Microsoft Defender for Office 365 Reviews

I use Microsoft Defender for Office 365 on my personal computer, and it's easier here because I don't use the internet to visit inappropriate pages or download anything suspicious from rare sites.

I use Microsoft Defender for Office 365 only on-premises, not cloud, because for cloud services, I use my Gmail account.

Microsoft Defender for Office 365 meets my security needs, as it helps me monitor how my computer is performing. Although I am a cybersecurity specialist and have other tools, I use Microsoft Defender for Office 365 to check my computer and those of my parents or friends.

I am using Microsoft Defender for Office 365, as well as Microsoft Process Explorer, but not much else yet because I work everything in virtual machines.

Microsoft Defender for Office 365 is always active on Windows; I didn't need to configure anything, and if there's something different or suspicious, it alerts me immediately. It's very easy to use. I know that it's a very simple defense, but I use my computer very carefully.

What I appreciate about Microsoft Defender for Office 365 is that it's free and comes as an on-premise product by default, so no additional setup is required. It comes by default and gives the client a safety sensation, allowing people to be careful and more relaxed with their computer.

I have seen benefits from using Microsoft Defender for Office 365, as it gives users a relaxed feeling of being protected. I don't usually experience any alerts unless I am playing in Hack The Box and using a virtual machine.

The integration of Microsoft Defender for Office 365 with other Microsoft products enhances my security, as I don't have any problems with the whole Microsoft product suite.

I think that Microsoft Defender for Office 365 could be improved if it could use VirusTotal to compare the programs or anything that I download. VirusTotal helps to identify viruses, malware, trojans, and worms. For example, if I download software to edit videos, if it could scan it through VirusTotal before I execute the installation, it would tell me if the software has anything suspicious.

I have been using Microsoft Defender for Office 365 for approximately two years.

I rate technical support from Microsoft a 10 because when I have a problem with my computer, they have always been very good.

At this moment, I'm not using any solutions because I was only making a market study of Proofpoint and Perception Point.

The threat investigation tools in Microsoft Defender for Office 365 don't influence my security response times too much because now I am not working with it, but I am very careful with my computer since I know how the field is.

I am not using any artificial intelligence with Microsoft Defender for Office 365; I only use ChatGPT for my personal use.

I haven't recommended Microsoft Defender for Office 365 yet, but if I have a situation where I need to recommend it, I would do so.

I rate Microsoft Defender for Office 365 a nine out of ten.

On-premises

Google

My current use cases for Microsoft Defender for Office 365 are email security, device security, and identity security. Those are the main three ways we use it.

The anti-spoofing technology has helped protect our executives. 

The most valuable feature I have found in Microsoft Defender for Office 365 is email security, which is pretty valuable. They've come a long way from when I started looking at them a couple of years ago, and they've gotten a lot better in detecting phishing and spoofing attempts.

An example of how Microsoft Defender for Office 365 features have helped improve my company is that the anti-spoofing technology is effective in preventing executives from being victims of display name spoofing. It has helped prevent many such incidents within our organization.

Microsoft Defender for Office 365 solution helps prioritize threats across my enterprise.

The prioritization provided by Microsoft Defender for Office 365 is very important because email is probably one of the most common attack vectors for us, and it helps us justify the cost associated with and the need for such a tool.

The threat intelligence from Microsoft Defender for Office 365 helps prepare us for potential threats before they hit and enables us to make proactive steps, as it gives us IOCs and helps us make more informed decisions.

The threat intelligence from Microsoft Defender for Office 365 has not really affected my security operations.

Overall, the solution has saved me time, approximately a month.

It has saved me money, as it has prevented common attacks that we've seen in the past before we had Microsoft Defender for Office 365. We just haven't realized it because it's been pretty effective.

The security has significantly decreased my time to detection and response.

In the areas of improvement for Microsoft Defender for Office 365, the console is the biggest challenge for me. There is a different console for different things; I just want one consolidated console.

I have been using Microsoft Defender for Office 365 for approximately seven years.

I would assess the stability and reliability of Microsoft Defender for Office 365 as very stable, with barely any issues. The false positive rate is very good as well.

The scalability is seamless. 

My experience with customer support and technical support for Microsoft Defender for Office 365 has been excellent.

Positive

Prior to adopting Microsoft Defender for Office 365, I used other solutions such as McAfee and Proofpoint, among others. We've tried them all.

We switched to reduce costs and based on its out-of-the-box simplicity of use. 

The initial setup is simple, however, you do need to get well-versed in the different consoles. We use different clouds and they all integrate well. 

