We performed a comparison between Microsoft Defender for Identity and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud."
"One of our users had the same password for every personal and company account. That was a problem because she started receiving phishing emails that could compromise all of her accounts. Defender told us that the user was not changing their password."
"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."
"The solution offers excellent visibility into threats."
"This solution has advanced a lot over the last few years."
"The feature I like most is that you can create your own customized detection rules. It has a lot of default alerts and rules, but you can customize them according to your business needs."
"Being able to easily authenticate yourself on the MSA app is valuable. It is easy to use. Rather than receiving a code in an SMS, you can just verify that it is you. You don't have to punch in any password or any six-digit code. That's the feature that I like the most."
"The two-step authentication is the most valuable."
"Don't delay implementing this solution, it's the best thing you can do for your identity protection."
"It's very easy to run and it's part of their ecosystem and I don't think it's going anywhere anytime soon."
"I like Azure AD's conditional access policies. Microsoft Entra provides a single pane of glass for managing user access, improving the overall user experience."
"I like Entra's ability to integrate the Active Directory with third-party solutions. It's straightforward. I like the ability to define third-party systems and make the AD the primary identity provider."
"Overall the solution functions very well, such as the ability to access it from the cloud."
"What I like about Microsoft Authenticator is that it has good features. I also like that the tool is straightforward to use. Microsoft Authenticator also has a good UI that's very simple to use. I also like that I didn't find any limitations or negative aspects from the features of the tool because Microsoft Authenticator is not an extensive application. It has a two-factor based authentication which validates the user through the password, then it approves authentication."
"There is no option to remedy an issue directly from the console. If we see an alert, we can't fix it from the console. Instead, we must depend on other Microsoft products, such as MDE. That is a significant drawback. It simply works as a scanner, which can sometimes put enough load on the sensors. Immediate actions should be possible from the dashboard because. It can prevent issues from spreading further."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate."
"The tracking instance needs to be configured appropriately."
"When the data leaves the cloud, there are security issues."
"And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
"Microsoft has so many different requirements and priorities that sometimes they don't invest all their energy into the products that you have expectations to investigate."
"For the end users, it can be confusing if they have worked for another company that had the Authenticator app. It is tricky if they have already had the Authenticator app and then work somewhere else. If they have to download it again and use it again on their phone, it is something that gets complicated. I know how to get through it. They just need to uninstall and reinstall the application, but for them, sometimes, it is confusing."
"The custom role creation function could be improved as it's somewhat tricky to use."
"I think there is room for improvement with actually discussing, and advertising Microsoft as a an authenticator. Many people just get confused and use Google, and I think if Microsoft would make more of an effort to penetrate the market, that would be key."
"The Cloud Provisioning Agent cannot provision a lot of the information that AD Connect does. For starters, the lightweight version cannot synchronize device information. If you have computers on-premises, the information about them will not be synchronized by the Cloud Provisioning Agent. In addition, if you have a user on the cloud and he changes his password, that information should be written back to the on-premises instance. But that workflow cannot be done with the lightweight agent. It can only be done with the more robust version."
"At the free or basic level of service, Azure should provide identity protection features including single sign-on and multifactor authentication."
"I would like to see Microsoft communicate how they intend to manage legacy applications. Right now, you still have to deploy a hosted domain server (which comes at an extra cost) if you have a legacy application that cannot sync properly with the enterprise applications and the modern applications."
"We have a lot of freedom in using the Group Policy Objects and, although Group Policy Objects are part of Azure Active Directory, there are still a lot of things that can be improved, such as providing local admin rights to a user. There are various, easy ways that I can do that in the on-premises version, but in the cloud version, it is a bit difficult. You have to create a bunch of policies to make it work."
More Microsoft Defender for Identity Pricing and Cost Advice →
Microsoft Defender for Identity is ranked 8th in Microsoft Security Suite with 13 reviews while Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 190 reviews. Microsoft Defender for Identity is rated 9.0, while Microsoft Entra ID is rated 8.6. The top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Defender for Cloud Apps, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo. See our Microsoft Defender for Identity vs. Microsoft Entra ID report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.