The tool's support is an area of concern where improvements are needed. I have had issues trying to get support or even trying to get to somebody. I often give up chasing the support and end up going to Google because I can't get any help from the support team. Microsoft's intent may be to push Google to users so that they end up searching on Google about the issues and see whether anyone else has had such problems before.
Our company cannot take action remotely with Microsoft Defender for Business. If I know a computer has opened a compromised email, it is very difficult to take action from Microsoft Defender's console. The tool is mainly informative, but we cannot do updates remotely. We cannot do almost anything remotely from Microsoft Defender's console. For economic reasons, our head of service has chosen the tool because we already have Office 365. In the tool, it should be made easier to take actions from the console to the workstations. With the tool, being able to do updates, not just from Microsoft products on workstations, but also other programs should be made possible while including third-party products like Firefox, 7-Zip, and Java. In the next release, I want the tool to quarantine computers and remotely manage our workstation's Windows Firewall from the console. Workstations and computers should be able to see each other to make managing Windows Firewall easy. The tool should offer better integration with Linux servers.
Director of Infrasturcuture at a non-profit with 51-200 employees
Real User
Top 20
2024-07-22T16:59:00Z
Jul 22, 2024
The solution's AI is notorious for false positives, and the time you have to spend training it is ridiculous. I can't believe that Microsoft was using CrowdStrike, which is known for its poor execution protocols. I do not like that Microsoft does not post the changes it will make beforehand. For example, when you log in to their security portal, they will change the blades on it without any pre-warning. They are terrible at pre-communication. It's like I have to relearn once a month how to use Microsoft every time I log in. They make many changes without warning anyone or communicating with them.
The biggest one is that Defender needs to be more proactive to the emerging threats. There can be tighter integration with email, especially how it integrates with our email system, which is the Microsoft Outlook suite. There should be the ability to react a lot quicker to emerging threats because sometimes, it takes a few days before some of these new threats are fully identified, and we need that to be a few hours.
Testing and Production Engineer at a tech services company with 51-200 employees
Real User
Top 5
2023-09-06T13:32:00Z
Sep 6, 2023
Defender's threat protection should be fine-tuned to reduce false positives. It could be more targeted, reflecting a continuous evolution in detecting. Also, it could be easier to integrate into other environments.
Learn what your peers think about Microsoft Defender for Business. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Manager, Information Technology Support at Innoveo
Real User
2022-07-18T07:36:38Z
Jul 18, 2022
Defender's reporting is rather scattered, and its URL filtering mechanism doesn't really work. In the next release, I would like to see more fine-grained URL filter control and more reporting options like the ability to generate a scheduled report.
Microsoft Defender for Business is a new endpoint security solution that was designed especially for the small and medium-sized business (up to 300 employees). With this endpoint security solution, your company's devices are better protected from ransomware, malware, phishing, and other threats.
The tool's support is an area of concern where improvements are needed. I have had issues trying to get support or even trying to get to somebody. I often give up chasing the support and end up going to Google because I can't get any help from the support team. Microsoft's intent may be to push Google to users so that they end up searching on Google about the issues and see whether anyone else has had such problems before.
Our company cannot take action remotely with Microsoft Defender for Business. If I know a computer has opened a compromised email, it is very difficult to take action from Microsoft Defender's console. The tool is mainly informative, but we cannot do updates remotely. We cannot do almost anything remotely from Microsoft Defender's console. For economic reasons, our head of service has chosen the tool because we already have Office 365. In the tool, it should be made easier to take actions from the console to the workstations. With the tool, being able to do updates, not just from Microsoft products on workstations, but also other programs should be made possible while including third-party products like Firefox, 7-Zip, and Java. In the next release, I want the tool to quarantine computers and remotely manage our workstation's Windows Firewall from the console. Workstations and computers should be able to see each other to make managing Windows Firewall easy. The tool should offer better integration with Linux servers.
The solution's AI is notorious for false positives, and the time you have to spend training it is ridiculous. I can't believe that Microsoft was using CrowdStrike, which is known for its poor execution protocols. I do not like that Microsoft does not post the changes it will make beforehand. For example, when you log in to their security portal, they will change the blades on it without any pre-warning. They are terrible at pre-communication. It's like I have to relearn once a month how to use Microsoft every time I log in. They make many changes without warning anyone or communicating with them.
The biggest one is that Defender needs to be more proactive to the emerging threats. There can be tighter integration with email, especially how it integrates with our email system, which is the Microsoft Outlook suite. There should be the ability to react a lot quicker to emerging threats because sometimes, it takes a few days before some of these new threats are fully identified, and we need that to be a few hours.
Defender's threat protection should be fine-tuned to reduce false positives. It could be more targeted, reflecting a continuous evolution in detecting. Also, it could be easier to integrate into other environments.
We faced some issues while running some applications on Mac.
The security could always be improved. It could have better DLP. For example, we find that Sopho offers better DLP for businesses.
Defender's reporting is rather scattered, and its URL filtering mechanism doesn't really work. In the next release, I would like to see more fine-grained URL filter control and more reporting options like the ability to generate a scheduled report.