Microsoft Defender for Office 365 Room for Improvement

Luis-Brown - PeerSpot reviewer
IT Director at a energy/utilities company with 11-50 employees

Microsoft Defender for Office 365 lacks proactivity in assisting us with preparing for potential threats before they occur. While they employ a substantial amount of threat intelligence to preemptively prevent incidents, their effectiveness diminishes when it comes to delivering proactive threat intelligence alerts from Microsoft. Their focus primarily revolves around managing the internal environment. On the other hand, my other vendor, Check Point, along with my membership in MS-ISAC, supplements me with this type of information. 

The phishing and spam filters could use some improvement. It is adequate, but it doesn't match the quality of Proofpoint or Mimecast. However, it comes close in effectiveness. Plus, if we're obtaining it for free, investing in the other products seems impractical.

View full review »
Jamie LeClair - PeerSpot reviewer
IT Collaboration Services Manager at Dow

It seems like Microsoft has begun to roll out products before they are fully baked. Microsoft wants its well-paying customers to finish testing some of its half-baked products, find bugs, and report bugs back to Microsoft's team, which is a little frustrating for those who have to manage it and roll it up to thousands of people across the organization. I would say that Microsoft should release or launch better or fully baked products before going ahead with the GA phase.

View full review »
Tolu Omolaja - PeerSpot reviewer
Head of Department of Network Communications at Eko electricity

Microsoft Defender for Office 365 should be more proactive. As a major global player, Microsoft possesses the platform to gather more information than any other company. Utilizing this information would enable them to make the system much more proactive. It would be sensible for Microsoft Defender for Office 365 to send occasional notifications, acting as advisories on how to prevent the latest threat trends. Similar to a newsletter, these notifications could guide users to take appropriate measures and review their organization's configurations, thereby ensuring maximum security.

View full review »
Buyer's Guide
Microsoft Defender for Office 365
March 2024
Learn what your peers think about Microsoft Defender for Office 365. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Reynaldo Ruiz Flores - PeerSpot reviewer
Self Employed, Freelance, Consultor, Sales - Learning Time at SpectralByte

The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included. 

View full review »
Sachin Vinay - PeerSpot reviewer
Network Administrator at Amrita

The advanced threat protection requires awareness and knowledge from administrators. Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features.

View full review »
MQ
Assistant Manager, Information Technology Systems at Getz Pharma

The GUI is sometimes slow to fetch the device report and could be improved.

It would be great if Microsoft Defender for Office 365 were priced at the tenant level, rather than the user level. This is because the feature is used by all users in the tenant, not just individual users.

View full review »
Nagendra Nekkala. - PeerSpot reviewer
Senior Manager ICT & Innovations at Bangalore International Airport Limited

You should be able to deploy Defender for every subscription without the need to add servers. 

View full review »
AH
Solution Consultant Information Security at Ixtel

Microsoft Defender for Office 365 is a comprehensive security solution, but it could be improved. Compared to other solutions, Microsoft Defender for Office 365's security reports are not as detailed and the visibility into our network coverage could be better.

The IOC scanning has room for improvement.

The XDR dashboard has room for improvement. The dashboard needs more of a single pane of glass because currently, Microsoft Defender for Office 365 does not give me any options to scan an email thread or attachment for IOCs on my endpoint. I need to manually download the file from the email and then scan it with Microsoft Defender for Office 365. I think Microsoft Defender for Office 365 should be able to scan email threads and attachments directly, without the need for manual intervention.

Secondly, the Data Loss Prevention functionality in Microsoft Defender for Office 365 is very limited. It can only scan for certain types of data. Microsoft Defender for Office 365 should be able to scan for a wider variety of data types, such as customer lists and intellectual property.

Attack process management and breach attack simulation should be included in Microsoft Defender for Office 365.

View full review »
Prateek Agarwal - PeerSpot reviewer
Manager at Indian Institute of Management Visakhapatnam

There is room for improvement with the UI.

The company should focus on adding threats that the solution is currently unable to detect. Sometimes it misses threats and viruses across the whole solution that are not covered under the current scanning. For example, if there are a hundred viruses that could be threatening us, sometimes Defender will only be able to scan for 95 out of 100.