It is challenging to quantify with Microsoft Defender for Office 365, however, we have seen a return on investment.  

In terms of the areas where I saw that return on investment with Microsoft Defender for Office 365, it is related to the risk to our environment, specifically regarding users being scammed or phished. We've seen a significant reduction there.

It's likely saved us money. We likely haven't realized it since the security has deflected threats. 

I did consider other products before switching to Microsoft Defender for Office 365.

What made me ultimately choose Microsoft Defender for Office 365 was the cost reduction and the ability to turn it on and let it go without a lot of customization.

Microsoft Defender doesn't automate routine tasks; we do it more manually, and we also have our MSSP. We don't use a lot of the built-in technology for that. 

The automation in Microsoft would have made it more streamlined. Since we outsource it, we rely entirely on MSSP for that. We do it manually and don't use much of the automation aspect. 

On a scale of one to ten, I would rate Microsoft Defender for Office 365 a nine.

Hybrid Cloud

Microsoft Azure

We use Microsoft Defender for Office 365 as part of Microsoft XDR solution. It offers native integration within Microsoft Ecosystem and provides proactive recommendations that help enhance our organization's security. Additionally, it is used to protect on-premises mail flow by redirecting it to Defender EOP.

The solution saves time due to its easy policy configuration and licensing process. It integrates naturally with Sentinel, which simplifies IT and technical configuration tasks with minimal clicks, offering flexibility and efficiency.

Microsoft Defender for Office 365 provides natively integrated cybersecurity tools that are part of Microsoft Ecosystem. It offers proactive recommendation tasks to enhance organizational security. It provides end-to-end visibility on email threats such as phishing, extending beyond Exchange Online Protection. The scalability is managed by Microsoft as a cloud-hosted tool, relieving us of those concerns.

Microsoft could improve by offering recommendations for domain spoofing attacks, especially scenarios where DNS records like SPF, DKIM, and DMARC are not properly published. It's essential to enhance awareness about these issues within organizations.

I have experience in Microsoft Defender for Office 365 for the past three years.

Deployment is straightforward due to a comprehensive guide provided by Microsoft. It's easy to deploy, and anyone with a security background can apply it without difficulty.

The solution is stable, as we have been using it for the past two years. Sometimes it generates false positive alerts, but adjusting policies resolves these issues. Security products occasionally provide false positives, so alignment of configuration is necessary.

As a cloud-hosted tool, scalability is great. We have never faced scalability problems, and Microsoft manages it effectively. We only need to focus on configuring policies.

I would rate customer service at a five out of five. Over the past two years, there have been no critical problems. Any issues are addressed quickly by Microsoft's support.

Positive

Microsoft offers an affordable and feature-rich security solution compared to third-party email security tools like Trend Micro.

The initial setup is easy due to Microsoft's deployment guide.

Microsoft is quite affordable with a lot of features available for any size organization.

Overall, I would rate Microsoft Defender for Office 365 at a ten. My experience with the visibility into threats is positive; Microsoft provides transparency and regularly improves its products. Most of the customers using Microsoft Defender for Office 365 in our region belong to the financial sector.

Public Cloud

Other

My primary use cases for Microsoft Defender for Office 365 in my company revolve around endpoint security. 

Microsoft 365 in general helps with security needs, and I could receive notifications about potential threats.

It's easy for people who use the Microsoft environment.

The ability to respond to threats if very important. My company has close to 1000 users, managing through Microsoft endpoints, and we require protection of our files.

My impression of the visibility into threats that Microsoft Defender for Office 365 provides is that visibility is quite essential.

This solution helps automate routine tasks and helps automate the finding of high-value alerts. It's fairly robust. 

Threat intelligence helps prepare for potential threats before they hit endpoints. Security operations people also get notifications to understand how the system is doing.

Time to detection has stayed the same. 

Specifically, within Microsoft Defender for Office 365, I want it to improve the DLP capabilities.

I have been using Microsoft Defender for Office 365 for more than three years.

We haven't had performance issues. 

I honestly have not actually seen anything demos for their support, so I don't have direct real experience.

Positive

We did previously use a different solution. Defender helps us save time and energy and we don't have to manage seperate solutions. 

My experience deploying Microsoft Defender for Office 365 was seamless. We deployed 365 and Defender at the same time, and it just worked. We didn't have to do anything significantly separate.

I have realized other benefits from using Microsoft Defender for Office 365, such as cost. It is bundled into the 365 license. Overall, cost of owning and operating our system goes down.

