We use the product for endpoint security of machines. It includes threat detection, defining compliance rules, and governance policies. It helps us with extracting reports as well.
Solution Architect at Rackspace Technology
Provides threat detection capabilities and protects the environment from zero-day attacks
Pros and Cons
- "The product’s most valuable feature is the ability to provide threat detection and protection simultaneously."
- "One area where Microsoft Defender could be improved is in its support for non-Microsoft products, particularly for systems running Linux or other open-source platforms across ecosystems."
What is our primary use case?
How has it helped my organization?
The platform ensures that the environment is fully protected. Its operational excellence helps us reduce resource costs. We do not need a large team to manage security. The subscription models provide monthly and short-term -plans. We can the number of items scale according to the requirements, and dynamically adjust resources during lean periods. It doesn’t require us to purchase long-term licensing plans.
What is most valuable?
The product’s most valuable feature is the ability to provide threat detection and protection simultaneously. It doesn’t require additional power for processing similar to other products.
What needs improvement?
One area where Microsoft Defender could be improved is in its support for non-Microsoft products, particularly for systems running Linux or other open-source platforms across ecosystems.
Buyer's Guide
Microsoft Defender Threat Intelligence [EOL]
June 2026
Learn what your peers think about Microsoft Defender Threat Intelligence [EOL]. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,067 professionals have used our research since 2012.
For how long have I used the solution?
We have been using Microsoft Defender Threat Intelligence for five years.
What do I think about the scalability of the solution?
We have 7000 Microsoft Defender Threat Intelligence users. It scales automatically depending on the requirements. It is a highly available application.
How are customer service and support?
The technical support team responds immediately to the queries.
How was the initial setup?
The initial setup is straightforward. It has a good amount of documentation available to refer to the steps. It is a cloud-based application and thus, easy to implement compared to an out-of-the-box version. It can be deployed on endpoint devices as well.
What's my experience with pricing, setup cost, and licensing?
The product has multiple subscription models. The pricing is expensive, but it is justifiable considering the amount of threat-related information it provides.
What other advice do I have?
The platform is built for threat detection and protection. It saves the environment from zero-day attacks. It offers an intermittent mechanism for new operating system updates. It can be integrated with many enterprise-grade solutions. We can build APIs and explore the logs as well.
Microsoft Defender has played a crucial role in addressing security incidents related to auditing and compliance within our organization. During audits, a common requirement is to ensure that the environment is fully patched, updated, and compliant with all necessary security measures. With Defender in place, it allows auditors direct access to relevant reports, and verify them.
I advise others to use the product if they are planning to move to a cloud environment. It gives a sufficient amount of information or threat intelligence data.
I rate it a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Deputy Manager - Radio Frequency Planning at RF-SMART
Highly effective safeguarding against cyber threats with robust security features, timely threat intelligence and efficient performance
Pros and Cons
- "Its user-friendliness is its most valuable aspect."
- "It would be beneficial to enhance the pricing structure and make it more affordable."
What is our primary use case?
The protection provided by Microsoft Defender Threat Intelligence is robust and effective.
How has it helped my organization?
It efficiently helped us in threat hunting.
The malware virus posed significant security challenges, but Microsoft played a pivotal role in addressing and resolving the incident.
The timeliness and accuracy of Threat Intelligence are commendable.
The primary advantage lies in its robust security and overall performance.
What is most valuable?
Its user-friendliness is its most valuable aspect. I am satisfied with its performance in general.
What needs improvement?
It would be beneficial to enhance the pricing structure and make it more affordable.
For how long have I used the solution?
I have been using it for six months.
What do I think about the stability of the solution?
It provides good stability capabilities with occasional delays. I would rate it eight out of ten.
What do I think about the scalability of the solution?
I would rate its scalability abilities eight out of ten.
Which solution did I use previously and why did I switch?
I used Norton previously, but that was quite some time ago.
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
Deployment is quick, typically ranging from five to ten minutes. I was responsible for the deployment. First, you need to install the antivirus software on the system. Then proceed with the installation process.
What's my experience with pricing, setup cost, and licensing?
It's reasonably priced, though there's room for further improvement.
What other advice do I have?
I would recommend it because of its strong security and user-friendly interface. Overall, I would rate it eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
Microsoft Defender Threat Intelligence [EOL]
June 2026
Learn what your peers think about Microsoft Defender Threat Intelligence [EOL]. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,067 professionals have used our research since 2012.
