Microsoft Defender for Identity vs Microsoft Defender for Office 365 comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Microsoft Defender for Identity and Microsoft Defender for Office 365 based on real PeerSpot user reviews.

Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Defender for Identity vs. Microsoft Defender for Office 365 Report (Updated: May 2024).
771,740 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Defender for Identity has not affected the end-user experience.""Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence.""This solution has advanced a lot over the last few years.""The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export.""All the integration it has with different Microsoft packages, like Teams and Office, is good.""The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors.""It is easy to set up. Based on the number of devices you would like to set up, you can use scripts, Group Policy, etc. It takes five minutes to set up.""The solution offers excellent visibility into threats."

More Microsoft Defender for Identity Pros →

"The initial setup was easy.""The most valuable feature of Microsoft Defender for Office 365 is the ease of use.""Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable.""I like its investigation capabilities, as that is what is most important to me. It is fairly simple with a user-friendly interface.""The deployment capability is a great feature.""It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the e-mail to the workstation itself.""There are several features that I consider valuable.""The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over."

More Microsoft Defender for Office 365 Pros →

Cons
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved.""When the data leaves the cloud, there are security issues.""Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies.""An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate.""The tracking instance needs to be configured appropriately.""One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents.""The technical support needs significant improvement. Documentation for more minor issues in the form of guides or walkthroughs could help to resolve this issue. The number of tickets raised would decrease, removing some pressure from the support team and making it easier to clear the remaining tickets.""The solution could be better at using group-managed access and they could replace it with broad-based access controls."

More Microsoft Defender for Identity Cons →

"The XDR dashboard has room for improvement.""There's room for improvement regarding the time frame for retrieving emails.""The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included.""Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once.""Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data.""One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration.""The custom alerts have to improve a lot.""They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."

More Microsoft Defender for Office 365 Cons →

Pricing and Cost Advice
  • "You won't be able to change your tenants from where you deploy them. For example, if you select Canada, they will charge you based on Canadian pricing. If you are also in London, when you deploy in Canada, the pound is higher than Canadian dollars, but your platform resources are billable in Canadian dollars. Using your pounds to pay for any of these things will be cheaper. Or, if you deploy in London, they will charge you based on your local currency."
  • "Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly."
  • "The product is costly, and we had multiple discussions with accounting to receive a discounted rate. However, on the open market, the tool is expensive."
  • "It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees."
  • More Microsoft Defender for Identity Pricing and Cost Advice →

  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • "Defender for 365 comes in various plans and licenses, along with other Microsoft security solutions. Purchasing this kind of package or security bundle gives good value for money, and that's what I recommend."
  • More Microsoft Defender for Office 365 Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
    771,740 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence.
    Top Answer:One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents. Currently, it is mandatory to install the agent on the on-premises… more »
    Top Answer:Microsoft Defender for Identity is like a personal security guard for our organization's identity. It keeps a close eye on how we use our identities across both on-premises and Azure Active Directory… more »
    Top Answer:Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the… more »
    Top Answer:The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.
    Ranking
    Views
    2,780
    Comparisons
    1,536
    Reviews
    9
    Average Words per Review
    956
    Rating
    8.9
    Views
    4,220
    Comparisons
    3,420
    Reviews
    28
    Average Words per Review
    677
    Rating
    8.5
    Comparisons
    Also Known As
    Azure Advanced Threat Protection, Azure ATP, MS Defender for Identity
    MS Defender for Office 365
    Learn More
    Overview

    Microsoft Defender for Identity is a comprehensive security solution that helps organizations protect their identities and detect potential threats. It leverages advanced analytics and machine learning to provide real-time visibility into user activities, enabling proactive identification of suspicious behavior. 

    With its powerful detection capabilities, it can identify various types of attacks, including brute force, pass-the-hash, and golden ticket attacks. The solution also offers rich reporting and alerting capabilities, allowing security teams to quickly respond to incidents and mitigate risks. By continuously monitoring user activities and providing actionable insights, Microsoft Defender for Identity helps organizations strengthen their security posture and safeguard their sensitive data.

    Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.

    With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.

    This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.

    Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.

    Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.

    Sample Customers
    Microsoft Defender for Identity is trusted by companies such as St. Luke’s University Health Network, Ansell, and more.
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm14%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Manufacturing Company17%
    Computer Software Company17%
    Comms Service Provider13%
    Logistics Company7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm8%
    Manufacturing Company7%
    Government7%
    Company Size
    REVIEWERS
    Small Business17%
    Midsize Enterprise17%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    REVIEWERS
    Small Business42%
    Midsize Enterprise16%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise19%
    Large Enterprise51%
    Buyer's Guide
    Microsoft Defender for Identity vs. Microsoft Defender for Office 365
    May 2024
    Find out what your peers are saying about Microsoft Defender for Identity vs. Microsoft Defender for Office 365 and other solutions. Updated: May 2024.
    771,740 professionals have used our research since 2012.

    Microsoft Defender for Identity is ranked 6th in Advanced Threat Protection (ATP) with 13 reviews while Microsoft Defender for Office 365 is ranked 1st in Advanced Threat Protection (ATP) with 41 reviews. Microsoft Defender for Identity is rated 9.0, while Microsoft Defender for Office 365 is rated 8.4. The top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". On the other hand, the top reviewer of Microsoft Defender for Office 365 writes "Allows for easy reporting of problems, valuable anti-phishing, and anti-malware support". Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Entra Verified ID, Splunk User Behavior Analytics, Microsoft Defender for Endpoint and Rapid7 InsightIDR, whereas Microsoft Defender for Office 365 is most compared with Proofpoint Email Protection, Mimecast Email Security, Microsoft Exchange Online Protection (EOP), Cisco Secure Email and Avanan. See our Microsoft Defender for Identity vs. Microsoft Defender for Office 365 report.

    See our list of best Advanced Threat Protection (ATP) vendors and best Microsoft Security Suite vendors.

    We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.