We performed a comparison between IRONSCALES and Microsoft Defender for Identity based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For me, the mobile app is most valuable. All other features are also very useful, but the mobile app makes it really easy for me to manage on the go. I don't have to be at my desk. I could be at the shops, or it could be in the evening when I am out, and I can get a notification on my phone that there is an incident that has been raised. I can sort it out very quickly without having to be at my work PC."
"The biggest benefit is that we get fewer phishing and spam emails, so using IRONSCALES has made our environment much safer."
"There is buzz around phishing awareness training. When I make a campaign, all of a sudden people in our organization are talking, thinking, and wondering about it. Therefore, it keeps people on their toes. That is perfect because it does exactly what we want it to do."
"The fact that it is set-and-forget is valuable. Once you turn it on, you very rarely have to micromanage it, whereas, with a lot of spam filters, you have to go in very often."
"The stability is good."
"For what was being offered with IRONSCALES, I feel like we got an incredible deal."
"The solution captures a bit more of the unknown, quantifies it, and applies intelligence to it to pick out and stop a lot of phishing emails that come through."
"AI-driven phishing detection and incident remediation are valuable. It saves time from having to do manual analysis and investigation, and we also get alerts for phishing emails."
"The solution offers excellent visibility into threats."
"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."
"One of our users had the same password for every personal and company account. That was a problem because she started receiving phishing emails that could compromise all of her accounts. Defender told us that the user was not changing their password."
"Defender for Identity has not affected the end-user experience."
"Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence."
"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"The feature I like most is that you can create your own customized detection rules. It has a lot of default alerts and rules, but you can customize them according to your business needs."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"There's room for improvement in the campaign management. IRONSCALES has many built-in templates that I use, but you can also build templates from scratch. However, the interface for creating custom templates needs to be updated."
"I would like it if IRONSCALES had some sort of reminder mechanism, meaning IRONSCALES knows if a user completed the training or not. As long as it hasn't been completed, it keeps reminding every so often, alerts the manager, etc. Right now, it is all in the hands of the employee, and not all of them continue the process, which is a shame."
"There is a feature called Account Takeover, which isn't what I want it to be able to do. I know that they're working on that, but when they first started the Account Takeover feature in incident management, it didn't have much information. It didn't have any usability to it. I already had tools in place that were better."
"The only thing that I could say is that some of the reporting features could be better."
"Even though they have been continuously improving it, it is not 100% there. We have had a few incidents where legitimate emails were getting blocked, and we had to manually remove those emails from quarantine. It is 90% effective or accurate because, on rare occasions, some emails from customers were not getting delivered. In one or two instances, their emails got blocked by IRONSCALES, and we had to manually remove the emails from quarantine. I would like them to improve their algorithm to avoid flagging genuine emails as malicious. I would also like to be able to whitelist certain email addresses. I'd love to be able to whitelist a particular customer."
"Its UI could be improved. My pet peeve with a lot of these cloud-based systems is that a lot of times, the interface for the management is a little clunky. If you live and breathe IRONSCALES all day long, you'll obviously know where everything is just from muscle memory, but the system is not designed for people to be in it all day long. You're only supposed to occasionally look at it. When things get moved around, it is not necessarily that intuitive. I'm an IT guy, and I can pretty much take the worst UI and figure it out, but the menus and the options in the interface could be a little cleaner graphically. If you have a quick problem that you want to resolve, it takes a little bit of digging in the admin console, whereas it should take a few clicks up front."
"IRONSCALES should bundle more features together instead of separating them and charging additional licensing fees."
"In addition to integrated training, they should also have personalized training that you don't have to do as part of a phishing campaign or a simulation."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"The solution could be better at using group-managed access and they could replace it with broad-based access controls."
"We observe a lot of false positives. Sometimes, when we go for a coffee break, we lock our screens. Locking the screen has a separate Windows event ID and sometimes I see it is detected as a failed login."
"And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."
"An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate."
"When the data leaves the cloud, there are security issues."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
More Microsoft Defender for Identity Pricing and Cost Advice →
IRONSCALES is ranked 7th in Advanced Threat Protection (ATP) with 11 reviews while Microsoft Defender for Identity is ranked 6th in Advanced Threat Protection (ATP) with 13 reviews. IRONSCALES is rated 9.2, while Microsoft Defender for Identity is rated 9.0. The top reviewer of IRONSCALES writes "It has an easy installation that can be done in a matter of minutes". On the other hand, the top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". IRONSCALES is most compared with Microsoft Defender for Office 365, Avanan, Sublime Security, Perception Point Advanced Email Security and Cisco Secure Email, whereas Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Defender for Endpoint. See our IRONSCALES vs. Microsoft Defender for Identity report.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
