We performed a comparison between Microsoft Defender for Endpoint and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Microsoft Defender for Endpoint is its ability to bring together all the data, providing more information than just antivirus hits."
"You have endpoint security to keep your devices safe. That's the feature that we're interested in."
"The best part is that it is built into Windows, whether it is a server base or a desktop base, which gives more control over the operating system. Because Defender, the operating system, and the Office solution are by Microsoft, everything is working like hand-in-glove. Its administrative overhead is less because a desktop user has already got some experience of how to handle a Microsoft Defender notification or administer it."
"It performs well. The stability is seamless."
"Microsoft Defender can block some viruses or malware. So, it can protect my files. It can save files on Office 365 OneDrive. I use encryption for some files, then I can recover them from OneDrive."
"We had certain compliance and usage issues. For example, our company wanted to go with CIS, but we didn't have a proper way of measuring whether the endpoints have the right standards in place or whether they were compliant with CIS. Microsoft Defender was like a one-stop for most things because it gave us the vulnerability and patching scores so that our vulnerability management teams can focus on covering up the vulnerabilities and the patching team can check the vulnerable versions and deploy the right versions."
"The protection that it provides is quite good."
"I enjoy using the live response feature, which allows me to remotely access different endpoints and investigate malicious files, such as malware that people may have downloaded, and other related issues."
"The best thing about Microsoft Entra ID is the ease of setup."
"It is a very straightforward implementation."
"Every feature in Microsoft Entra ID plays a crucial role in overall security."
"The most important things of Azure Active Directory are the security and the facility to manage all the services and users. It is very easy to manage users and assign roles, permissions, and access. At the same time, it is a very secure environment. Microsoft takes security very seriously. They take care of all the security and all the factors to prevent any kind of data or information compromise."
"When logging on to Azure AD it's pretty quick."
"Just because I've been in the Azure space since it started out and in the Microsoft Cloud AD since the BPOS days in the early 2000s, and it's just a product that made life simpler for my clients to be able to integrate everything."
"Very stable and scalable IAM service with good SSO and authentication features."
"Overall the solution functions very well, such as the ability to access it from the cloud."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"Microsoft Defender for Endpoint could improve by making the reporting better."
"Microsoft Defender for Endpoint should include better automation that will make it faster to detect the latest threats happening across the world."
"We'd like the stability to be better."
"The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices."
"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
"The automation could be simpler on the mitigation side. It has a learning curve. Otherwise, it's pretty easy."
"Phishing and Malware detection could be better."
"To look at more documentation, engineering, or an open standard would be nice."
"The permission management is a mess."
"The custom role creation function could be improved as it's somewhat tricky to use."
"There is no great solution in the cloud for Conditional Access authentication and RADIUS-type authentication."
"The only issue with Azure AD is that it doesn't have control over the wifi network. You have to do something more to have a secure wifi network. To have it working, you need an active directory server on-premises to take care of the networks."
"It would be awesome to have a feature where you can see the permissions of a user in all their Azure subscriptions. Right now, you have to select a user, then you have to select the subscription to see which permissions the user has in their selected subscriptions. Sometimes, you just want to know, "Does that user have any permissions in any subscriptions?" That would be awesome if that would be available via the portal."
"There is no documentation about how Microsoft will scale Azure AD for customers. It only mentions that it will scale out if you have a lot of requests but does not mention how in detail."
"The cost of licensing always has room for improvement."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 5th in Microsoft Security Suite with 182 reviews while Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 190 reviews. Microsoft Defender for Endpoint is rated 8.0, while Microsoft Entra ID is rated 8.6. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Cortex XDR by Palo Alto Networks, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Cisco Duo and Okta Workforce Identity. See our Microsoft Defender for Endpoint vs. Microsoft Entra ID report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
In recent years Microsoft has really upped its game with Defender and Intune. As core cyber-security for an SME, keeping just to Microsoft is now a real option. The challenge is understanding the gaps / cyber security service weaknesses (if they exist) in comparison with other vendors such as ESET, Malwarebytes, Trend Micro, etc.
Azure AD Services, Defender for Endpoint, and Intune are all Microsoft products, but it is important to understand how each product works as they may not be compatible and there may be some limitations.
Devices managed through Intune may not have all of the Defender for Endpoint features. Some advanced features such as automated investigation and remediation may only be available for devices that are enrolled in Defender for Endpoint standalone.
In addition, Azure AD and Intune have different requirements for device enrollment and management. Intune requires devices to be enrolled and managed through an MDM solution, while Azure AD provides basic device management capabilities but may not support all of the features available in Intune.
Lastly, there may be limitations to how user identities and access are managed between Azure AD and Intune. Some features that are available in Azure AD, such as conditional access policies, may not suit Intune, and additional configuration may be required to ensure that user identities and access are properly managed across both services.
If anyone out there has other experiences, please let me know!
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.
1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.
2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.
3. You can still use autopilot using both of these approaches.
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.
There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...
But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations.
Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...