Microsoft Defender Threat Intelligence Reviews

We employ this solution within our Office 365 environment, focusing primarily on email security through features like application guard, safe attachments, and safe URLs. This setup significantly aids our cybersecurity operations, helping us mitigate various threats. The team is designing a couple of policies and will revise the usage depending on the threat.

The solution has notably improved our IT operations by facilitating seamless integration with other Microsoft tools like Intune and Azure. This integration simplifies our IT management process and enhances our overall cybersecurity framework.

The most valuable aspects are its integration capabilities with other Microsoft products like Intune, Office 365, and Azure cloud applications. The intuitive user interface and reporting are also positive features of the solution. These features provide a unified experience, making it easier for our IT team to manage and navigate between screens efficiently.

While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats. 

The stability of the solution also requires some improvement. 

Future releases could benefit from enhanced predictive analytics tools and deeper AI integration to better predict and mitigate potential threats.

I have been using Microsoft Defender Threat Intelligence for six months. My company has a partnership with Microsoft, giving us access to their latest security enhancements.

The solution is stable, scoring an eight out of ten, indicating a reliable performance with room for minor improvements.

Due to limited endpoints, scalability is not our primary concern currently. But as of now, the endpoints and the infrastructure we have are covered with the tools we already have. The existing setup adequately supports our needs without requiring significant scaling. Regularly, two hundred and fifty users use the solution.

We already have competent engineers on our team. While we rarely need external support or have raised a ticket, our interactions with Microsoft's customer service have generally been satisfactory, fulfilling most of our technical needs, if not all and the answers that we were seeking.

Positive

The setup was straightforward, aligning with our move towards cloud-based operations and authentication of our users and policies, thus simplifying the overall deployment process.

The solution is relatively expensive; however, our status as a gold partner provides us with several complimentary licenses, which offsets the cost.

Currently, we are only using Office 365 and Defender for Endpoint 32-bit. Previously, one from our management was a part of the trial, but not anymore. As we have layers of policies placed, they cover everything. 

Microsoft is very dynamic, and when it comes to their products, sometimes they change the licensing cost or the features. So, I think the product should have a license model. Since we read about Micorosft daily as users, we should be aware of the changes they bring. 

I rate the overall solution an eight out of ten. 

The solution is used for threat intelligence. The tool enables us to detect potential breaches and react to them proactively. Alerts are sent to our SOC team. Our SOC team investigates whether it's a positive or a negative alert. Depending on the result, a playbook is started.

The product runs so smoothly in the back end that we don't experience a hands-on. There is no performance degradation. It does what it is supposed to do. It detects what it is supposed to detect. We are happy with the tool. We didn't have an active incident for the last couple of years. The tool can proactively detect potential incidents.

The price could be improved.

I have been using the solution for five years. We've always tried to use the latest version, which the vendor recommends.

I rate the tool’s stability a ten out of ten.

I rate the tool’s scalability an eight out of ten. We have more than 10,000 users. Occasionally, we have some complaints about the performance, but those are unique cases. We have a 90% positive experience with the solution. We can manage the security with a global team of less than 30 people.

I am a technical person, and it is simple for me to handle the deployment. It is a major project. We assess the potential impact in the analysis phase. It takes a couple of months since we're a global company. We have to rely on external sources. From analysis to implementation, it took about six months to replace and implement a new security tool fully.

We are proactively detecting attacks. A few of them were real targeted attacks, and we were able to avoid them. The fact that we could deliver it to the business gives value to the product.

The price is reasonable for the quality that the tool provides. Every given product with an ecosystem has a very low price to attract customers. Once people are satisfied, the vendors tend to increase the prices. It's a closed ecosystem, and they benefit from the ecosystem. They tend to mention that the price rise is due to inflation, but we all know it's about revenue.

We evaluate several vendors and products. Microsoft Defender Threat Intelligence’s integrity with our existing ecosystem was a big benefit. We evaluated the tool with a red team/blue team approach. It was the best product evaluated by our teams.