We have to pay for storage for the solution. The storage cost should not be included in the subscription.

The notification rates are very high. It even notifies us for some small, low-priority viruses. My recommendation is that it should only notify us for high-level security threats that could highly affect our applications.

View full review »
Kishan Kishto - PeerSpot reviewer
Systems Administrator at Kishto Technologies

Microsoft Defender for Office 365 should improve the troubleshooting tools. It's unclear whether the device is blocked at the firewall level or at the device itself. The granularity needed for troubleshooting is currently lacking.

From my perspective, Microsoft should address this issue to benefit many users who likely share the same sentiment.

View full review »
Sandor Nilsson - PeerSpot reviewer
Project Leader and IT Transition Manager at Data Communication & Software i Grondal Aktiebolag

What I don't like about Microsoft Defender for Office 365 is that many of the features should be default. They should be included, not optional, like other vendors provide.

View full review »
AK
Security analyst at a educational organization with 1,001-5,000 employees

There's room for improvement regarding the time frame for retrieving emails. Currently, the limitation allows users to go back only thirty days when pulling emails or conducting related actions. Enhancing this capability to extend the timeframe, perhaps to sixty or ninety days, would be beneficial.

View full review »
Gordon McGowan - PeerSpot reviewer
Deputy Chief Information Officer at County of Montgomery, PA

Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data. 

View full review »
Giovanni Emerenciano - PeerSpot reviewer
IT Manager at a manufacturing company with 51-200 employees

About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting.

Now that we have more visibility into threats, our orientation is to have a more top-market solution to give us more visibility and easier ways to respond to the threats that we find and also to identify threats better.

It is not really straightforward to get a lot of information from Microsoft Defender, so we have had to use Microsoft Graph to create some custom views to export custom information.

View full review »
YT
Vice President at a computer software company with 11-50 employees

The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year.

View full review »
BO
Corporate IT Infrastructure Manager at United Test and Assembly Center Ltd.

The visibility for the weaknesses in the system and unauthorized access can be improved.

Its price should be improved. Its cost is a major concern for us.

View full review »
Rajitha Jayasekera - PeerSpot reviewer
Associate Tech Lead at a computer software company with 51-200 employees

In one of the reports, I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help.

View full review »
Vinutha Madi - PeerSpot reviewer
Information Security Analyst at a tech services company with 51-200 employees

Microsoft sometimes has downtime, and we'll get several incidents coming back-to-back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once.

A few days ago, we had an issue where everything that came into the user's mailbox was flagged. We got hundreds of notifications. It was problematic for us, but the investigation was easy. 

View full review »
MP
Chief Information Security Officer at a outsourcing company with 10,001+ employees

I'd like to see fewer false positives and potentially have an accurate capability to detect malicious SharePoint sites. There could also be an improvement in some of the features related to training. In a phishing test campaign, for example, it should be more user-friendly and include the capability to evaluate and assess users' understanding of the content provided. 

View full review »
Chris-Atkinson - PeerSpot reviewer
Sales Director for Academic, Medical, Corporate and Government markets at a tech services company with 1,001-5,000 employees

The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.

View full review »
VR
IT Manager at SSEL

The custom alerts have to improve a lot. Though the system is very good, we have to go and check inside the admin panel to look at all kinds of reports. We won't get any mail alerts that highlight for us, for example, "today this many of spam attacks have happened". Or "these many emails have been blocked." We have to manually go into the admin panel and have to check it out. It would be nice if there are custom email notifications/alerts.

Right now, there are additional features such as mobile device management and data loss prevention, or eDiscovery (where the admin scans through the inboxes and see all your mail and notes any deviation) that are only currently available under the E5 license. You can't get these services as part of a base plan. In the future, it would be nice if they were added as part of the base plan as well.  

View full review »
OK
Cloud solution engineer at a computer software company with 51-200 employees

They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are. 

View full review »
AK
Lead Technical Consultant at a tech vendor with 1,001-5,000 employees

Microsoft's security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically. 