Assistant Vice President at a financial services firm with 10,001+ employees
Though the tool offers threat prevention and blocking capabilities, it needs to improve its stability
Pros and Cons
- "The product's initial setup phase was straightforward."
- "The stability of the product is an area of concern where improvements are required."
What is our primary use case?
I use Microsoft Defender Threat Intelligence at my home for its threat prevention and blocking capabilities.
What is most valuable?
I can't comment on the valuable features offered by Microsoft Defender Threat Intelligence as the PC at my home is currently used by my family while I use my office laptop.
What needs improvement?
In Microsoft Defender Threat Intelligence, automatic threat blocking and in-memory attacks are areas of concern where improvements are required.
The stability of the product is an area of concern where improvements are required.
For how long have I used the solution?
I have been using Microsoft Defender Threat Intelligence for a couple of years. I am a user of the product.
What do I think about the stability of the solution?
It is a stable solution. I rate the product's stability a six out of ten.
What do I think about the scalability of the solution?
It is not a scalable solution since I use it on a PC at home, so per PC, a license amount is paid.
Only one person uses the solution at my home.
How was the initial setup?
The product's initial setup phase was straightforward.
The product's installation phase just requires me to enable it on my system, as Microsoft Defender Threat Intelligence is a product that came along when I purchased my laptop.
The product is deployed based on the product's licenses, so it doesn't matter whether it is deployed on an on-premises model or on the cloud.
What was our ROI?
The basic requirements offered by the product are good enough for home-based PCs.
What's my experience with pricing, setup cost, and licensing?
I use the product's default version, which is a free one and not the licensed version.
What other advice do I have?
I rate the overall product a six to seven out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Operational Cyber Security Specialist at a non-profit with 1,001-5,000 employees
Highly scalable and stable solution
Pros and Cons
- "It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company."
- "It's a bit complicated to manage because you have many dependencies of servers, many dependencies in queue, and so on. Entries or different endpoints, and you make different configuration topics for each one. So that's a major problem."
What is our primary use case?
We use it for Cloud Security and Endpoint Protection. We have offices in each country on the planet. And so we have many, many, many external people who work with this solution.
What needs improvement?
It's a bit complicated to manage because you have many dependencies of servers, many dependencies in queue, and so on. Entries or different endpoints, and you make different configuration topics for each one. So that's a major problem.
I would like to see a feature that would allow us to easily manage our Defender configurations.
It needs high-level administration.
For how long have I used the solution?
We have been using it for about six months.
What do I think about the stability of the solution?
It is a very stable product.
What do I think about the scalability of the solution?
It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company.
Which solution did I use previously and why did I switch?
I used Trend Micro. Trend Micro has an easier grid, but the functions are the same.
The advantage is to have only one vendor, which provides Office tickets, communication, storage, and cloud. It's just one solution from one end, from one provider.
How was the initial setup?
We have our documents and processes in the cloud, in the Microsoft cloud.
The maintenance is done by Microsoft. We are on-premises, and our configuration allows access outside the company's local data center.
What other advice do I have?
I would recommend using this solution. It works. We have no problems with it.
Overall, I would rate the solution an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Head, Threat Intelligence & Incident Management at a financial services firm with 10,001+ employees
A solution to monitor endpoints for threats but need integrated pricing
What is our primary use case?
We use it to monitor endpoints for threats and duplicates on the server and defend identity and trust.
What is most valuable?
The solution monitors threat intelligence. It provides valuable insight and visibility into malicious activity at the endpoint.
What needs improvement?
The solution could have integrated pricing. We have an enterprise license. We still need to pay to activate Defender for Trend Micro Identity. The enhanced pricing model will empower organizations to manage their security costs effectively.
What do I think about the stability of the solution?
The product is stable.
What do I think about the scalability of the solution?
The solution is scalable. In our organization, ten users are using this solution.
How are customer service and support?
We use Microsoft resources for access-level support.
Which solution did I use previously and why did I switch?
We initially used Trend Micro to defend endpoints. It's a solution that runs concurrently with our EDR. The setup serves and trains Trend Micro and EDR so they can play complementary roles. We activate all the licenses for some activities. We're using a combination of Trend Micro EDR and Defender.
How was the initial setup?
The initial setup is straightforward, and takes three days to activate it.
Since it is a cloud-based solution, you must activate and continue using the license.
What's my experience with pricing, setup cost, and licensing?
If you want to activate beyond the starting threshold, you have to pay an additional fee. Combining this within the license would be more scalable, economical, and better for the organization.
