We performed a comparison between Microsoft Defender for Business and Microsoft Defender for Identity based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."If you're an Intune user, you can bring in certain capabilities like system-hardening policies, which further enhances the security."
"It is scalable."
"A few things are valuable. One is the alerting we see when any kind of intrusion is happening, any kind of malware is being deployed across the endpoints, or any kind of suspicious activity is going on. We have a footprint across all of North America, Canada, and Mexico, so we want to make sure that all our endpoints are protected and we are able to look for any anomalous activity."
"The interface is quite user-friendly."
"Microsoft Defender for Business is good for small and medium-sized businesses. It offers solid security flexibility and integration with tools like Microsoft Lighthouse and some other software. It takes some of the features of Defender for Endpoint EDR and provides those services for small and medium-sized business environments."
"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."
"It is easy to set up. Based on the number of devices you would like to set up, you can use scripts, Group Policy, etc. It takes five minutes to set up."
"One of our users had the same password for every personal and company account. That was a problem because she started receiving phishing emails that could compromise all of her accounts. Defender told us that the user was not changing their password."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"All the integration it has with different Microsoft packages, like Teams and Office, is good."
"This solution has advanced a lot over the last few years."
"The solution offers excellent visibility into threats."
"Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence."
"The biggest one is that Defender needs to be more proactive to the emerging threats. There can be tighter integration with email, especially how it integrates with our email system, which is the Microsoft Outlook suite. There should be the ability to react a lot quicker to emerging threats because sometimes, it takes a few days before some of these new threats are fully identified, and we need that to be a few hours."
"The security could always be improved."
"Defender's reporting is rather scattered, and its URL filtering mechanism doesn't really work."
"We faced some issues while running some applications on Mac."
"Defender's threat protection should be fine-tuned to reduce false positives. It could be more targeted, reflecting a continuous evolution in detecting. Also, it could be easier to integrate into other environments."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"We observe a lot of false positives. Sometimes, when we go for a coffee break, we lock our screens. Locking the screen has a separate Windows event ID and sometimes I see it is detected as a failed login."
"When the data leaves the cloud, there are security issues."
"Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies."
"The technical support needs significant improvement. Documentation for more minor issues in the form of guides or walkthroughs could help to resolve this issue. The number of tickets raised would decrease, removing some pressure from the support team and making it easier to clear the remaining tickets."
"An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"The tracking instance needs to be configured appropriately."
More Microsoft Defender for Business Pricing and Cost Advice →
More Microsoft Defender for Identity Pricing and Cost Advice →
Microsoft Defender for Business is ranked 20th in Microsoft Security Suite with 5 reviews while Microsoft Defender for Identity is ranked 8th in Microsoft Security Suite with 13 reviews. Microsoft Defender for Business is rated 8.0, while Microsoft Defender for Identity is rated 9.0. The top reviewer of Microsoft Defender for Business writes "Quicker response time, improved security posture, and reduced alerts". On the other hand, the top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". Microsoft Defender for Business is most compared with HP Wolf Security, Microsoft Defender for Office 365, Microsoft Intune, Microsoft Defender for Endpoint and SentinelOne Singularity Complete, whereas Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Defender for Endpoint. See our Microsoft Defender for Business vs. Microsoft Defender for Identity report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