The cost of operation has reduced. 

The cost is reasonable. Overall, the cost of owning and operating goes down. We've likely saved 30% of costs.

We do not use the solution to prioritize threats. 

Microsoft Defender for Office 365 has not yet fully integrated with other security solutions within my environment. On a scale of one to ten, I rate Microsoft Defender for Office 365 an eight. There's always room for improvement. 

Public Cloud

Microsoft Azure

I use Microsoft Defender for Office 365 for various compliance tasks. For example, I can use it for eDiscovery to search mailbox content. Just today, a manager requested all emails for a departing user who no longer had an active license. Using Defender's content search feature, I exported the user's entire mailbox as a PST file for the manager to import into Outlook. Beyond eDiscovery, Defender also helps us monitor compliance and security scores, manage quarantine emails, investigate phishing alerts, and configure data classification, labeling, anti-spam, and anti-malware policies.

Before using Microsoft Defender for Office 365, we were plagued by phishing and ransomware emails, especially for our board members. To combat this, we implemented a Defender policy that triggers alerts for emails containing keywords like "bank account" or "credit card details." Additionally, a policy tip and disclaimer appear in user mailboxes for such emails. This disclaimer clarifies the email's external origin and allows users to move it directly to junk with a single click. Simultaneously, an alert goes to the administrator, who investigates the email: if legitimate, it's released, otherwise it's blocked.

Our organization operates a single, hybrid tenant environment with a mix of on-premises and cloud-based mailboxes, with the majority residing in the cloud. This small, non-multi-tenant setup supports approximately 2,000 users.

While Microsoft Defender for Office 365 integrates with third-party solutions, our organization prioritizes Microsoft technologies for security. We only integrate external tools with explicit management approval. This focus extends to data backup. Even though Office 365 is a cloud service, we recently purchased Barracuda, a tool that seamlessly integrates with Office 365 for data backup.

Prior to my arrival, our organization lacked a dedicated Office 365/Microsoft 365 security specialist, with IT admins relying on web searches for configuration. Upon identifying vulnerabilities, I implemented Microsoft Defender and other security measures. Our compliance score, which was around 30 percent a year and a half ago, now consistently ranges from 75 to 85 percent, thanks in large part to Microsoft Defender for Office 365.

Microsoft Defender for Office 365 helps prevent advanced attacks like business email compromise by stopping lateral movement within the network. It also includes data loss prevention features, where our custom policies have helped block malicious emails, ransomware, and spam before they ever reach our servers. While not perfect, Microsoft Defender has significantly improved our email security, offering around 80 to 90 percent effectiveness, which we're quite happy with.

Microsoft Defender for Office 365 has significantly improved our security team's efficiency. The comprehensive security analytics dashboard provides insightful information on threats, including the number of phishing attempts and attacks on our servers. This data can be easily exported for clear reporting to management. Overall, Microsoft Defender for Office 365 saves us time and simplifies security analysis presentations.

Our long-established organization has faced recent economic downturns, leading to employee departures. Managers frequently request departing users' SharePoint data, Mailboxes including PST files, and other associated information. So the most valuable feature of Microsoft Defender for Office 365 is data backups that we can provide through ticket requests.

Microsoft Defender for Office 365's Mac functionality requires improvement to deliver the same level of protection found on Windows devices.

I have been using Microsoft Defender for Office 365 for two years.

I would rate the stability of Microsoft Defender for Office 365 nine out of ten.

Microsoft Defender for Office 365 is highly scalable.

I've found that Microsoft's third-party support teams are slow to resolve issues. While they do eventually fix the problem, it can take a week for issues that should only take a day or two. In contrast, Microsoft employees can typically resolve issues within two days.

Neutral

While deploying Microsoft Defender for Office 365 in my previous organization with multiple tenants was complex, the current single-tenant setup was easy.

We had a team of four involved in the deployment. Two were in the United States and Belgium and two were in India. 

The implementation was completed in-house.

While Microsoft Defender for Office 365 necessitates pricier E3 or E5 subscriptions, the extensive functionality offered by these licenses across various Microsoft products justifies the investment.

I would rate Microsoft Defender for Office 365 eight out of ten.

Microsoft Defender for Office 365 is deployed in multiple regions in India, China, Belgium, Italy, and the United States.

So far, no maintenance has been required yet, but we regularly check Microsoft's security advisories and discuss them in our scrum meetings. If an advisory requires action, we'll address it accordingly.

I would recommend Microsoft Defender for Office 365 to others.