What other advice do I have?
Three or four people are required for the solution’s maintenance. I recommend this solution.
Since Microsoft Defender Threat Intelligence provides a high volume of recommendations, there must be a methodology for prioritizing high-risk assets and sessions. Focusing on remediating these high-risk sessions is crucial.
Overall, I rate the solution a seven out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
IT infrastructure lead at 0
Provides an ease of deployment and efficient security features
Pros and Cons
- "The product is stable."
- "There could be a better notification system."
What is our primary use case?
The product helps us monitor business devices for authentication and response on all endpoints, servers, passwords, and plans.
How has it helped my organization?
The primary value is enhanced security and efficient incident response. The integration with Microsoft infrastructure provides a seamless experience.
What is most valuable?
The product's ease of deployment is a major advantage, as it integrates seamlessly with our existing systems. The dashboard and backend profile provide comprehensive visibility into user activities and potential threats. Additionally, the product offers valuable security insights and advice on areas for improvement.
What needs improvement?
There could be a better notification system. Currently, the user sees an icon, but it would be beneficial to have messages prompting them to contact IT immediately or take their device offline if necessary.
I would like to see more system automation actions, such as user-initiated tests or more proactive alerts.
For how long have I used the solution?
I have been using Microsoft Threat Intelligence for a few years now.
What do I think about the stability of the solution?
The product is stable.
What do I think about the scalability of the solution?
Scalability is quite flexible and depends on purchasing the appropriate licenses for the company.
How was the initial setup?
The setup is straightforward, typically taking about 15 minutes to an hour. The system allows for smooth switching between devices, whether online or offline.
What's my experience with pricing, setup cost, and licensing?
The product is a part of my Microsoft 365 subscription, so there is no additional cost. It is cost-effective.
What other advice do I have?
Unless you have very complex requirements, if you are already paying for a Microsoft subscription, you should take advantage of Microsoft Defender.
I rate it a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Risk Operations at Stripe
The intuitive user interface and reporting are positive features
Pros and Cons
- "The most valuable aspects are its integration capabilities with other Microsoft products like Intune, Office 365, and Azure cloud applications."
- "While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats."
What is our primary use case?
We employ this solution within our Office 365 environment, focusing primarily on email security through features like application guard, safe attachments, and safe URLs. This setup significantly aids our cybersecurity operations, helping us mitigate various threats. The team is designing a couple of policies and will revise the usage depending on the threat.
How has it helped my organization?
The solution has notably improved our IT operations by facilitating seamless integration with other Microsoft tools like Intune and Azure. This integration simplifies our IT management process and enhances our overall cybersecurity framework.
What is most valuable?
The most valuable aspects are its integration capabilities with other Microsoft products like Intune, Office 365, and Azure cloud applications. The intuitive user interface and reporting are also positive features of the solution. These features provide a unified experience, making it easier for our IT team to manage and navigate between screens efficiently.
What needs improvement?
While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats.
The stability of the solution also requires some improvement.
Future releases could benefit from enhanced predictive analytics tools and deeper AI integration to better predict and mitigate potential threats.
For how long have I used the solution?
I have been using Microsoft Defender Threat Intelligence for six months. My company has a partnership with Microsoft, giving us access to their latest security enhancements.
What do I think about the stability of the solution?
The solution is stable, scoring an eight out of ten, indicating a reliable performance with room for minor improvements.
What do I think about the scalability of the solution?
Due to limited endpoints, scalability is not our primary concern currently. But as of now, the endpoints and the infrastructure we have are covered with the tools we already have. The existing setup adequately supports our needs without requiring significant scaling. Regularly, two hundred and fifty users use the solution.
How are customer service and support?
We already have competent engineers on our team. While we rarely need external support or have raised a ticket, our interactions with Microsoft's customer service have generally been satisfactory, fulfilling most of our technical needs, if not all and the answers that we were seeking.
How would you rate customer service and support?
Positive
How was the initial setup?
The setup was straightforward, aligning with our move towards cloud-based operations and authentication of our users and policies, thus simplifying the overall deployment process.
What's my experience with pricing, setup cost, and licensing?
The solution is relatively expensive; however, our status as a gold partner provides us with several complimentary licenses, which offsets the cost.
What other advice do I have?
Currently, we are only using Office 365 and Defender for Endpoint 32-bit. Previously, one from our management was a part of the trial, but not anymore. As we have layers of policies placed, they cover everything.
