Supervisor, Information Technology at Hung Hing Printing Group Ltd
Real User
Top 20
2024-10-02T09:54:00Z
Oct 2, 2024
Sometimes, phishing emails manage to pass through the filter, so the system needs to enhance its phishing email detection capabilities. We also need alerting features for abnormal actions like unusual logins or abnormal activities in the mailbox.
Cloud Security Specialist at a tech services company with 1-10 employees
Real User
Top 20
2024-05-24T09:46:00Z
May 24, 2024
Microsoft Defender for Cloud Apps is a very good solution that allows you to use a single port or tool to control everything happening with your organization's different cloud applications. Configuring the default strategies and policies in Microsoft Defender for Cloud Apps generates a lot of noise and false positives. Also, the documentation does not have many details about that. The bad configuration and lack of good documentation prevent professionals from taking the most advantage of this tool. One of the big problems that some customers face is that Microsoft always changes its products' names. For example, four to six months ago, Microsoft Defender for Office 365 was renamed Microsoft Defender XDR. Microsoft comes up with a new name for the tool every one or two years, which sometimes is hard for customers to follow. Microsoft should improve some integrations in the Microsoft Defender for Cloud Apps sub-category. With a specific configuration to Microsoft Defender for Endpoint, we can get logs and insights from network devices and other workloads on our system.
IT Director at a energy/utilities company with 11-50 employees
Real User
Top 10
2023-08-08T15:28:00Z
Aug 8, 2023
Microsoft Defender for Office 365 lacks proactivity in assisting us with preparing for potential threats before they occur. While they employ a substantial amount of threat intelligence to preemptively prevent incidents, their effectiveness diminishes when it comes to delivering proactive threat intelligence alerts from Microsoft. Their focus primarily revolves around managing the internal environment. On the other hand, my other vendor, Check Point, along with my membership in MS-ISAC, supplements me with this type of information. The phishing and spam filters could use some improvement. It is adequate, but it doesn't match the quality of Proofpoint or Mimecast. However, it comes close in effectiveness. Plus, if we're obtaining it for free, investing in the other products seems impractical.
Head of Department of Network Communications at Eko electricity
Real User
Top 10
2023-08-01T18:00:00Z
Aug 1, 2023
Microsoft Defender for Office 365 should be more proactive. As a major global player, Microsoft possesses the platform to gather more information than any other company. Utilizing this information would enable them to make the system much more proactive. It would be sensible for Microsoft Defender for Office 365 to send occasional notifications, acting as advisories on how to prevent the latest threat trends. Similar to a newsletter, these notifications could guide users to take appropriate measures and review their organization's configurations, thereby ensuring maximum security.
Learn what your peers think about Microsoft Defender for Office 365. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included.
What I don't like about Microsoft Defender for Office 365 is that many of the features should be default. They should be included, not optional, like other vendors provide.
IT Manager at a manufacturing company with 51-200 employees
Real User
Top 10
2023-04-12T19:21:00Z
Apr 12, 2023
About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting. Now that we have more visibility into threats, our orientation is to have a more top-market solution to give us more visibility and easier ways to respond to the threats that we find and also to identify threats better. It is not really straightforward to get a lot of information from Microsoft Defender, so we have had to use Microsoft Graph to create some custom views to export custom information.
Cloud solution engineer at a computer software company with 51-200 employees
Real User
Top 20
2023-04-04T12:37:00Z
Apr 4, 2023
They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are.
The solution provides us with visibility into threats; however, there is room for improvement in the threat visibility, as it could be more granular, refined, and detailed. The UI needs to be more user-friendly. Some of the dashboard views are hard to follow and make the reporting complicated.
Vice President at a computer software company with 11-50 employees
Real User
Top 20
2022-12-26T20:01:00Z
Dec 26, 2022
The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year.
The advanced threat protection requires awareness and knowledge from administrators. Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features.
One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication. The awareness of ecosystem information that is provided needs to be better.
DevSecOps Engineer at a tech services company with 11-50 employees
Real User
Top 5
2022-11-14T19:40:00Z
Nov 14, 2022
Several simulation options are available within 365, and the phishing simulation could be better. I want to see improvements that will make the tool easier to operate.
