We just raised a $30M Series A: Read our story

Microsoft 365 Defender OverviewUNIXBusinessApplication

Microsoft 365 Defender is #7 ranked solution in XDR Security products. IT Central Station users give Microsoft 365 Defender an average rating of 8 out of 10. Microsoft 365 Defender is most commonly compared to Cisco SecureX:Microsoft 365 Defender vs Cisco SecureX. The top industry researching this solution are professionals from a computer software company, accounting for 31% of all views.
What is Microsoft 365 Defender?

Microsoft 365 Defender, part of Microsoft’s XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats and hunt for sophisticated breaches, trusting that the powerful automation in Microsoft 365 Defender detects and stops attacks anywhere in the kill chain and returns the organization to a secure state.

- Reduce signal noise by viewing prioritized incidents in a single dashboard. 

- Use the automated investigation capabilities to spend less time on detection and response.

- Take care of routine and complex remediation with Microsoft 365 Defender by auto-healing affected assets.

- Hunt across all your data, leveraging your organizational knowledge with custom queries. 

- Develop custom detection and response tools for long-term protection and improved security posture.

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft 365 Defender was previously known as Microsoft Threat Protection, MS 365 Defender.

Buyer's Guide

Download the Extended Detection and Response (XDR) Buyer's Guide including reviews and more. Updated: November 2021

Microsoft 365 Defender Video

Pricing Advice

What users are saying about Microsoft 365 Defender pricing:
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The solutions price is fair for what they offer."
  • "The price of the solution is high compared to others and we have lost some customers because of it."

Microsoft 365 Defender Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
NP
Security Solutions Architect at a computer software company with 10,001+ employees
Real User
Integrates well, has good native capabilities, and offers flexible configurations

Pros and Cons

  • "It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
  • "I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."

What is our primary use case?

We have very strong DLP policies. The product will inspect each and every outgoing email and what kind of attachments they have, including if any have business-sensitive information such as outgoing email going to some public domain such as Gmail or Yahoo. If the solution detects this, it'll raise an alarm and notify the required teams. On top of that, the incoming email will scan attachments for any potential malware tech or any phishing link. 

What is most valuable?

The native capabilities are quite good as it slips in seamlessly as part of our integration. 

It integrates well without AD, Active Directory.

It gives a lot of flexibility in terms of configuration and customization as per the business requirements.

What needs improvement?

These days, in the security industry, there is a buzzword called zero trust. I personally have not seen much evidence of how Defender can enhance the story of Zero Trust for enterprises. Microsoft needs to offer more features here or spread awareness in the industry and the market about how Defender addresses Zero Trust issues.  

For how long have I used the solution?

I've used the solution for more than a year now.

What do I think about the stability of the solution?

The stability is good. it's up to the mark. 

What do I think about the scalability of the solution?

It's usually scalable. 

We're using it on a daily basis. 

The solution works for any size of organization. There is no such limitation for Microsoft as the ecosystem they have built doesn't really have a limiting factor. It will work for a small sized up to a big-sized organization. Our company is half a million strong. If it satisfies our needs, then definitely it can satisfy anybody else as well.

How are customer service and support?

I personally have never reached out to technical support as our in-house expertise is good enough.

It's good for the most part, as it is their own homegrown product and they understand it well.

Which solution did I use previously and why did I switch?

We haven't worked with any other products.

How was the initial setup?

The setup is a simple process, however, users can adopt the phase-in approach and start simple and then yeah. For example, over a period of time, you can achieve what you want to achieve, but not in a single shot. You can do it in phases and work everything in slowly.

The amount of time it will take to deploy Defender depends, actually. If a customer is already sure about all the processes and reporting information they require, then to start, it should not take more than a couple of months, including planning.

There is some maintenance required. We need a team to run the show, however, when you compare it to other options, the maintenance requirements are reduced. We typically have a cloud operations team to oversee it, and it's business as usual. Our company is able to provide any needed maintenance services to our clients. 

What about the implementation team?

Our company integrates this solution into our client's infrastructure.

What's my experience with pricing, setup cost, and licensing?

We have E3 and E5 licenses for our users and there is the default.

Depending on the user role, the senior people and critical positions have been allocated the E5 licenses and the intermediate users have been allocated E3 licenses.

Whether it is inexpensive or not is not a very straightforward question as, when you compare the total cost, you have to consider the total cost of ownership. It's not only a comparison between two products. You have to see the other dependencies when you deploy any other solution. That said, I would say it is more or less cost-effective.

What other advice do I have?

We are partners with Microsoft.

I'm in a customer-facing role where we propose different email security solutions to our customers. My role demands that I identify the required security solutions for the different needs of our customers.

We are on the latest version of the product.

I'd advise potential new users to define their business requirements first, however, it's likely Defender will need them and provide what they need.

I'd rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PT
Product Manager at a comms service provider with 501-1,000 employees
Reseller
Top 5
Stable and easy to use but could scan attachments faster

Pros and Cons

  • "The product is very easy to use."
  • "It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."

What is our primary use case?

We primarily use the solution as security for our endpoints. It covers everything.

What is most valuable?

The solution is very useful for scanning email traffic.

Practically every company that is working in Microsoft Cloud can use it with a Microsoft 365 subscription.

The product is very easy to use.

So far, I have found the solution to be very stable. I haven't had any issues with it.

What needs improvement?

It would be helpful if the solution could scan faster when it comes to scanning attachments to emails.

For how long have I used the solution?

I've been using the solution for a bit more than one year.

What do I think about the stability of the solution?

The product is quite stable. It's been problem-free. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.

What do I think about the scalability of the solution?

