Vice President at a computer software company with 11-50 employees
Real User
Top 20
Saves the clients money because my team spends fewer hours doing tasks each week
Pros and Cons
  • "The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over."
  • "The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year."

What is our primary use case?

We use Defender for Office for its five core features: anti-phishing, malware, link scanning, attachment scanning, and anti-spam.

How has it helped my organization?

We switched from Mimecast to Defender, and it's been a massive difference. Mimecast is convoluted, obtuse, and frustrating. That's not the case for Microsoft 365. Mimecast has more false positives, and the link-scanning feature requires you to authenticate devices every time you use the solution, which is untenable if you're on your phone. It's just not possible. 

If you're trying to look up a PDF that somebody sent, and a safe link is embedded in that, Mimecast and Microsoft write it into the "send" box. However, Microsoft is much better because you are already authenticated, so you don't need to re-authenticate again. Mimecast makes you reauthenticate every time.

It gives us one admin portal to see the things we need, which has made life for my admin team easier. I estimate it saves us about an hour or two a week. It saves the clients money because my team spends fewer hours doing tasks each week. 

What is most valuable?

The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over. 

Impersonation detection is also crucial because attackers are increasingly advanced. They keep changing their tactics and adapting. People are getting emails with display names that look like people from their organization. SDF records, DMARC, and all that stuff don't always work because people often ignore email addresses. We have also used the phishing simulation component. That's pretty good.

What needs improvement?

The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year.

Buyer's Guide
Microsoft Defender for Office 365
March 2023
Learn what your peers think about Microsoft Defender for Office 365. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
687,256 professionals have used our research since 2012.

For how long have I used the solution?

I've used Defender in production for about a year.

What do I think about the stability of the solution?

Defender is stable. 

What do I think about the scalability of the solution?

The number of users isn't significant, so I'm not worried about scalability.

How was the initial setup?

Deploying Defender is a two-person job. You don't have to do much to maintain it per se. You occasionally get tickets from users who expected an email that got quarantined. You need to pay attention to that. You'll get access when you get a false positive, and you need one help desk person to look into it. There's no maintenance outside of that. 

What was our ROI?

Defender is cheaper than Mimecast in the long run, so there are savings, if not a return. It's like proving a negative. We haven't been hacked, so I don't know if that's worth anything.

What's my experience with pricing, setup cost, and licensing?

The price is reasonable. 

What other advice do I have?

I rate Defender for Office 365 a nine out of ten. If you could find a better solution than Defender, I would take a look. I originally went with Mimecast because they seemed to have a better product, but that's no longer true. Microsoft Defender is better than Mimecast. I used Mimecast for four years before switching. It used to be better, but now it isn't. You go with the best. Diversifying it is not helpful. Microsoft is finally doing a good job doing this email protection, they didn't do well in the past, but now they are.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Flag as inappropriate
PeerSpot user
PeerSpot user
Supervisor of IT Infrastructure & Cybersecurity at a comms service provider with 51-200 employees
Reseller
Top 5Leaderboard
Thorough examination of email and URLs for malicious content; great real-time updates
Pros and Cons
  • "Does a thorough job of examining email and URLs for malicious content."
  • "Configuration requires going to a lot of places rather than just accessing one tab."

What is our primary use case?

We are resellers of this solution and Microsoft partners. 

What is most valuable?

The solution does a thorough job of examining email for malicious content and examines the URLs and potential malicious content in emails. It offers peace of mind with more real-time updates as far as what they're looking for as opposed to a signature-based solution. It's probably the most valuable feature to my mind. I've deployed it for a couple of clients in a 365 environment and it seems to be a pretty solid solution. 

What needs improvement?

This is not really a defined product. You have to go to a lot of different places to enable things so it would be nice if you could go to one tab that says 365 Defender for Office 365 or something similar. You would be able to make all the settings and changes there, rather than having to go to lots of different places in the admin center to get it configured.

For how long have I used the solution?

I've been using this solution for six months. 

What do I think about the stability of the solution?

This is a stable solution. 

What do I think about the scalability of the solution?

Defender is very scalable, it sits on the 365 environment so however big your 365 environment is, is how much you can expand, so I would say it's very scalable. We've probably set up 300 or 400 users so far. There's no maintenance and you don't have to deploy updates. It's all taken care of in the background by Microsoft so it's pretty much set and forget it once you get here.

How are customer service and support?

The support is mostly responsive, but I've had instances going for longer than a week that shouldn't have taken that long.

Which solution did I use previously and why did I switch?

There's no specific solution I would relate to, Microsoft just seems like a cleaner solution as opposed to having a third party. We've used some other solutions in the past where you have to send the mail to that solution and then forward it from there to Microsoft. In this case, it all takes place in the Microsoft environment. No extra modifications are required. 

How was the initial setup?

Like most Microsoft products it's not the easiest thing to get installed, but it seems to work once you have deployed. You can easily do it in half a day, especially once you get familiar with it, but it's not particularly time-consuming. It's best to start out with more lenient definitions so you're not working on every mail, but we can tune it after that. Our in-house IT department deals with deployment. 