With over ten years of experience using Microsoft 365 and Microsoft 365 Defender exclusively, I've successfully implemented it at multiple companies. While the upfront cost may seem high, it delivers value based on your infrastructure size. Overall, Microsoft Defender is an excellent security product for any environment, regardless of size.

Hybrid Cloud

Microsoft Azure

We use many Microsoft Security products, and overall, it's helping us with our overall security posture. Though we see some challenges, we want to see if the Security Copilot can help, but overall, it's very helpful and essential to our operations.

Microsoft Defender for Office 365 helps prioritize threats across our enterprise. The security products provide good visibility, allowing us to see and prioritize various events, which is crucial given the daily volume of events. We can see what's going on and prioritize. Because there are many different events, we can focus on the most important ones first. This prioritization of threats is very important. Otherwise, it may not be usable because we will be handling thousands of events every day.

The threat intelligence offered by Microsoft Defender for Office 365 helps us prepare for potential threats before they hit. It offers visibility and a focused response needed to manage threats promptly. The security features can effectively and quickly identify and prioritize threats, contributing to rapid threat response.

Our application is a SaaS solution, so we have many customers, and the cloud infrastructure is essential to our business. The security features of Microsoft Defender for Office 365 can quickly identify and prioritize threats, allowing our SecOps team to act quickly to respond to the threats.

Microsoft Defender for Office 365 has saved us time and money. It has decreased our time to detection or time to respond by approximately 10 times because we have 100 gigabytes of logs every day, and without automation, it would be impossible for humans to handle.

This will be a potential risk because if there's any security incident, that will cause reputational and financial damage. Being able to maintain our overall security posture with Microsoft Defender for Office 365 is invaluable.

The DLP feature of Microsoft Defender for Office 365 is pretty good. The DLP feature of Microsoft Defender for Office 365 is valuable, and we also use the DLP feature for email real-time detection. The value of the DLP feature is significant to us because we have internal data, sometimes sensitive, and the users may not always be aware of security and privacy, which might lead them to send out information mistakenly to external parties.

We still see many false positives from time to time with Microsoft Defender for Office 365, so it would be good if we can reduce those false positives and provide better workflows for our end users, as sometimes they may not know what to do when they encounter a false positive. Those kinds of workflows will help make it easier to use.

We have been using Microsoft Defender for Office 365 since 2018.

Overall, the stability and reliability of Microsoft Defender for Office 365 are good, but we do see some hiccups from time to time. Maybe twice last year, we lost the Teams connection, but overall, it is within the SLA range.

Microsoft Defender for Office 365 scales transparently for us, as we grew from 1,000 users to 3,000 users, and we didn't notice much difference.

The technical support and customer support we received for Microsoft Defender for Office 365 are pretty good; we opened tickets, and they typically resolve them quickly.

Positive

We have been using it from the beginning.

It is pretty straightforward, but fine-tuning the rules takes time. We see false positives from time to time, so we need to find the rules to fix our situation.

We started with on-premises. Currently, it's like 80% cloud and 20% on-premises. Exchange and SharePoint are on the cloud, but AD is still hybrid.

Security is very important for us, and we are also a public company, so any security incident will cause serious damage, but it's hard to quantify the return on investment we've seen from Microsoft Defender for Office 365.

It's within our expectations and also competitive in the market.

We didn't evaluate other solutions.

Currently, we do not have automation actions with Microsoft Defender for Office 365. We mainly focus on the detection part because we find some false positives from time to time, so we are not 100% confident to turn on the fully automated mode.

I would rate Microsoft Defender for Office 365 a nine out of ten.

Public Cloud

Microsoft Azure

We mainly use Microsoft Defender for Office 365 for people who teach or work remotely. This allows us to effectively control and monitor them.

We have faculty who aren't even near the college. Some of our faculty are in other cities and teach remotely. Microsoft Defender for Office 365 enables us to manage everything through the cloud, so we don't have to ship anything back and forth. We can do updates or address any issues with computers remotely.

Microsoft Defender for Office 365 facilitates efficient management and updates through the cloud. We do not have to worry about incompatibilities. It just works. My team appreciates the threat visibility Defender offers. It ranks the threats and allows us to prioritize those hitting us the hardest, such as email threats. 

I am generally satisfied with how it currently is. If I could improve anything, I would reduce the cost. 

The college has been using Microsoft Defender for Office 365 for more than two years. I have been there for a year.

The stability of Microsoft Defender for Office 365 is fantastic.