I contact Microsoft when we have to do negotiations or technical improvements. People considering buying security tools must take their time and not rush. They must consider their business requirements and what they want to achieve. They must ensure that they have considered everything that impacts the user experience. Overall, I rate the product an eight out of ten.

I use the solution in my company since, overall, it is a good tool. You get good insights and details with the product. With the tool, you have good visibility over the underlying vulnerabilities in your environment, so you can act within the time for its remediation and align your vulnerability patching based on criticality and exposure.

The most valuable feature of the solution stems from the insight it provides.

Improvement-wise, if it can give the option to patch the updates directly from within the tool, it would be a good thing, which other tools offer currently.

The automation part of the product has certain shortcomings and is an area that needs to be improved. The in-built patching option should be given in the tool so that users don't have to route and export or import the patches and then do it.

The response time and quality of the support needs improvement. It takes time for the support team to understand the issue, and they then respond with a delay at times, which causes a lot of trouble. The support team should be faster and more knowledgeable.

Though the integration capabilities of the product are good, they need to be improved with time.

I have been using Microsoft Defender Threat Intelligence for a year and a half.

Stability-wise, I rate the solution an eight out of ten.

The product is scalable. It scales up with the business. Scalability-wise, I rate the solution an eight to nine out of ten.

The product is used on a daily basis in my company.

There are two to three admins who use the tool. The tool is used throughout my company.

The technical support for the solution is not the best, but it is good.

The product's initial setup phase was neither complex nor easy. There is only a medium level of difficulty with the setup phase, but after that it becomes smooth.

For the product's deployment phase, you should know your environment and make sure that all the devices are onboarded.

The solution is deployed on the cloud.

The solution can be deployed within three months.

The solution is deployed with the help of our company's in-house team.

There is a need to make yearly payments towards the licensing charges attached to the product.

The role of analytics in aiding the incident response process is good. It works completely fine, and our company gets help for it from Microsoft.

Microsoft Defender Threat Intelligence is a good tool others can go ahead with if they want to use it, but they should not expect too much from it in terms of automation, especially when it comes to the patching part. The insights and details are provided in a good manner by the product.

The integration capabilities of the product are good.

In terms of the value derived from the use of the product in my company, I can say that it helps secure the perimeter and other elements of the cybersecurity portion, especially the development areas.

I rate the tool a nine out of ten.

I use Microsoft Defender Threat Intelligence at my home for its threat prevention and blocking capabilities.

I can't comment on the valuable features offered by Microsoft Defender Threat Intelligence as the PC at my home is currently used by my family while I use my office laptop.

In Microsoft Defender Threat Intelligence, automatic threat blocking and in-memory attacks are areas of concern where improvements are required.

The stability of the product is an area of concern where improvements are required.

I have been using Microsoft Defender Threat Intelligence for a couple of years. I am a user of the product.

It is a stable solution. I rate the product's stability a six out of ten.

It is not a scalable solution since I use it on a PC at home, so per PC, a license amount is paid.

Only one person uses the solution at my home.

The product's initial setup phase was straightforward.

The product's installation phase just requires me to enable it on my system, as Microsoft Defender Threat Intelligence is a product that came along when I purchased my laptop.

The product is deployed based on the product's licenses, so it doesn't matter whether it is deployed on an on-premises model or on the cloud.

The basic requirements offered by the product are good enough for home-based PCs.

I use the product's default version, which is a free one and not the licensed version.

I rate the overall product a six to seven out of ten.

We use it for Cloud Security and Endpoint Protection. We have offices in each country on the planet. And so we have many, many, many external people who work with this solution. 

It's a bit complicated to manage because you have many dependencies of servers, many dependencies in queue, and so on. Entries or different endpoints, and you make different configuration topics for each one. So that's a major problem.

I would like to see a feature that would allow us to easily manage our Defender configurations.

It needs high-level administration.

We have been using it for about six months.

It is a very stable product.

It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company.

