across the whole Defender suite
Pros and Cons
- "The user interface is pretty user-friendly."
- "Technical support could be a bit better."
What is our primary use case?
We primarily use the solution not necessarily from a user point of view. Rather, we use it from an admin point of view. For example, the Log4j vulnerability. Last year, they released threat intelligence information on that vulnerability, put out the protections quickly, and updated their TVM module. It can easily identify what things are vulnerable and what assets you have that are vulnerable to attacks.
What is most valuable?
They seem to be pretty up to date with the latest threats in the world. That's a pretty good aspect.
The threat intelligence piece is pretty good.
The user interface is pretty user-friendly.
The integration integrates across the whole Defender suite, so that's pretty good.
It's very straightforward to set up.
The product scales well.
What needs improvement?
I cannot recall any issues we've encountered or areas that need improvement.
Technical support could be a bit better.
Clients might prefer a lowering of the price.
For how long have I used the solution?
I've used the solution for probably over four years.
What do I think about the stability of the solution?
The stability has been pretty good. I'd rate it nine out of ten in terms of its reliability. The performance has been great.
What do I think about the scalability of the solution?
It's very easy to scale as needed.
We're across the Defender Suite. In terms of analysts that use it, there are five of us.
How are customer service and support?
Technical support is okay. It could be better.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We pretty much use all Microsoft, so not much else is used. We use
Defender for everything, so Defender for the cloud app, Defender for Cloud, Defender for Android and Defender for IOS, Defender for Identity, and others. We also use Microsoft Sentinel. It's all Microsoft stuff.
How was the initial setup?
The solution is very straightforward. It's easy to set up.
What's my experience with pricing, setup cost, and licensing?
It's bundled into an E5 license, so it comes with a bunch of other things as well. I'd say it's fairly well-priced.
Which other solutions did I evaluate?
We did compare Microsoft Defender Threat Intelligence with ESET and Kaspersky, among others. Defender is not necessarily better. However, it just suits our security strategy and risk appetite.
What other advice do I have?
We have a partnership with Microsoft.
I'd rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Risk Operations at Stripe
The intuitive user interface and reporting are positive features
Pros and Cons
- "The most valuable aspects are its integration capabilities with other Microsoft products like Intune, Office 365, and Azure cloud applications."
- "While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats."
What is our primary use case?
We employ this solution within our Office 365 environment, focusing primarily on email security through features like application guard, safe attachments, and safe URLs. This setup significantly aids our cybersecurity operations, helping us mitigate various threats. The team is designing a couple of policies and will revise the usage depending on the threat.
How has it helped my organization?
The solution has notably improved our IT operations by facilitating seamless integration with other Microsoft tools like Intune and Azure. This integration simplifies our IT management process and enhances our overall cybersecurity framework.
What is most valuable?
The most valuable aspects are its integration capabilities with other Microsoft products like Intune, Office 365, and Azure cloud applications. The intuitive user interface and reporting are also positive features of the solution. These features provide a unified experience, making it easier for our IT team to manage and navigate between screens efficiently.
What needs improvement?
While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats.
The stability of the solution also requires some improvement.
Future releases could benefit from enhanced predictive analytics tools and deeper AI integration to better predict and mitigate potential threats.
For how long have I used the solution?
I have been using Microsoft Defender Threat Intelligence for six months. My company has a partnership with Microsoft, giving us access to their latest security enhancements.
What do I think about the stability of the solution?
The solution is stable, scoring an eight out of ten, indicating a reliable performance with room for minor improvements.
What do I think about the scalability of the solution?
Due to limited endpoints, scalability is not our primary concern currently. But as of now, the endpoints and the infrastructure we have are covered with the tools we already have. The existing setup adequately supports our needs without requiring significant scaling. Regularly, two hundred and fifty users use the solution.
How are customer service and support?
We already have competent engineers on our team. While we rarely need external support or have raised a ticket, our interactions with Microsoft's customer service have generally been satisfactory, fulfilling most of our technical needs, if not all and the answers that we were seeking.
How would you rate customer service and support?
Positive
How was the initial setup?
The setup was straightforward, aligning with our move towards cloud-based operations and authentication of our users and policies, thus simplifying the overall deployment process.
What's my experience with pricing, setup cost, and licensing?
The solution is relatively expensive; however, our status as a gold partner provides us with several complimentary licenses, which offsets the cost.
What other advice do I have?
Currently, we are only using Office 365 and Defender for Endpoint 32-bit. Previously, one from our management was a part of the trial, but not anymore. As we have layers of policies placed, they cover everything.
Microsoft is very dynamic, and when it comes to their products, sometimes they change the licensing cost or the features. So, I think the product should have a license model. Since we read about Micorosft daily as users, we should be aware of the changes they bring.