The scalability of Microsoft Defender for Office 365 is fantastic, same as its stability.

I rate Microsoft support nine out of 10. Customer service and support have been fantastic. We have direct Microsoft support, which we subscribe to and pay for.

Positive

I don't know which solution was used before since it was in place when I started.

I can't provide specifics since I was not involved before my tenure, but based on my experience, it was seamless.

The implementation was all done in-house, without the use of an integrator, reseller, or consultant.

Defender has reduced the time our security team spends on tasks by 10 to 15 percent, allowing us to focus on other areas. It has also decreased our time to detection and response by about 15 to 20 percent.

I don't have detailed specifics on pricing, setup cost, or licensing.

I don't know about any other solutions that were evaluated before my tenure.

I rate Microsoft Defender for Office 365 a nine out of 10 because it works seamlessly without any incompatibilities.

Public Cloud

Other

As a specialist in SOC, we work closely with multiple customers to cover their IT assets using Microsoft 365 Defender. They have Microsoft Defender for Endpoint deployment, especially for Microsoft 365. We configure the tool to implement the different policies and requirements to cover the email security part and the cloud apps part with the different strategies available on the platform.

After that, we either work directly on the Microsoft 365 portal or configure the sending of the alerts from this portal to Microsoft Sentinel. This will act as a single pane of glass for us to follow the incidents and advise our customers based on that.

One of the best features of the tool is its capability to aggregate insights from different workloads, basically from the Office 365 and endpoints part. With the integration of Microsoft Defender for Identity and Microsoft Entra ID Protection, we will have insights from the identity part. Finally, with the Microsoft Defender for Cloud Apps, we'll also have insights about our cloud apps, either Microsoft 365 cloud apps or third-party cloud apps.

The aggregation of all of these insights into the tool's incident feature will help us have a global vision of the incidents and find multistage attacks at the first steps of the attacks.

Microsoft Defender for Cloud Apps is a very good solution that allows you to use a single port or tool to control everything happening with your organization's different cloud applications.

Configuring the default strategies and policies in Microsoft Defender for Cloud Apps generates a lot of noise and false positives. Also, the documentation does not have many details about that. The bad configuration and lack of good documentation prevent professionals from taking the most advantage of this tool.

One of the big problems that some customers face is that Microsoft always changes its products' names. For example, four to six months ago, Microsoft Defender for Office 365 was renamed Microsoft Defender XDR. Microsoft comes up with a new name for the tool every one or two years, which sometimes is hard for customers to follow.

Microsoft should improve some integrations in the Microsoft Defender for Cloud Apps sub-category. With a specific configuration to Microsoft Defender for Endpoint, we can get logs and insights from network devices and other workloads on our system.

I have been using Microsoft Defender for Office 365 for two years.

I rate the solution an eight or nine out of ten for stability.

We configure the tool for different clients, and thousands of people work with the solution. The tool scales out very well and can cover and monitor devices and users ranging from a few hundred to thousands without any problem. Our clients for Microsoft Defender for Office 365 are medium and small businesses. Microsoft Defender for Office 365 is a scalable solution. There are no issues with the solution's scalability or latency.

I rate the solution's scalability ten out of ten.

The technical support for the solution is very good, and I didn't face any issues with it.

Positive

I have previously used CrowdStrike Falcon. Microsoft Defender for Office 365 and CrowdStrike Falcon are both great tools. Each has its advantages and disadvantages. In my opinion, CrowdStrike is more mature in the endpoint and classic antivirus parts. On the other hand, Microsoft Defender for Office 365 is more mature regarding identity and Office 365.

For artificial intelligence integration, Microsoft 365 Defender is far ahead of others with the integration of CoPilot within the portal. This feature that helps analysts reduce time to analyze and respond to incidents does not exist in CrowdStrike.

The solution's initial setup is very straightforward. You have to go to the portal and click on the incident icon, and the tool will automatically start configuring itself. After that, the integration of the endpoints depends on your workload. For example, 1,000 devices will take much longer than two or three devices.

Automation tools are available within the platform to help us automatically deploy the sensors on different workloads that we will need to cover with this tool. The solution's initial configuration and deployment are very straightforward. A lot of videos and documentation are available for the same.

The initial configuration and deployment of the tool for a specific tenant takes five to ten minutes. After that, it depends on what you want to do. You can implement specific strategies today. Based on the evolution of threats, you will need to configure different things tomorrow.