I used Trend Micro. Trend Micro has an easier grid, but the functions are the same.

The advantage is to have only one vendor, which provides Office tickets, communication, storage, and cloud. It's just one solution from one end, from one provider.

We have our documents and processes in the cloud, in the Microsoft cloud.

The maintenance is done by Microsoft. We are on-premises, and our configuration allows access outside the company's local data center.

I would recommend using this solution. It works. We have no problems with it.

Overall, I would rate the solution an eight out of ten. 

We use it to monitor endpoints for threats and duplicates on the server and defend identity and trust.

The solution monitors threat intelligence. It provides valuable insight and visibility into malicious activity at the endpoint.

The solution could have integrated pricing. We have an enterprise license. We still need to pay to activate Defender for Trend Micro Identity. The enhanced pricing model will empower organizations to manage their security costs effectively.

The product is stable.

The solution is scalable. In our organization, ten users are using this solution.

We use Microsoft resources for access-level support.

We initially used Trend Micro to defend endpoints. It's a solution that runs concurrently with our EDR. The setup serves and trains Trend Micro and EDR so they can play complementary roles. We activate all the licenses for some activities. We're using a combination of Trend Micro EDR and Defender.

The initial setup is straightforward, and takes three days to activate it.

Since it is a cloud-based solution, you must activate and continue using the license.

If you want to activate beyond the starting threshold, you have to pay an additional fee. Combining this within the license would be more scalable, economical, and better for the organization.

Three or four people are required for the solution’s maintenance. I recommend this solution.

Since Microsoft Defender Threat Intelligence provides a high volume of recommendations, there must be a methodology for prioritizing high-risk assets and sessions. Focusing on remediating these high-risk sessions is crucial.

Overall, I rate the solution a seven out of ten.

It can be used as an API solution to sign and send threat intelligence to a security operations center (SOC). This allows the SOC to detect and respond to threats more effectively.

Detection is good—also, analytics based on Gartner.  The solution is also well integrated with other Microsoft security products.

I would like to see more integration with other solutions. For example, integration well with Microsoft but not with other solutions. 

I have been providing this solution for one year. 

I would rate the stability a nine out of ten. We do not have a large number of users using the solution because it is not the technician's preferred solution.

We have around ten end users using this solution. 

There is no problem with scalability. The solution has a capacity of up to 10,000. 

Customer service and support are very good.

The initial setup is very easy. It just takes a few days. 

The deployment process is simple. We used Microsoft Intune, Microsoft's software distribution tool, to deploy the solution to our endpoints.

We only needed one technician for the deployment. One to manage without interrupting and to manage this solution. All our technicians manage the platform for accounts.

The ROI is good because the solution provides good protection. The solution can help you to prevent data breaches, which can save you a lot of money.

Usually, the licensing cost is yearly. But we got the solution through a solution distributor's agreement which usually helps. There are no additional costs. 

I surely recommend using this solution. The strongest point is integration capability with other Microsoft products. 

Overall, I would rate the solution a nine out of ten.  

The protection provided by Microsoft Defender Threat Intelligence is robust and effective.

It efficiently helped us in threat hunting.

The malware virus posed significant security challenges, but Microsoft played a pivotal role in addressing and resolving the incident.

The timeliness and accuracy of Threat Intelligence are commendable.

The primary advantage lies in its robust security and overall performance.

Its user-friendliness is its most valuable aspect. I am satisfied with its performance in general.

It would be beneficial to enhance the pricing structure and make it more affordable.

I have been using it for six months.

It provides good stability capabilities with occasional delays. I would rate it eight out of ten.

I would rate its scalability abilities eight out of ten.

I used Norton previously, but that was quite some time ago.

The initial setup was straightforward.

Deployment is quick, typically ranging from five to ten minutes. I was responsible for the deployment. First, you need to install the antivirus software on the system. Then proceed with the installation process.

It's reasonably priced, though there's room for further improvement.

I would recommend it because of its strong security and user-friendly interface. Overall, I would rate it eight out of ten.