Check Point SandBlast Network and Microsoft Defender for Identity compete in the cybersecurity category. Based on the comparisons, each offers advantages in different areas, with each excelling in distinct feature sets and integration options.
Features: Check Point SandBlast Network is known for its zero-day threat protection, threat extraction, and dynamic integration with Threat Cloud services, offering a robust defense against new threats. It provides efficient threat emulation across multiple operating systems. Microsoft Defender for Identity focuses on identity security, providing strong threat detection and integration with Microsoft 365, enhancing overall enterprise security posture. Its monitoring capabilities offer comprehensive protection in both cloud and on-premises environments.
Room for Improvement: Check Point SandBlast Network could improve in handling certain file types and needs enhancements in certificate management and two-factor authentication. Better integration with third-party applications and a more intuitive configuration process are desired. Microsoft Defender for Identity could enhance its anomaly detection capabilities, improve false positive handling, and streamline integration between cloud and on-premise components. Users also seek more detailed documentation and better false positive management.
Ease of Deployment and Customer Service: Check Point SandBlast Network offers flexibility with hybrid, on-premises, and cloud deployment options, but users report a need for more user-friendly configuration guidance and improved technical support. Microsoft Defender for Identity, operating primarily in the public cloud, integrates well within Microsoft's ecosystem; however, some users desire improvements in support responsiveness and navigation.
Pricing and ROI: Check Point SandBlast Network is seen as expensive, with additional licenses needed for full functionality, but its comprehensive security benefits justify the costs, reflected in enhanced security and reduced threat exposure. Microsoft Defender for Identity's pricing within the Microsoft 365 suite is viewed as competitive, with ROI captured through improved threat visibility and preventive measures, but clarity in Microsoft’s complex licensing model could be improved.
Protecting around 2,000 users from cyber threats, including ransomware, has positively impacted the organization's growth by reducing disruptions and business loss.
I have seen both money and time saved as a return on investment.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
Generally, the support is more effective than other providers like Oracle.
The scalability of Check Point SandBlast Network meets our organization's needs as we grow.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
Having recently started using it, reliability is affirmed, but manual investigation is often performed to verify if alerts identified by auto-remediation are accurate.
Simplification of granular tuning for false positive reduction and bypassing benign files would benefit non-expert users.
Check Point SandBlast Network can be improved by adding more integration capabilities, such as integration with third-party firewalls, third-party EDR solutions, and SIEM.
If Microsoft could develop a feature that indicates when impossible travel is caused by VPN connections, it would prevent unnecessary password resets and session disruptions, especially for VIP users in organizations.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
Reducing false positives is something we've been working on with Microsoft.
Pricing is a bit costly, but considering the features and security offered by Check Point SandBlast Network, it is reasonable.
If they can reduce the costs, organizations will be happy, and it will compensate for using the Azure environment, which is more expensive on the infrastructure as a service side.
Ensuring a fair price according to market standards.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
The key features of Check Point SandBlast Network include its ability to detect zero-day attacks, provide sandboxing capabilities, and offer real-time protection with threat extraction.
It's effective in meeting the specific needs of customers through deployment and integration.
We receive an advance report of risky users, allowing us to take preemptive action before an attack causes damage to organization details.
The integration into the Microsoft Defender ecosystem is the most valuable feature of Microsoft Defender for Identity.
The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect.
Check Point’s evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach. Learn More about Check Point Sandblast
Microsoft Defender for Identity integrates with Microsoft tools to monitor user activity, providing advanced threat detection and analysis using AI. It enhances proactive threat response and security visibility, making it essential for securing on-premises and cloud environments like Active Directory.
Microsoft Defender for Identity offers comprehensive monitoring and AI-driven user behavior analysis. It detects threats through real-time alerts and identifies lateral movements and entity tagging, ensuring robust security management. With excellent visibility via its dashboard, it supports customized detection rules and seamlessly integrates with SIEM platforms. While SecureScore and SecureScan provide robust environment security, there is room for improvement in cloud security, on-premises application integration, and remediation capabilities. Azure integration is limited, and the administrative interface could be more user-friendly. Users experience frequent false positives, affecting threat detection efficiency.
What key features stand out in Microsoft Defender for Identity?In specific industries such as education and finance, Microsoft Defender for Identity is crucial for securing on-premises Active Directory and Azure Active Directory environments. It effectively detects suspicious activities and manages conditional access policies, offering user and entity behavior analytics, endpoint detection and response capabilities. This helps prevent unauthorized access and strengthens overall security, making it an invaluable asset for organizations aiming to safeguard their digital infrastructure.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