We tried to solve a lot of issues by implementing the solution. The solution helps us detect problems related to the endpoints, like the detection of suspicious processes or suspicious installation of suspicious software. We will raise an alert, and it will show us a graph of the different entities included in the incident, including users, computers, or endpoints.

If it is related to email, it will show us the initial email and different insights about the incident. We'll go through those alerts and try to check them manually. Sometimes, the tool detects suspicious emails for some incidents and automatically quarantines them.

After that, we, as analysts, will do the manual review. If we find an action suspicious, we use the tool to blocklist the domain that has sent the email. If we find that it's a false positive, we will reject this automatic action by the XDR, and the email will be delivered to the end user.

Unified identity and access management is a new feature on the Microsoft 365 Defender portal. It's all about having a single pane of glass to give you insights into the different identities available on your tenant. Those identities are either on-premises, cloud-based, or synchronized between the on-premises and cloud-based workloads.

The solution's security covers more than just Microsoft technologies. Microsoft Defender for Endpoint and Microsoft Defender for Cloud Apps have a specific configuration to get insights from third-party cloud applications or from within the Microsoft Defender for Endpoint sensors. We can also get logs and insights from other network devices present in our perimeter, like routers, switches, or firewalls. All those insights will help us gain some visibility into our security posture.

The product has gone through a lot of improvements, especially in the last few moments. It will be like a SOC unified platform with the integration of the Microsoft Sentinel tool within the Microsoft 365 Defender portal. This tool is available to cover all the perimeters. Even third-party solutions and workloads that do not have any security tools from where we can get insights, we can directly use something else to install the low connectors and get visibility about those.

Also, the most significant evolution is the integration of artificial intelligence with Microsoft Copilot for security. This is also a big added value that will help analysts investigate and minimize the meantime needed to respond to advanced threats.

The solution stops the lateral movement of advanced attacks, like ransomware or business email compromise, in a good way. Specific measures and configurations are implemented within the tool that will help us detect advanced attacks in the early stages. We can set configurations for business email compromise.

With the help of artificial intelligence, we'll get insights about emails that may be starting a business email compromise based on specific keywords. It's the same for ransomware and other advanced attacks.

The solution's integration into a company will help it be more resilient to cyber attacks. It will help the company prepare for attacks at an early stage and respond quickly, which will help it be more secure.

Being an XDR, the solution has detection and response capabilities. With adequate configuration, we can configure the required measures to stop or at least quarantine attacks and isolate the assets involved with the attacks in the early stage upon detection. After that, the manual site comes into the picture, and we do the manual review. Based on our review and feedback, the tool will learn from us and behave better in the next similar incident.

I saw a demo about the solution's multi-tenant management feature, and it's a very good feature. It will help big companies with multiple tenants and MSSPs that deal with multiple tenants for users. It will help them to work with multiple tenants by flipping a switch.

I'm a big fan of the solution. Having a Microsoft E5 license will help you to cover all the different types of security, including the identity, the endpoint, the email, and even the cloud. I'm just an engineer and work with whatever tool the client provides me. I noticed that many customers have a Microsoft E5 license, but they don't know a lot about the capabilities that come with it.

They buy or add other tools from third parties when they have that feature or capability included within the E5 license. Microsoft needs to talk to different customers and show them the capabilities that come with these types of licenses, which cover a lot of features.

The integration of Copilot has helped us a lot in concentrating on a single portal to get different insights. This will help a lot to reduce the meantime to respond to incidents by 50%.

The configuration of the Copilot assistant is very straightforward and doesn't take more than 30 minutes. After that, when the tool automatically detects incidents and you go to the analysis page of a specific incident, you will find an initial analysis of the whole incident by the Copilot security assistant.

You may also interact with it using chat, and it will help you if you haven't understood any specific terms from the initial analysis. It can be configured to automatically respond to specific incidents based on workbooks, which will help us automatically apply the measures to respond to specific incidents for remediation.

Microsoft Defender for Office 365 is a cloud-based solution. Since it's a cloud-based solution, Microsoft does all the maintenance for the tool. We are notified via email if there is a shortage or a problem. The SLAs are usually very good, and I have not noticed any problems in the last two years where we could not access the tool.

I would recommend the solution to other users because it's a very good solution and one of the best XDRs in the world right now. If you go through reviews from Gartner or other companies, you will see that Microsoft Defender for Office 365 is a leader in the XDR market. It has the capability to collect and aggregate insights from different sources, either cloud-based or on-premises.

The integration of artificial intelligence will greatly help final users and security practitioners respond to incidents adequately and efficiently.

Overall, I rate the solution an eight out of ten.