We performed a comparison between Azure Key Vault and Microsoft Defender for Identity based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use Azure Key Vault for securing secret connection streams, like API secrets, Azure services Secret Key, and AD Client Secret."
"One of the most valuable features of Microsoft Azure Key Vault is its ease of use."
"The initial setup is very straightforward. It only took a few minutes."
"The centralized storage and secure storage are features we like."
"This solution speeds up the product development life cycle. That is, the time from the development of the product to the time to market is drastically reduced because of the CI/CD pipelines. You can have your code deployed within a matter of minutes."
"The solution's technical support is good. My company received support from Microsoft whenever we needed it."
"We only use the basic features and those are the ones that have the ability to tie into the app, the secrets, and the passwords and encrypt them."
"The GUI was quite easy for me to use."
"The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence."
"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"The solution offers excellent visibility into threats."
"This solution has advanced a lot over the last few years."
"The feature I like most is that you can create your own customized detection rules. It has a lot of default alerts and rules, but you can customize them according to your business needs."
"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."
"While it's very reliable in terms of stability, there's always room for improvement."
"Better integration with other third-party cloud providers, such as AWS and GCP, should be there. That's something I expect from a Microsoft-built product."
"The solution could be cheaper."
"The slow response from the support team is one of the shortcomings of the solution that needs to be improved."
"The product must provide AI features."
"The solution's usage can be a little better from the user interface point of view."
"I can see that other people are doing the infrastructure as code, they are able to easily manage and cycle their passwords as needed using their own interface they created. It would be nice if Microsoft provided more guidance in that area."
"If you check the capabilities of other key management services across Amazon, HashiCorp, and Google, there are features that Key Vault doesn't have. It could be the case that when you use Key Vault, you might be forced to use a third-party solution to get certain services. If those services could be included in Key Vault, there would be diminished reasons to go for a third-party key management system."
"There is no option to remedy an issue directly from the console. If we see an alert, we can't fix it from the console. Instead, we must depend on other Microsoft products, such as MDE. That is a significant drawback. It simply works as a scanner, which can sometimes put enough load on the sensors. Immediate actions should be possible from the dashboard because. It can prevent issues from spreading further."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"The solution could be better at using group-managed access and they could replace it with broad-based access controls."
"An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate."
"And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
"Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies."
More Microsoft Defender for Identity Pricing and Cost Advice →
Azure Key Vault is ranked 11th in Microsoft Security Suite with 46 reviews while Microsoft Defender for Identity is ranked 8th in Microsoft Security Suite with 13 reviews. Azure Key Vault is rated 8.6, while Microsoft Defender for Identity is rated 9.0. The top reviewer of Azure Key Vault writes "Allows us to securely store our keys to prevent unauthorized access to unwanted users". On the other hand, the top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". Azure Key Vault is most compared with AWS Secrets Manager, HashiCorp Vault, CyberArk Enterprise Password Vault, AWS Certificate Manager and Delinea Secret Server, whereas Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Defender for Endpoint. See our Azure Key Vault vs. Microsoft Defender for Identity report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