What was our ROI?

We haven't done any sort of analysis with regard to ROI, but in my mind, if you can stop one piece of ransomware or malware from getting onto your network, it's priceless.

What's my experience with pricing, setup cost, and licensing?

The solution is not too expensive. 

What other advice do I have?

I'd highly recommend reading the documentation. It was pretty helpful in getting the solution set up.

I rate the solution eight out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Microsoft Defender for Office 365
March 2023
Learn what your peers think about Microsoft Defender for Office 365. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
687,256 professionals have used our research since 2012.
Corporate IT Infrastructure Manager at United Test and Assembly Center Ltd.
Real User
Top 5
Improves security awareness and security posture and blocks known threats immediately
Pros and Cons
  • "The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
  • "The visibility for the weaknesses in the system and unauthorized access can be improved."

What is our primary use case?

We use it for detecting any kind of breach or intrusion. It is not enabled for everyone because we have our own antivirus.

How has it helped my organization?

It has helped us in improving our security posture. It detects any kind of attack or abnormal behavior in accessing the system and sends an alert to the administrator who can check, understand, and review on time to ensure that all activities are legit.

It blocks all known threats immediately and sends alerts to follow up. It is not used on all devices. On the devices on which it is being used, it has improved the security by 80%.

It has improved our security awareness. It helped us in understanding the weaknesses in our configuration that needed to be fixed to avoid any kind of breach. It has increased our security level and mitigated the risk of being compromised.

What is most valuable?

The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time.

What needs improvement?

The visibility for the weaknesses in the system and unauthorized access can be improved.

Its price should be improved. Its cost is a major concern for us.

For how long have I used the solution?

We started using it in 2019.

What do I think about the stability of the solution?

Its stability is good.

What do I think about the scalability of the solution?

Its scalability is good. It is able to leverage more and more functions, which is essential because cybersecurity threats are increasing nowadays.

Initially, we had only 10 users, and currently, most of the users are switching to another platform. We only have one user, and only the system administrator is managing it.

How are customer service and technical support?

I didn't need any tech support because the documentation and the procedures are simple and easy to understand.

Which solution did I use previously and why did I switch?

We have Symantec Endpoint Protection, and we also use Sophos. We are using Defender only on our Azure system because it is a suitable tool for the Microsoft environment.

How was the initial setup?

Its initial setup is straightforward. Because it is cloud-based, when we assign the license for Office 365, it can be automatically deployed from the console. Because the number was small, we manually installed it on each device one by one. Its deployment requires minimal staff. Depending on the connectivity, it can take about 30 minutes for each device.

What was our ROI?

We have not seen an ROI yet.

What's my experience with pricing, setup cost, and licensing?

Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us.

What other advice do I have?

It is a good product, but its price is the most critical point for consideration. In terms of technology and capability, I would rate Microsoft Defender an eight out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Consultant at a tech services company with 1,001-5,000 employees
MSP
Top 5Leaderboard
Good integration, but needs better spam and phishing detection
Pros and Cons
  • "The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
  • "This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products."

What is our primary use case?

Our primary use case of Defender is to protect customers' emails. We use this solution for the servers being hosted on Azure. We use it mostly for the emails of Office 365 users, to secure their emails. Some customers already have other email security, complementing Office 365, but smaller customers prefer using a single solution to protect their emails. 

This solution is cloud-based. 

What is most valuable?

The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance. 

What needs improvement?

This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products. 

For how long have I used the solution?

We have been using this solution for almost a year, just in 2021. 

How are customer service and support?

The technical support's response is very good. If you have Premier Support, they can respond within 15 minutes. In terms of their technical team, it's very good as well. 

How was the initial setup?

The installation is a key feature, since it's a single product within Microsoft. It's integrated with Office 365, so it's very easy to install. You only need one person for deployment and maintenance—the administrator, which is usually either from the security team or email administrator team. 

What about the implementation team?

We implemented this solution ourselves. 

What's my experience with pricing, setup cost, and licensing?

For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis. 

Which other solutions did I evaluate?

Some of our customers have IronPort or Trend Micro and prefer to use these solutions, complementing Office 365. 

What other advice do I have?

I rate Defender a seven out of ten because it's easy to operate and maintain, but it could be improved by spam and phishing detection. 

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Sales Account Manager at a tech services company with 51-200 employees
Reseller
Top 10
Simple implementation, effective email threat detection, and secure
Pros and Cons
  • "The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
  • "They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."

What is our primary use case?

Microsoft Defender for Office 365 was a product called Advanced Threat Protection(ATP) in the beginning and it was changed. Microsoft Defender for Office 365 is an email security. Our customers should know that it is only email security and not a full security feature solution. It is for checking the attachments of emails, and it will move them on if they are secure, and if they are not secure it will not move them forward.

What is most valuable?

The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not.

What needs improvement?

They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.

For how long have I used the solution?

I have been using Microsoft Defender for Office 365

What do I think about the scalability of the solution?

Microsoft Defender for Office 365 has been scalable.

How was the initial setup?

The implementation is simple, once you have the license you assign it to the end-user.

