Find out in this report how the two Identity Threat Detection and Response (ITDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
The time is reduced by nearly fifty percent for our audit preparation and compliance reporting compared to earlier.
I have seen a return on investment through reduced audit effort and fewer security incidents related to privileged access, along with significant time savings for IT and security teams by automating access control and password management.
The efficiency of our team has increased as we have reduced manual credential management, allowing our IT team to focus on higher value tasks.
Generally, the support is more effective than other providers like Oracle.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
The people I normally use for support are very knowledgeable, especially when they help remote in and get to where I need to go and show me much faster and help me understand what I should be doing.
I sometimes need escalations to reach expertise.
Sometimes, I get a very helpful response and they address issues on a call.
When I have day-to-day incidents and problems, the response is good enough in terms of time and quality.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
The scalability of One Identity Safeguard is perfect, scoring ten out of ten.
Safeguard handles a growing number of users, systems, and sessions without significant degradation in performance.
We have a cluster of SPPs and a cluster of SPSs, and we can add a node to that cluster without much fuss.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
We do not see any issues with the stability of Microsoft Defender for Identity.
Having recently started using it, reliability is affirmed, but manual investigation is often performed to verify if alerts identified by auto-remediation are accurate.
The session proxying, password vaulting, and automated workflow run consistently even under high load.
I would rate it a nine out of ten for stability.
In terms of stability, I rate One Identity Safeguard nine to ten out of ten.
If Microsoft could develop a feature that indicates when impossible travel is caused by VPN connections, it would prevent unnecessary password resets and session disruptions, especially for VIP users in organizations.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
Reducing false positives is something we've been working on with Microsoft.
For some configurations on the SPS side, if I need to make changes, such as for DNS servers, I must redeploy the machine.
There are many steps. We are still in the onboarding phase, and it seems very manual.
Another area for improvement could be the threat detection capabilities, like those seen in other PAM vendors.
If they can reduce the costs, organizations will be happy, and it will compensate for using the Azure environment, which is more expensive on the infrastructure as a service side.
Ensuring a fair price according to market standards.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
It is one of those where the more you buy, the cheaper it is.
It is cheaper than CyberArk.
It is more expensive than Secret Server but way less expensive than CyberArk.
We receive an advance report of risky users, allowing us to take preemptive action before an attack causes damage to organization details.
The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect.
The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks.
The auditing and approval mechanisms are features we did not have before and are greatly appreciated.
Automatic credential rotation helps our team by removing the need for manual changes to privileged passwords, reducing the risk of stale or shared credentials and ensuring that every access is controlled and compliant.
Just-in-time access has sped up admin task completion and improved our overall compliance reporting, allowing audits to be completed nearly half the time compared to earlier.
| Product | Market Share (%) |
|---|---|
| Microsoft Defender for Identity | 10.4% |
| CrowdStrike Falcon | 12.8% |
| Microsoft Entra ID Protection | 6.6% |
| Other | 70.19999999999999% |
| Product | Market Share (%) |
|---|---|
| One Identity Safeguard | 3.9% |
| CyberArk Privileged Access Manager | 11.2% |
| Delinea Secret Server | 5.0% |
| Other | 79.9% |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 4 |
| Large Enterprise | 14 |
| Company Size | Count |
|---|---|
| Small Business | 29 |
| Midsize Enterprise | 17 |
| Large Enterprise | 19 |
Microsoft Defender for Identity offers real-time threat detection and protection for hybrid Active Directory environments. It integrates with Microsoft 365 components for seamless security and monitors advanced behaviors, enhancing identity protection across cloud and on-premises environments.
Microsoft Defender for Identity provides detailed threat insights and user behavior analytics to detect unauthorized access and notify anomalies. It allows setting custom detection rules, enhancing threat response automation. While it needs improvements in cloud security, SIEM integration, and access controls, users leverage its ability to mitigate identity threats like suspicious logins and ransomware. Enhanced integration with Microsoft security products ensures a coordinated threat response for identity control and privilege management.
What are the key features of Microsoft Defender for Identity?In specific industries, organizations implement Microsoft Defender for Identity to secure on-premises and hybrid Active Directory environments through user and entity behavior analytics, malicious activity detection, and integration with Microsoft security tools. This approach enhances security posture assessment and helps mitigate identity threats like identity harvesting and unauthorized access.
One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