There is room for improvement with the UI. The company should focus on adding threats that the solution is currently unable to detect. Sometimes it misses threats and viruses across the whole solution that are not covered under the current scanning. For example, if there are a hundred viruses that could be threatening us, sometimes Defender will only be able to scan for 95 out of 100. We have to pay for storage for the solution. The storage cost should not be included in the subscription. The notification rates are very high. It even notifies us for some small, low-priority viruses. My recommendation is that it should only notify us for high-level security threats that could highly affect our applications.
Associate Tech Lead at a computer software company with 51-200 employees
Real User
2022-08-09T12:52:00Z
Aug 9, 2022
In one of the reports, I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help.
Cybersecurity and Business Continuity Consultant at S2 Grupo
Real User
2022-03-28T17:26:15Z
Mar 28, 2022
Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added.
We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email.
Chief Information Security Officer at a outsourcing company with 10,001+ employees
Real User
2022-01-24T19:04:48Z
Jan 24, 2022
I'd like to see fewer false positives and potentially have an accurate capability to detect malicious SharePoint sites. There could also be an improvement in some of the features related to training. In a phishing test campaign, for example, it should be more user-friendly and include the capability to evaluate and assess users' understanding of the content provided.
Deputy Chief SAP BASIS Administrator at a comms service provider with 201-500 employees
Real User
2022-01-05T16:19:09Z
Jan 5, 2022
I was looking for some advanced features, like if I would receive an email that contains a legitimate file type, but the content is malicious, how I can protect against that? Normally, we are dealing with so many phishing and spam emails. I'd like some additional features any product can give me to protect our environment in a better way. There is always a chance to continue to improve the product in some way.
This is not really a defined product. You have to go to a lot of different places to enable things so it would be nice if you could go to one tab that says 365 Defender for Office 365 or something similar. You would be able to make all the settings and changes there, rather than having to go to lots of different places in the admin center to get it configured.
Corporate IT Infrastructure Manager at United Test and Assembly Center Ltd.
Real User
2021-08-02T15:53:00Z
Aug 2, 2021
The visibility for the weaknesses in the system and unauthorized access can be improved. Its price should be improved. Its cost is a major concern for us.
There needs to be an improvement in having the product work across multiple operating systems and have better support for non-Microsoft file types. Defender for Office 365 handles the Microsoft supported file types, but MIP is limited. This solution does what it needs to do, but it does not go to the depth of if it was working with MIP, a holistic information protection system. It does not support all the file types an organization might use. For example, AutoCAD B1 for manufacturing or defence-oriented companies, they have to add a third-party add-on, or you would have to create the extensibility. In an upcoming release, there should be business continuity features added. Proofpoint solution addresses what happens if you have an outage. If your tenant or your SaaS application is not available, there is no continuity right now with this solution.
Information Technology Manager at a performing arts with 51-200 employees
Real User
2021-01-14T18:47:34Z
Jan 14, 2021
We are waiting for better software to block viruses. The feedback that we receive is that it is weaker when compared with other products such as Cisco and Palo Alto. The only concern that we have is that this product is user-based, but we have requirements to run separate PCs or servers that are not on the same subscription. We need a separate license and we don't know how to get the license that is required. We also wonder if it can prevent attacks from new types of viruses such as Widefire.
Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.
With Microsoft Defender for Office 365, organizations can safeguard their email communication by...
Sometimes, phishing emails manage to pass through the filter, so the system needs to enhance its phishing email detection capabilities. We also need alerting features for abnormal actions like unusual logins or abnormal activities in the mailbox.
Microsoft Defender for Cloud Apps is a very good solution that allows you to use a single port or tool to control everything happening with your organization's different cloud applications. Configuring the default strategies and policies in Microsoft Defender for Cloud Apps generates a lot of noise and false positives. Also, the documentation does not have many details about that. The bad configuration and lack of good documentation prevent professionals from taking the most advantage of this tool. One of the big problems that some customers face is that Microsoft always changes its products' names. For example, four to six months ago, Microsoft Defender for Office 365 was renamed Microsoft Defender XDR. Microsoft comes up with a new name for the tool every one or two years, which sometimes is hard for customers to follow. Microsoft should improve some integrations in the Microsoft Defender for Cloud Apps sub-category. With a specific configuration to Microsoft Defender for Endpoint, we can get logs and insights from network devices and other workloads on our system.
The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.