Microsoft is very dynamic, and when it comes to their products, sometimes they change the licensing cost or the features. So, I think the product should have a license model. Since we read about Micorosft daily as users, we should be aware of the changes they bring.
I rate the overall solution an eight out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Technology Consultant at SoftwareONE
Comes as part of the system and deployment depends on infrastructure complexity
Pros and Cons
- "I rate the tool's stability a ten out of ten."
- "Microsoft Defender Threat Intelligence should integrate with different platforms."
What needs improvement?
Microsoft Defender Threat Intelligence should integrate with different platforms.
What do I think about the stability of the solution?
I rate the tool's stability a ten out of ten.
How was the initial setup?
The tool's deployment depends on the infrastructure's complexity. I do the deployment for my customers.
What other advice do I have?
Microsoft Defender Threat Intelligence is part of the system. I rate it a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
IT Security Manager at LIVING GOODS
Stable software with valuable malware-scanning features
Pros and Cons
- "The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes."
- "The software is expensive."
What is our primary use case?
We use the software to scan malware for email attachments by identifying and blocking phishing emails.
What is most valuable?
The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes.
What needs improvement?
The software is expensive.
For how long have I used the solution?
We have been using Microsoft Defender Threat Intelligence for almost a year now.
What do I think about the stability of the solution?
The software is stable, similar to Office 365.
What do I think about the scalability of the solution?
We have 400 Microsoft Defender Threat Intelligence users. It is a scalable product. However, the cost increases as we increase the number of users.
How are customer service and support?
We receive technical support services via the integrator as well as the vendor.
How was the initial setup?
The software is deployed on the cloud. The setup requires technical knowledge or assistance from the integrators.
What was our ROI?
The product generates ROI for securing the company resources at minimum cost. We don't need to employ two to three analysts for this purpose.
What's my experience with pricing, setup cost, and licensing?
It is an expensive product. We purchase its yearly license.
Which other solutions did I evaluate?
We evaluated a few products before.
What other advice do I have?
I rate Microsoft Defender Threat Intelligence a ten out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Deputy Manager (Network & Security) at Tata Projects Limited
Has efficient report-generating features and good stability
Pros and Cons
- "The technical support services are excellent."
- "There could be AI functionality included for features like reporting and dashboard preparation."
What is our primary use case?
We use the product to capture the logs, collect data, and understand patterns.
How has it helped my organization?
The product provides smooth functioning for our service desk and the technical team. It helps in efficiently generating reports to update the management.
What needs improvement?
There could be AI functionality included for features like reporting and dashboard preparation.
For how long have I used the solution?
We have been using Microsoft Defender Threat Intelligence for more than a year.
What do I think about the stability of the solution?
The product has high stability.
What do I think about the scalability of the solution?
The product has high scalability.
How are customer service and support?
The technical support services are excellent.
How was the initial setup?
The initial setup process is straightforward. It took us three months to deploy.
What about the implementation team?
We implemented the product with the help of an integrator.
What was our ROI?
Microsoft Defender Threat Intelligence generates a good return on investment.
What's my experience with pricing, setup cost, and licensing?
The product’s pricing is worth it.
What other advice do I have?
I recommend Microsoft Defender Threat Intelligence to others and rate it a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
Download our free Microsoft Defender Threat Intelligence [EOL] Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Advanced Threat Protection (ATP) Threat Intelligence Platforms (TIP) Microsoft Security SuitePopular Comparisons
CrowdStrike Falcon
Microsoft Intune
Microsoft Defender for Endpoint
Microsoft Defender for Cloud
Microsoft Defender for Office 365
Microsoft Sentinel
Microsoft Purview Data Governance
Palo Alto Networks WildFire
Palo Alto Networks VM-Series
Microsoft Defender for Cloud Apps
Microsoft Defender for Identity
Digital Guardian
Buyer's Guide
Download our free Microsoft Defender Threat Intelligence [EOL] Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How much do independent test results affect your security purchases?
- Holding Security Vendors Accountable
- What can businesses do to improve their security posture?
- When evaluating Advanced Threat Protection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- Compromise Assessment vs Threat Hunting
- What are the main evaluation criteria for you when choosing the right vendor for brand protection services?
- Why is ATP (Advanced Threat Protection) important for companies?
![Microsoft Defender Threat Intelligence [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,dpr_3.0,f_auto,q_100,w_80/GqfBeX9zWxZG3rC5hyrUo9Aq.jpeg?_a=BACAGSGT)