I rate the overall solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: May 30, 2024
Flag as inappropriateFounder & CEO at a consultancy with 1-10 employees
Offers effortless integration with cloud-based infrastructure and can mitigate attacks with actionable insights
Pros and Cons
- "Offers easy integration with a cloud-based infrastructure"
- "A stable licensing model is absent"
What is our primary use case?
At our company, we use Microsoft Defender Threat Intelligence for vulnerability management. The solution's infrastructure and overall software are improving.
What is most valuable?
A new valuable feature from the solution allows an user to close all tickets from a single console. At our company, we are also working on the CM side to analyze the solution's behavior and we have noticed that our customers prefer to use a single console.
What needs improvement?
A stable licensing model is absent with Microsoft Defender Threat Intelligence. Implementation of the product can be difficult if the team on the customer's end is not willing to work on pilots.
For how long have I used the solution?
I have been using the solution for five years.
How are customer service and support?
I am satisfied with the technical support provided for the solution. I would rate technical support an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I find the Sentinel solution, its Hunting feature, automation rules, and customization rules valuable. Our company sometimes recommends Carbon Black, CrowdStrike, and Fidelis instead of Microsoft Defender Threat Intelligence because there have been fewer security incidents.
How was the initial setup?
The product can be easily implemented for customers who are already using Microsoft Cloud. For hybrid or on-prem customers of our organization, deployment is difficult.
What's my experience with pricing, setup cost, and licensing?
With Microsoft, at our company, we have one or three-year TCO, and we have to renew the license for this solution two times per year. I am looking to integrate a CRM product from Microsoft with the solution so that the pricing is more reasonable and transparent.
At our company, we are willing to integrate multiple Microsoft solutions: EDR for infrastructure and server end, another for vulnerability, and Microsoft Defender Threat Intelligence for endpoint security, and we offer the same to our customers.
The implementation cost versus the license cost needs to be analyzed for Microsoft Defender Threat Intelligence. When some of our company's customers are not comfortable with Microsoft products, we provide them with a different option.
What other advice do I have?
Real-time threat detection usage of the solution depends upon the varying strategies and maturity of our organization's customers. At our company, we are implementing the mesh as well as cybersecurity laws. Our company is focusing on implementing observations instead of threat hunting with Microsoft Defender Threat Intelligence.
At our company, we are offering Sentinel solutions to Tier-1 customers. The integration capabilities of the solution have improved the security posture of our customers but it also depends upon the maturity. Few of the customers of our company are using an in-house solution so they are aware of the posture and the rating. Our organization offers solutions to the customers, but often, they develop their own road map for expansion.
The actionable insights of the solution have aided in incident response by mitigating major attacks. Our company rarely utilizes customization options for the solution, as customers can start using the product comfortably in the default configuration. For vulnerability management with Microsoft Defender Threat Intelligence, our company needs to adapt and apply the processes followed by the customer's organization; there are limited opportunities for customization.
I would recommend the product to others. But as part of our company offerings, a pilot can also be provided to the customers for comparison on the KPIs. I am satisfied with the product as it meets all the expectations on the infrastructure and security aspects. A user should choose between Microsoft Defender Threat Intelligence and other competitive products after verifying the feature expectations.
I would overall rate the product an eight out of ten. The product can be effortlessly integrated with the existing system of cloud based customers.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Last updated: May 22, 2024
Flag as inappropriateHelps us with threat detection; and it just runs in the background
Pros and Cons
- "It just runs in the background. I don't have to worry about, making sure it's Intelligence. So, you know, this kind of makes it very easy, have to worry about installing. It is easy to use."
- "I would like for there to be extra confirmation that there aren't viruses. Even if the virus detection software is always running there could be hidden applications that are using the computer."
What is our primary use case?
We use Defender Threat Intelligence for threat detection.
What is most valuable?
The most valuable aspect is that it just runs in the background. I don't have to worry about its intelligence. It is easy to use.
What needs improvement?
I would like for there to be extra confirmation that there aren't viruses. Even if the virus detection software is always running there could be hidden applications that are using the computer.
For how long have I used the solution?
I have been using Microsoft Defender Threat Intelligence for three years.
What do I think about the stability of the solution?
It is a stable solution. I rate the stability nine out of ten.
How are customer service and support?
The technical support is good. They are good at fixing any issues we have.
How was the initial setup?
The initial setup is easy.
What's my experience with pricing, setup cost, and licensing?
The pricing of the solution is good.
What other advice do I have?
Overall I would rate the solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 18, 2024
Flag as inappropriateComputer Networks and Systems Support Engineer at a real estate/law firm with 11-50 employees
Provides email protection, threat intelligence, and vulnerability scanning
Pros and Cons
- "The solution is one suite covering everything from email protection to threat intelligence and vulnerability scanning."
- "I would like to see more frequent updates, which is always better for security because of daily threats."
What is most valuable?
The solution is one suite covering everything from email protection to threat intelligence and vulnerability scanning. Microsoft keeps adding more features to the tool, and through one interface, you can see the whole attack path, the assets involved, and the users involved. It's a very good product if you're using mainly Microsoft products. Most of our machines are Microsoft Windows and Microsoft Windows servers.
What needs improvement?
I would like to see more frequent updates, which is always better for security because of daily threats.
What do I think about the stability of the solution?
Since it's cloud-based, the tool is mostly available. If an on-premises solution goes down, it only affects a few people, but if a cloud solution is down, it affects most customers. So, Microsoft is investing a lot in the stability and resilience of the solution. Microsoft Defender Threat Intelligence is a very stable solution.
What do I think about the scalability of the solution?
Microsoft Defender Threat Intelligence is a scalable solution. You just keep installing agents on the extra new machines in your network, and it automatically starts working. Around 100 users are using the solution in our organization.
How are customer service and support?
We have a support structure not directly with Microsoft but with one local vendor who has partnered with Microsoft. Their knowledge base, information, and training are all very good.
Which solution did I use previously and why did I switch?
I have previously worked with Sophos.
How was the initial setup?
The solution's initial setup is straightforward.
What's my experience with pricing, setup cost, and licensing?
On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a six or seven out of ten.
What other advice do I have?
Since the solution is more linked with Microsoft products, it gives you notifications of vulnerabilities, threats, or attacks happening currently. It flags them, and you can break them down to learn which asset or process started it. You can configure the product to report the same situation or similar alerts as false positives and not flag them. They are part of the business application
You can apply these rules to all the machines in the network because you would have similar users on other machines doing the same thing. If you see a threat or suspicious action, you can configure the tool to block the whole thing and apply the same rule on all the machines.
Microsoft is the market leader, and it's already innovating, adding more features, and integrating everything with its other products. The solution provides value for money. Microsoft had a different version for small licenses and introduced a new licensing structure so that small companies could have additional features at less cost. Otherwise, they would have to buy a really expensive license for big organizations.
Microsoft brought additional features into a small license for small and medium businesses. Microsoft keeps adding value to its products.
With Microsoft Defender Threat Intelligence, you have one product and one console to see everything. You don't have to buy multiple products to look at different security aspects. Microsoft keeps adding features to the product that are more than enough to monitor your entire suite.
Users have to learn the product and get free training and certification. It's always better to have training provided by the vendor. Very few market leaders invest in providing training.
Overall, I rate the solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jun 13, 2024
Flag as inappropriateSystem and network security engineer at Central Bank of Nigeria
Assesses machines for vulnerabilities and gives remediations
Pros and Cons
- "Microsoft Defender Threat Intelligence assesses machines for vulnerabilities and gives remediations."
- "The tool's onboarding of users that use on-premise or hybrid environments needs to be improved."
What is our primary use case?
We use Microsoft Defender Threat Intelligence for security. It alerts us on anomalies.
What is most valuable?
Microsoft Defender Threat Intelligence assesses machines for vulnerabilities and gives remediations.
What needs improvement?
The tool's onboarding of users that use on-premise or hybrid environments needs to be improved.
For how long have I used the solution?
I have been using the product for six years.
What do I think about the stability of the solution?
I rate the product's stability a nine out of ten.
What do I think about the scalability of the solution?
Microsoft Defender Threat Intelligence is scalable. My company has 7000 users for it.
How was the initial setup?
Microsoft Defender Threat Intelligence's deployment is not straightforward.
What was our ROI?
We have seen ROI with the product's use.
What's my experience with pricing, setup cost, and licensing?
The tool is expensive as a stand-alone solution. However, it is not cheap when you purchase it as a bundle.
What other advice do I have?
I rate Microsoft Defender Threat Intelligence a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Microsoft Defender Threat Intelligence Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Advanced Threat Protection (ATP) Threat Intelligence Platforms Microsoft Security SuitePopular Comparisons
Microsoft Defender for Office 365
Palo Alto Networks VM-Series
Buyer's Guide
Download our free Microsoft Defender Threat Intelligence Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How much do independent test results affect your security purchases?
- Holding Security Vendors Accountable
- What can businesses do to improve their security posture?
- When evaluating Advanced Threat Protection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- Compromise Assessment vs Threat Hunting
- What are the main evaluation criteria for you when choosing the right vendor for brand protection services?
- Why is ATP (Advanced Threat Protection) important for companies?