Microsoft Defender for Office 365 lacks proactivity in assisting us with preparing for potential threats before they occur. While they employ a substantial amount of threat intelligence to preemptively prevent incidents, their effectiveness diminishes when it comes to delivering proactive threat intelligence alerts from Microsoft. Their focus primarily revolves around managing the internal environment. On the other hand, my other vendor, Check Point, along with my membership in MS-ISAC, supplements me with this type of information. The phishing and spam filters could use some improvement. It is adequate, but it doesn't match the quality of Proofpoint or Mimecast. However, it comes close in effectiveness. Plus, if we're obtaining it for free, investing in the other products seems impractical.
Microsoft Defender for Office 365 should be more proactive. As a major global player, Microsoft possesses the platform to gather more information than any other company. Utilizing this information would enable them to make the system much more proactive. It would be sensible for Microsoft Defender for Office 365 to send occasional notifications, acting as advisories on how to prevent the latest threat trends. Similar to a newsletter, these notifications could guide users to take appropriate measures and review their organization's configurations, thereby ensuring maximum security.
There is room for improvement in terms of reporting. There could be more features around it.
The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included.
What I don't like about Microsoft Defender for Office 365 is that many of the features should be default. They should be included, not optional, like other vendors provide.
About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting. Now that we have more visibility into threats, our orientation is to have a more top-market solution to give us more visibility and easier ways to respond to the threats that we find and also to identify threats better. It is not really straightforward to get a lot of information from Microsoft Defender, so we have had to use Microsoft Graph to create some custom views to export custom information.
They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are.
The solution provides us with visibility into threats; however, there is room for improvement in the threat visibility, as it could be more granular, refined, and detailed. The UI needs to be more user-friendly. Some of the dashboard views are hard to follow and make the reporting complicated.
The pre-sales cost calculations could be more transparent.
The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year.
The advanced threat protection requires awareness and knowledge from administrators. Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features.
One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication. The awareness of ecosystem information that is provided needs to be better.
Several simulation options are available within 365, and the phishing simulation could be better. I want to see improvements that will make the tool easier to operate.
There is room for improvement with the UI. The company should focus on adding threats that the solution is currently unable to detect. Sometimes it misses threats and viruses across the whole solution that are not covered under the current scanning. For example, if there are a hundred viruses that could be threatening us, sometimes Defender will only be able to scan for 95 out of 100. We have to pay for storage for the solution. The storage cost should not be included in the subscription. The notification rates are very high. It even notifies us for some small, low-priority viruses. My recommendation is that it should only notify us for high-level security threats that could highly affect our applications.
In one of the reports, I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help.
Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added.
We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email.
I'd like to see fewer false positives and potentially have an accurate capability to detect malicious SharePoint sites. There could also be an improvement in some of the features related to training. In a phishing test campaign, for example, it should be more user-friendly and include the capability to evaluate and assess users' understanding of the content provided.
I was looking for some advanced features, like if I would receive an email that contains a legitimate file type, but the content is malicious, how I can protect against that? Normally, we are dealing with so many phishing and spam emails. I'd like some additional features any product can give me to protect our environment in a better way. There is always a chance to continue to improve the product in some way.
This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products.
This is not really a defined product. You have to go to a lot of different places to enable things so it would be nice if you could go to one tab that says 365 Defender for Office 365 or something similar. You would be able to make all the settings and changes there, rather than having to go to lots of different places in the admin center to get it configured.
The visibility for the weaknesses in the system and unauthorized access can be improved. Its price should be improved. Its cost is a major concern for us.
It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers.
In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.
There needs to be an improvement in having the product work across multiple operating systems and have better support for non-Microsoft file types. Defender for Office 365 handles the Microsoft supported file types, but MIP is limited. This solution does what it needs to do, but it does not go to the depth of if it was working with MIP, a holistic information protection system. It does not support all the file types an organization might use. For example, AutoCAD B1 for manufacturing or defence-oriented companies, they have to add a third-party add-on, or you would have to create the extensibility. In an upcoming release, there should be business continuity features added. Proofpoint solution addresses what happens if you have an outage. If your tenant or your SaaS application is not available, there is no continuity right now with this solution.
We are waiting for better software to block viruses. The feedback that we receive is that it is weaker when compared with other products such as Cisco and Palo Alto. The only concern that we have is that this product is user-based, but we have requirements to run separate PCs or servers that are not on the same subscription. We need a separate license and we don't know how to get the license that is required. We also wonder if it can prevent attacks from new types of viruses such as Widefire.