View full review »
MJ
Solutions Architect at a computer software company with 1,001-5,000 employees

One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication. The awareness of ecosystem information that is provided needs to be better.

View full review »
HM
DevSecOps Engineer at a tech services company with 11-50 employees

Several simulation options are available within 365, and the phishing simulation could be better.

I want to see improvements that will make the tool easier to operate. 

View full review »
OR
General Manager IT at a logistics company with 10,001+ employees

In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.

View full review »
SG
Technical Support Specialist

The solution provides us with visibility into threats; however, there is room for improvement in the threat visibility, as it could be more granular, refined, and detailed.

The UI needs to be more user-friendly. Some of the dashboard views are hard to follow and make the reporting complicated.

View full review »
PP
Supervisor of IT Infrastructure & Cybersecurity at a comms service provider with 51-200 employees

This is not really a defined product. You have to go to a lot of different places to enable things so it would be nice if you could go to one tab that says 365 Defender for Office 365 or something similar. You would be able to make all the settings and changes there, rather than having to go to lots of different places in the admin center to get it configured.

Configuring Defender for Office 365 is not as easy as I would like but with some research and patience, you can tweak the solution to meet your needs. There are some pretty good articles online that assist in setting up Defender for Office 365 to meet your needs.

Creating a path for your Security Awareness Training (SAT) phishing tests to go around the Defender filtering is way too complex for our current solution KnowBe4. But I learned that is a KnowBe4 limitation. Phin SAT has a much easier method of injecting test phishing emails that do not require such acrobatics to configure.

View full review »
AP
Co-Founder with 11-50 employees

The pre-sales cost calculations could be more transparent. 

View full review »
GH
Principal Consultant at a tech services company with 201-500 employees

There needs to be an improvement in having the product work across multiple operating systems and have better support for non-Microsoft file types.

Defender for Office 365 handles the Microsoft supported file types, but MIP is limited. This solution does what it needs to do, but it does not go to the depth of if it was working with MIP, a holistic information protection system. It does not support all the file types an organization might use. For example, AutoCAD B1 for manufacturing or defence-oriented companies, they have to add a third-party add-on, or you would have to create the extensibility.

In an upcoming release, there should be business continuity features added. Proofpoint solution addresses what happens if you have an outage. If your tenant or your SaaS application is not available, there is no continuity right now with this solution. 

View full review »
BA
Sales Account Manager at a tech services company with 51-200 employees

They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.

View full review »
OK
Consultant at a tech services company with 1,001-5,000 employees

This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products. 

View full review »
SR
IT Specialist at a government with 51-200 employees

We need to be able to whitelist data at the backend. 

View full review »
MS
Deputy Chief SAP BASIS Administrator at a comms service provider with 201-500 employees

I was looking for some advanced features, like if I would receive an email that contains a legitimate file type, but the content is malicious, how I can protect against that? Normally, we are dealing with so many phishing and spam emails. I'd like some additional features any product can give me to protect our environment in a better way. 

There is always a chance to continue to improve the product in some way.

View full review »
FL
Information Technology Manager at a performing arts with 51-200 employees

We are waiting for better software to block viruses. The feedback that we receive is that it is weaker when compared with other products such as Cisco and Palo Alto.

The only concern that we have is that this product is user-based, but we have requirements to run separate PCs or servers that are not on the same subscription. We need a separate license and we don't know how to get the license that is required.

We also wonder if it can prevent attacks from new types of viruses such as Widefire.

View full review »
IR
Cybersecurity and Business Continuity Consultant at a tech services company with 201-500 employees

Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added.

View full review »
RB
Senior Network Analyst at a financial services firm with 1,001-5,000 employees

It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers. 

View full review »
DW
Cloud Services Director at a tech services company with 11-50 employees

There is room for improvement in terms of reporting. There could be more features around it.

View full review »
AP
Co-Founder with 11-50 employees

We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email.

View full review »
Buyer's Guide
Microsoft Defender for Office 365
March 2024
Learn what your peers think about Microsoft Defender for Office 365. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.