What was our ROI?

We have seen a return on investment because if we would have received a phishing email, Microsoft Defender for Office 365 would help out to detect the threat instead of crashing down the whole company. The solution keeps emails protected with high security benefiting the company, whether it's an inbound or outbound email.

What's my experience with pricing, setup cost, and licensing?

Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution.

What other advice do I have?

I would advise every customer who requires email security to purchase Microsoft Defender for Office 365.

I rate Microsoft Defender for Office 365 a ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Chief Information Security Officer at a outsourcing company with 10,001+ employees
Real User
Top 20
Deployment capability is a great feature but we're getting too many false positives
Pros and Cons
  • "The deployment capability is a great feature."
  • "Too many false positives and lacks an accurate capability to detect malicious SharePoint sites."

What is our primary use case?

We use Microsoft Defender for Office 365 for email security. We are partners of Microsoft and I'm the company's chief operation security officer. 

What is most valuable?

The deployment capability is a great feature. We're able to activate this feature throughout France with a click.

What needs improvement?

I'd like to see fewer false positives and potentially have an accurate capability to detect malicious SharePoint sites. There could also be an improvement in some of the features related to training. In a phishing test campaign, for example, it should be more user-friendly and include the capability to evaluate and assess users' understanding of the content provided. 

For how long have I used the solution?

I've been using this solution for several years. 

How are customer service and support?

The customer support could be more advanced at the technical level and more responsive. There should also be more communication on updates.

Which solution did I use previously and why did I switch?

We previously had some reinforced email security features with Microsoft; this is just an improvement on what we had.

What's my experience with pricing, setup cost, and licensing?

This is quite an expensive solution and understanding the pricing model and features is quite complicated and it can, in fact, be a nightmare when dealing with Microsoft.

Which other solutions did I evaluate?

We reviewed several on-premise solutions such as Forcepoint that could be integrated with other components within our infrastructure. The reason we didn't go with them is that we have to respond quickly to threats and at an international level. Given the complexity of our situation in terms of architecture, we decided to go with a ready-to-use solution.

What other advice do I have?

We haven't had a review recently, so I can't say that this is the best solution on the market. Things are evolving all the time with new features constantly being added to all solutions. For now, I would rate this solution seven out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Technical Support Specialist
Real User
Helps prioritize tasks, and keeps our platform secure, but is not user-friendly
Pros and Cons
  • "The technical support is good and quick to resolve issues."
  • "The UI needs to be more user-friendly."

What is our primary use case?

We use the solution to add and move staff when they leave to secure the laptops and other assets for the company. All our contractors work remotely.

How has it helped my organization?

The solution helps us prioritize threats across our entire enterprise. 

I found the prioritization to be effective for the amount I have used it.

The solution helps us automate routine tasks and find high-value alerts. We use automation to create printers in terms of notifications that notify us when a device is trying to gain access.

The solution saved us between 24 and 48 hours of time.

The solution saved us money.

What is most valuable?

We are a small Software as a Service company, so when we hire contractors for projects, we usually move on to a different contractor with the relevant expertise. This means we have a lot of contractors coming in and out of the company, and the solution helps to keep our platforms secure when they have finished working by removing their credentials.

What needs improvement?

The solution provides us with visibility into threats; however, there is room for improvement in the threat visibility, as it could be more granular, refined, and detailed.

The UI needs to be more user-friendly. Some of the dashboard views are hard to follow and make the reporting complicated.

For how long have I used the solution?

I have been using the solution for two years.

How are customer service and support?

The technical support is good and quick to resolve issues.

How would you rate customer service and support?

Positive

What other advice do I have?

I give the solution a six out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
General Manager IT at a logistics company with 10,001+ employees
Real User
Top 20
Protects from zero-day threats and ensures that attachments and links are safe, but has a lot of false positives and should have only one plan that takes care of everything
Pros and Cons
  • "Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
  • "In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."

What is most valuable?

Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features.

What needs improvement?

In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.

For how long have I used the solution?

I have been using this solution for the last one year. I have its latest version.

What do I think about the stability of the solution?

It is stable. We didn't find any issues with that.

What do I think about the scalability of the solution?

It is highly scalable. We have deployed for around 7,000 accounts.  Performance is not impacted.

How are customer service and technical support?

Their technical support can definitely be improved. They can avoid using templatized response.

Which solution did I use previously and why did I switch?

We had basic Exchange Online Protection. 

How was the initial setup?

It was easy to configure and with one/two skilled the ongoing maintenance can be handled. 

What's my experience with pricing, setup cost, and licensing?

It has a simple interface to configure and manage. From the pricing point of view, like any other product in the market, there is scope for negotiation. 

Which other solutions did I evaluate?

Before we chose to settle with this product, we experimented with Cisco, Forcepoint, etc.

What other advice do I have?

I would advise others to do a proof of concept for at least a month before taking a decision.

I would rate Microsoft Defender for Office 365 a eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Microsoft Defender for Office 365 Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2023
Buyer's Guide
Download our free Microsoft Defender for Office 365 Report and get advice and tips from experienced pros sharing their opinions.