We use Microsoft Defender for Identity to prevent user account-level attacks such as lateral move attacks and pass-the-hash attacks on our on-premises servers. We leverage its features to mitigate identity-related threats and monitor activities on Active Directory Domain Services and other servers.
Cloud Security Engineer at a non-tech company with 10,001+ employees
Real User
Top 10
2023-12-21T07:14:00Z
Dec 21, 2023
Microsoft Defender for Identity is like a personal security guard for our organization's identity. It keeps a close eye on how we use our identities across both on-premises and Azure Active Directory. If there is anything suspicious or unusual happening with our user accounts, it raises the alarm. It is a vital tool for ensuring the safety of our identity in a hybrid setup.
We mainly use the solution to ensure our security and to increase our security score. We want to understand the threats or attacks to help prevent them.
Defender for Identity provides intelligent authentication through conditional access policies and monitors user behavior. Defender looks at things like password changes and application use.
Learn what your peers think about Microsoft Defender for Identity. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Our primary use for the solution is for user and entity behavior analytics. We use multiple Microsoft security products including Defender for Endpoint and Defender for Cloud. We use Defender for Cloud for our Azure VMs, but not for the multi-cloud environment, and we don't make use of its bi-directional sync capabilities. We have integrated these products, and the integration was straightforward. These solutions work natively together to deliver coordinated detection and response across our environment, which is not the case for non-Microsoft tools. These multiple Microsoft security products provide comprehensive threat protection.
I work for a university, and we use Defender for Identity for students, faculty members, researchers, etc. It's around 4,000 end-users. We have a completely Azure-based environment, and all of our users have migrated to the cloud. While we still have some on-premise users, we have synced our user base to the Azure Active Directory in the cloud. We require identity protection because most cybersecurity cases today involve identity harvesting. Microsoft Defender for Identity proved to be the best solution for providing support for malicious identity-related issues. Our entire cloud setup is protected.
The solution provides alerts when malicious actors are active and that's something most companies are missing. Quite often, malicious actors do reconnaissance for weeks, months, and on their checkout. They get a sense of the whole environment before they execute a ransomware attack. This sensor will alert users if something like that happens and it gives you time to mitigate the issues or block the attacker.
Cyber Security BA/BSA at a insurance company with 10,001+ employees
Real User
2021-03-13T00:30:29Z
Mar 13, 2021
We are looking at this solution as a trusted tenant for our network. This way, all of the data that goes through is trusted and the communication between our on-prem system and the Azure Cloud remains protected. Our only concern is when the data leaves the Azure Cloud and goes to another third-party tenant. Azure is our trusted tenant — we trust it. We're just concerned about the data when it leaves Azure and goes to another third-party tenant. For example, if you have a SaaS solution, like Salesforce, sometimes they send data to customers. In order to do this, the data has to leave the trusted cloud tenant.
Microsoft Defender for Identity is a comprehensive security solution that helps organizations protect their identities and detect potential threats. It leverages advanced analytics and machine learning to provide real-time visibility into user activities, enabling proactive identification of suspicious behavior.
With its powerful detection capabilities, it can identify various types of attacks, including brute force, pass-the-hash, and golden ticket attacks. The solution also offers...
We use Microsoft Defender for Identity to prevent user account-level attacks such as lateral move attacks and pass-the-hash attacks on our on-premises servers. We leverage its features to mitigate identity-related threats and monitor activities on Active Directory Domain Services and other servers.
The solution is primarily used for detecting user anomalies, sign-in anomalies, user behavior analytics, and identifying business compromises.
We use the solution for PIM management, access detection, and synchronization with Intra.
Microsoft Defender for Identity is like a personal security guard for our organization's identity. It keeps a close eye on how we use our identities across both on-premises and Azure Active Directory. If there is anything suspicious or unusual happening with our user accounts, it raises the alarm. It is a vital tool for ensuring the safety of our identity in a hybrid setup.
We mainly use the solution to ensure our security and to increase our security score. We want to understand the threats or attacks to help prevent them.
Defender for Identity provides intelligent authentication through conditional access policies and monitors user behavior. Defender looks at things like password changes and application use.
Our primary use for the solution is for user and entity behavior analytics. We use multiple Microsoft security products including Defender for Endpoint and Defender for Cloud. We use Defender for Cloud for our Azure VMs, but not for the multi-cloud environment, and we don't make use of its bi-directional sync capabilities. We have integrated these products, and the integration was straightforward. These solutions work natively together to deliver coordinated detection and response across our environment, which is not the case for non-Microsoft tools. These multiple Microsoft security products provide comprehensive threat protection.
I work for a university, and we use Defender for Identity for students, faculty members, researchers, etc. It's around 4,000 end-users. We have a completely Azure-based environment, and all of our users have migrated to the cloud. While we still have some on-premise users, we have synced our user base to the Azure Active Directory in the cloud. We require identity protection because most cybersecurity cases today involve identity harvesting. Microsoft Defender for Identity proved to be the best solution for providing support for malicious identity-related issues. Our entire cloud setup is protected.
The solution provides alerts when malicious actors are active and that's something most companies are missing. Quite often, malicious actors do reconnaissance for weeks, months, and on their checkout. They get a sense of the whole environment before they execute a ransomware attack. This sensor will alert users if something like that happens and it gives you time to mitigate the issues or block the attacker.
We are looking at this solution as a trusted tenant for our network. This way, all of the data that goes through is trusted and the communication between our on-prem system and the Azure Cloud remains protected. Our only concern is when the data leaves the Azure Cloud and goes to another third-party tenant. Azure is our trusted tenant — we trust it. We're just concerned about the data when it leaves Azure and goes to another third-party tenant. For example, if you have a SaaS solution, like Salesforce, sometimes they send data to customers. In order to do this, the data has to leave the trusted cloud tenant.