I do not believe the solution is scalable. It's fixed on my PC and I cannot upgrade it. It may be changed from time to time according to the company, however, beyond that, I have no control over expansion.

We have 250 people in our office using the solution.

How are customer service and technical support?

We have an internal IT department. If I were to have issues, which I haven't, I would go to them. I've never contacted Microsoft's technical support directly. I have no experience dealing with them. I couldn't say if they are helpful or responsive.

How was the initial setup?

I didn't handle the initial setup. That was handled by a technician in my company. It was placed on my PC for me. I don't have any insights in terms of the implementation process.

It may only take one person to install it. They would have to have a bit of knowledge on the product.

What's my experience with pricing, setup cost, and licensing?

We are using the higher-level package which we have to pay a licensing fee for. There are different tiers. Ours includes extended detection with Advanced Threat Protection. It's the most powerful endpoint protection Microsoft offers.

What other advice do I have?

We are using the latest version of the solution.

We sell the product and we use it as well. We are resellers.

We are using advanced endpoint detection in our security for email and a lot of other things, however, it is combined with Cisco solutions, for example, Cisco Umbrella. We have a file solution from IBM, and internally we are using it, however, I am not directly using all of these things. I'm using the administrative part for partnership purposes. I'm not a technical person. I am using them as a customer as part of Microsoft OS.

There is a lot of other tools behind the scenes as well, however, they are working on a network level, on a data center level, to secure the company. 

I'd rate the solution at a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Find out what your peers are saying about Microsoft, Cisco, Palo Alto Networks and others in Extended Detection and Response (XDR). Updated: November 2021.
554,676 professionals have used our research since 2012.
GV
Senior IT Executive and Operation at a tech services company with 51-200 employees
Real User
Top 20
A unified enterprise defense suite that's very stable, but the price could be better

Pros and Cons

  • "I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
  • "The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."

What is our primary use case?

The primary use case for Defender is to control the endpoint systems at the user level. On the networking level, we use it to analyze spam and see if any antivirus services are required or if there's a ransomware attack. As of now, I am just using it for monitoring.

What is most valuable?

I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there. I can see a lot of changes to Microsoft 365 Defender when I compare what we have now to what we had from 2007 to 2010. They have implemented a ransomware feature, and if any virus comes into the system, it triggers an alert.

What needs improvement?

The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things.

For how long have I used the solution?

I have been using Microsoft 365 Defender since 2007.

What do I think about the stability of the solution?

Microsoft Defender is very stable, and you can see that there is a 99.9% success rate when they give us good service. It's very helpful for configuring anything.

What do I think about the scalability of the solution?

It's definitely easy to scale. However, scalability depends on the plan and requirements.

How are customer service and technical support?

They have their norms and regulations that they use once a ticket is created. Whatever the technical issues are, they normally resolve them within the timeline or some days. They are good at the technical side of things.

How was the initial setup?

The initial setup is totally easy. It's not complex. It takes just a couple of minutes to deploy this solution.

What's my experience with pricing, setup cost, and licensing?

The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users.

What other advice do I have?

I would recommend Microsoft Defender to new users. I would advise them to understand their exact requirements and check if it matches before taking it up.

On a scale from one to ten, I would give Microsoft 365 Defender a seven.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
RY
Lead Solutions Architect at a computer software company with 10,001+ employees
Real User
Top 5Leaderboard
Integrates well, easy to maintain, but data recovery needs improvement

What is our primary use case?

We use the solution to back up our data frequently.

What is most valuable?

The solution is well integrated with applications. It is easy to maintain and administer.

What needs improvement?

The data recovery and backup could be improved.

For how long have I used the solution?

I have been using the solution for a couple of years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable, you do not need to worry about resources. I have more than 50 users using the solution in my organization.

How are customer service and technical support?

The support provides a 24 hrs service which I am completely satisfied with.

How was the initial

What is our primary use case?

We use the solution to back up our data frequently.

What is most valuable?

The solution is well integrated with applications. It is easy to maintain and administer.

What needs improvement?

The data recovery and backup could be improved.

For how long have I used the solution?

I have been using the solution for a couple of years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable, you do not need to worry about resources. I have more than 50 users using the solution in my organization.

How are customer service and technical support?

The support provides a 24 hrs service which I am completely satisfied with.

How was the initial setup?

The installation was straightforward it did not take very long to deploy the backup software on any application.

What about the implementation team?

We have six people that do the maintenance of the solution in my organization.

What's my experience with pricing, setup cost, and licensing?

The solutions price is fair for what they offer.

What other advice do I have?

I recommend this solution to others, it is easy to use and they will enjoy it.

I rate Microsoft 365 Defender a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PD
Senior Cloud Architects Consultant Manager at Metro Systems Corporation Public Company Limited
Consultant
Top 20
Stable, scalable, but machine learning and AI could improve

What is our primary use case?

I use the solution for security against system threats.

What is most valuable?

I have found the ability to delete unwanted threats beneficial.

What needs improvement?

The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better.

For how long have I used the solution?

I have used this solution for approximately one year.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

Microsoft 365 Defender is scalable.

What's my experience with pricing, setup cost, and licensing?

The price of the solution is high compared to others and we have lost some customers because of it.

What

What is our primary use case?

I use the solution for security against system threats.

What is most valuable?

I have found the ability to delete unwanted threats beneficial.

What needs improvement?

The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better.

For how long have I used the solution?

I have used this solution for approximately one year.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

Microsoft 365 Defender is scalable.

What's my experience with pricing, setup cost, and licensing?

The price of the solution is high compared to others and we have lost some customers because of it.

What other advice do I have?

I rate Microsoft 365 Defender a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate