Microsoft Defender for Office 365 Reviews

We use Defender for Office for its five core features: anti-phishing, malware, link scanning, attachment scanning, and anti-spam.

We switched from Mimecast to Defender, and it's been a massive difference. Mimecast is convoluted, obtuse, and frustrating. That's not the case for Microsoft 365. Mimecast has more false positives, and the link-scanning feature requires you to authenticate devices every time you use the solution, which is untenable if you're on your phone. It's just not possible. 

If you're trying to look up a PDF that somebody sent, and a safe link is embedded in that, Mimecast and Microsoft write it into the "send" box. However, Microsoft is much better because you are already authenticated, so you don't need to re-authenticate again. Mimecast makes you reauthenticate every time.

It gives us one admin portal to see the things we need, which has made life for my admin team easier. I estimate it saves us about an hour or two a week. It saves the clients money because my team spends fewer hours doing tasks each week. 

The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over. 

Impersonation detection is also crucial because attackers are increasingly advanced. They keep changing their tactics and adapting. People are getting emails with display names that look like people from their organization. SDF records, DMARC, and all that stuff don't always work because people often ignore email addresses. We have also used the phishing simulation component. That's pretty good.

The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year.

I've used Defender in production for about a year.

Defender is stable. 

The number of users isn't significant, so I'm not worried about scalability.

Deploying Defender is a two-person job. You don't have to do much to maintain it per se. You occasionally get tickets from users who expected an email that got quarantined. You need to pay attention to that. You'll get access when you get a false positive, and you need one help desk person to look into it. There's no maintenance outside of that. 

Defender is cheaper than Mimecast in the long run, so there are savings, if not a return. It's like proving a negative. We haven't been hacked, so I don't know if that's worth anything.

The price is reasonable. 

I rate Defender for Office 365 a nine out of ten. If you could find a better solution than Defender, I would take a look. I originally went with Mimecast because they seemed to have a better product, but that's no longer true. Microsoft Defender is better than Mimecast. I used Mimecast for four years before switching. It used to be better, but now it isn't. You go with the best. Diversifying it is not helpful. Microsoft is finally doing a good job doing this email protection, they didn't do well in the past, but now they are.

We are resellers of this solution and Microsoft partners. 

The solution does a thorough job of examining email for malicious content and examines the URLs and potential malicious content in emails. It offers peace of mind with more real-time updates as far as what they're looking for as opposed to a signature-based solution. It's probably the most valuable feature to my mind. I've deployed it for a couple of clients in a 365 environment and it seems to be a pretty solid solution. 

This is not really a defined product. You have to go to a lot of different places to enable things so it would be nice if you could go to one tab that says 365 Defender for Office 365 or something similar. You would be able to make all the settings and changes there, rather than having to go to lots of different places in the admin center to get it configured.

I've been using this solution for six months. 

This is a stable solution. 

Defender is very scalable, it sits on the 365 environment so however big your 365 environment is, is how much you can expand, so I would say it's very scalable. We've probably set up 300 or 400 users so far. There's no maintenance and you don't have to deploy updates. It's all taken care of in the background by Microsoft so it's pretty much set and forget it once you get here.

The support is mostly responsive, but I've had instances going for longer than a week that shouldn't have taken that long.

There's no specific solution I would relate to, Microsoft just seems like a cleaner solution as opposed to having a third party. We've used some other solutions in the past where you have to send the mail to that solution and then forward it from there to Microsoft. In this case, it all takes place in the Microsoft environment. No extra modifications are required. 

Like most Microsoft products it's not the easiest thing to get installed, but it seems to work once you have deployed. You can easily do it in half a day, especially once you get familiar with it, but it's not particularly time-consuming. It's best to start out with more lenient definitions so you're not working on every mail, but we can tune it after that. Our in-house IT department deals with deployment. 

We haven't done any sort of analysis with regard to ROI, but in my mind, if you can stop one piece of ransomware or malware from getting onto your network, it's priceless.

The solution is not too expensive. 

I'd highly recommend reading the documentation. It was pretty helpful in getting the solution set up.

I rate the solution eight out of 10. 

We use it for detecting any kind of breach or intrusion. It is not enabled for everyone because we have our own antivirus.

It has helped us in improving our security posture. It detects any kind of attack or abnormal behavior in accessing the system and sends an alert to the administrator who can check, understand, and review on time to ensure that all activities are legit.

It blocks all known threats immediately and sends alerts to follow up. It is not used on all devices. On the devices on which it is being used, it has improved the security by 80%.

It has improved our security awareness. It helped us in understanding the weaknesses in our configuration that needed to be fixed to avoid any kind of breach. It has increased our security level and mitigated the risk of being compromised.

The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time.

The visibility for the weaknesses in the system and unauthorized access can be improved.

Its price should be improved. Its cost is a major concern for us.

We started using it in 2019.

Its stability is good.

Its scalability is good. It is able to leverage more and more functions, which is essential because cybersecurity threats are increasing nowadays.

Initially, we had only 10 users, and currently, most of the users are switching to another platform. We only have one user, and only the system administrator is managing it.

I didn't need any tech support because the documentation and the procedures are simple and easy to understand.

We have Symantec Endpoint Protection, and we also use Sophos. We are using Defender only on our Azure system because it is a suitable tool for the Microsoft environment.

Its initial setup is straightforward. Because it is cloud-based, when we assign the license for Office 365, it can be automatically deployed from the console. Because the number was small, we manually installed it on each device one by one. Its deployment requires minimal staff. Depending on the connectivity, it can take about 30 minutes for each device.

We have not seen an ROI yet.

Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us.

It is a good product, but its price is the most critical point for consideration. In terms of technology and capability, I would rate Microsoft Defender an eight out of 10.

Our primary use case of Defender is to protect customers' emails. We use this solution for the servers being hosted on Azure. We use it mostly for the emails of Office 365 users, to secure their emails. Some customers already have other email security, complementing Office 365, but smaller customers prefer using a single solution to protect their emails. 

This solution is cloud-based. 

The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance. 

This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products. 

We have been using this solution for almost a year, just in 2021. 

The technical support's response is very good. If you have Premier Support, they can respond within 15 minutes. In terms of their technical team, it's very good as well. 

The installation is a key feature, since it's a single product within Microsoft. It's integrated with Office 365, so it's very easy to install. You only need one person for deployment and maintenance—the administrator, which is usually either from the security team or email administrator team. 

We implemented this solution ourselves. 

For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis. 

Some of our customers have IronPort or Trend Micro and prefer to use these solutions, complementing Office 365. 

I rate Defender a seven out of ten because it's easy to operate and maintain, but it could be improved by spam and phishing detection. 

Microsoft Defender for Office 365 was a product called Advanced Threat Protection(ATP) in the beginning and it was changed. Microsoft Defender for Office 365 is an email security. Our customers should know that it is only email security and not a full security feature solution. It is for checking the attachments of emails, and it will move them on if they are secure, and if they are not secure it will not move them forward.

The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not.

They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.

I have been using Microsoft Defender for Office 365

Microsoft Defender for Office 365 has been scalable.

The implementation is simple, once you have the license you assign it to the end-user.

We have seen a return on investment because if we would have received a phishing email, Microsoft Defender for Office 365 would help out to detect the threat instead of crashing down the whole company. The solution keeps emails protected with high security benefiting the company, whether it's an inbound or outbound email.

Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution.

I would advise every customer who requires email security to purchase Microsoft Defender for Office 365.

I rate Microsoft Defender for Office 365 a ten out of ten.

We use Microsoft Defender for Office 365 for email security. We are partners of Microsoft and I'm the company's chief operation security officer. 

The deployment capability is a great feature. We're able to activate this feature throughout France with a click.

I'd like to see fewer false positives and potentially have an accurate capability to detect malicious SharePoint sites. There could also be an improvement in some of the features related to training. In a phishing test campaign, for example, it should be more user-friendly and include the capability to evaluate and assess users' understanding of the content provided. 

I've been using this solution for several years. 

The customer support could be more advanced at the technical level and more responsive. There should also be more communication on updates.

We previously had some reinforced email security features with Microsoft; this is just an improvement on what we had.

This is quite an expensive solution and understanding the pricing model and features is quite complicated and it can, in fact, be a nightmare when dealing with Microsoft.

We reviewed several on-premise solutions such as Forcepoint that could be integrated with other components within our infrastructure. The reason we didn't go with them is that we have to respond quickly to threats and at an international level. Given the complexity of our situation in terms of architecture, we decided to go with a ready-to-use solution.

We haven't had a review recently, so I can't say that this is the best solution on the market. Things are evolving all the time with new features constantly being added to all solutions. For now, I would rate this solution seven out of 10. 

We use the solution to add and move staff when they leave to secure the laptops and other assets for the company. All our contractors work remotely.

The solution helps us prioritize threats across our entire enterprise. 

I found the prioritization to be effective for the amount I have used it.

The solution helps us automate routine tasks and find high-value alerts. We use automation to create printers in terms of notifications that notify us when a device is trying to gain access.

The solution saved us between 24 and 48 hours of time.

The solution saved us money.

We are a small Software as a Service company, so when we hire contractors for projects, we usually move on to a different contractor with the relevant expertise. This means we have a lot of contractors coming in and out of the company, and the solution helps to keep our platforms secure when they have finished working by removing their credentials.

The solution provides us with visibility into threats; however, there is room for improvement in the threat visibility, as it could be more granular, refined, and detailed.

The UI needs to be more user-friendly. Some of the dashboard views are hard to follow and make the reporting complicated.

I have been using the solution for two years.

The technical support is good and quick to resolve issues.

Positive

I give the solution a six out of ten.

Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features.

In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.

I have been using this solution for the last one year. I have its latest version.

It is stable. We didn't find any issues with that.

It is highly scalable. We have deployed for around 7,000 accounts.  Performance is not impacted.

Their technical support can definitely be improved. They can avoid using templatized response.

We had basic Exchange Online Protection. 

It was easy to configure and with one/two skilled the ongoing maintenance can be handled. 

It has a simple interface to configure and manage. From the pricing point of view, like any other product in the market, there is scope for negotiation. 

Before we chose to settle with this product, we experimented with Cisco, Forcepoint, etc.

I would advise others to do a proof of concept for at least a month before taking a decision.

I would rate Microsoft Defender for Office 365 a eight out of ten.