Microsoft Defender Vulnerability Management Reviews

We use Microsoft Defender Vulnerability Management primarily for protection. It's used for threat detection and response within our organization, mainly focusing on TV protection.

The integration with SIEM is the best, specifically the native integration with Microsoft SIEM. It greatly helps in prioritizing which vulnerabilities to tackle. The data displayed is easy to see, which simplifies the prioritization process.

Sometimes the stability of the agents could be improved.

I have been dealing with Microsoft Defender Vulnerability Management for at least seven years.

The interface is user-friendly and easy to install.

Their response time and skill set are both good.

Neutral

Before Microsoft Defender Vulnerability Management, I worked with Sophos.

It is naturally easy to install.

The pricing is reasonable, and it's included in the whole Microsoft E5 bundle, so it's all-inclusive.

Overall, I rate Microsoft Defender Vulnerability Management eight out of ten.

On-premises

In our company, we have integrated the entire Microsoft Defender Vulnerability Management into one of our products, and we basically get involved in the process of remediating vulnerabilities as we find them on our Windows-based machines.

One of our company's customers who chose our product had a six percent cybersecurity score for his device. Once we patched all the vulnerabilities and updates and applied the security measures, he got a cybersecurity score of ninety-two percent.

The most valuable feature of the solution is the vulnerability assessment, which is very accurate because it runs directly into Microsoft's vulnerability database.

My company works closely with Microsoft, and we have requested a few additional features to be incorporated into the product since there are some shortcomings in the product.

The setup phase of the product is not that easy and needs a person to have a certain level of expertise. The aforementioned area can be considered for improvement.

I have experience with Microsoft Defender Vulnerability Management. My company uses the cloud version of the solution, which is mostly the latest and up-to-date version. My company has a partnership with Microsoft and is a reseller of Microsoft products.

The product's stability is very high.

The scalability of the product is amazing. The tool can handle multi-million transactions per second, so I believe there is no equivalent solution in the market. Scalability-wise, I rate the solution a ten out of ten.

In our company, the product is used daily. Every day, we use the product's scanning features for our customers, and we find many new vulnerabilities that get fixed as part of our remediation program.

My company does plan to increase the use of the product.

I have experience with the product's technical support team. Microsoft is very serious when it comes to the technical support for the security products. A team at Microsoft's end is always ready to support our company. My company receives very good support from Microsoft. The support team has a pretty good process in place.

I rate the technical support an eight and a half to nine out of ten.

Positive

I have three years of experience with Microsoft Defender and Office 365 for eleven years.

My company operates as a shop for Microsoft products, and we have always stayed with Microsoft. We intend to displace the competition when my company enters a new client environment.

I have dealt with customers who were using Carbon Black and SentinelOne. My company's customers switched work from their previous products to Microsoft because the tools they were using were power-hungry solutions, which had an impact on production. Microsoft Office 365's premium licenses have many built-in services, which our customers used to use from some other products. With Microsoft products, there is no need for our company's customers to pay extra for licensing charges.

The major difference between Carbon Black and Microsoft Defender Vulnerability Management revolves around areas like stability and integration capabilities within the operating systems, which are strong in Microsoft, especially compared to any of its competitors. The actual depth of knowledge that the platform offers is good because Microsoft has been very rigorous in documenting every single vulnerability that exists for its platform. Microsoft has the most complete list of vulnerabilities for its platform.

I rate the product's initial setup phase a seven on a scale of one to ten, where one is a difficult setup process, and ten is an easy setup phase. It is not an easy product to set up, but once the setup process is done, it becomes a transparent tool to the end user. There is a certain level of expertise required to take care of the product's setup process, but for the end user, the tool is transparent.

The solution is deployed on the public cloud services offered by Microsoft Azure, but it can also be deployed on an on-premises model.

The solution can be deployed in 24 to 48 hours for less than a thousand seats in our organization.

We need one person, who is either a service security analyst or system analyst, to handle the deployment phase for every 200 users in our company.

My company takes care of the product's installation process with the help of one of our in-house teams.

Price-wise, Microsoft Defender Vulnerability Management is a very economical product. I rate the product's price a three on a scale of one to ten, where one is a low price, and ten is a high price.

Sometimes, some cost-driven customers of our company look into solutions other than Microsoft products, meaning that such customers don't give much importance to functionality as everything is about the cost for them.

For maintenance purposes, my company has a shop that functions twenty-four hours, seven days a week, with three users that are distributed throughout the planet to discover and follow the sun.

I recommend to those who plan to buy Microsoft Defender Vulnerability Management to look into the entire suite of Microsoft products since a range of tools fall under Microsoft Defender's family. After Microsoft integrated everything into Defender XDR, there has been great value addition since it took over the tools that fall under Microsoft Defender's family.

I rate the overall tool an eight out of ten.

Public Cloud

Microsoft Azure

As a managed security service provider, I deliver patch management, security configuration updates, and overall security, including using Defender and other toolsets and solutions for my clients. Microsoft Defender Vulnerability Management is evolving to conduct vulnerability assessments of endpoints and configurations, particularly within cloud incidents like Office 365. Microsoft's Security Scorecard, integrated with Defender, provides a dynamic measure of the security profile, guiding users on necessary enhancements such as patching and security configurations. Defender continually monitors patching status, ensuring machines are up-to-date and possess the latest security configurations. This integration provides a comprehensive approach to security within the Microsoft environment.

One valuable feature is the Microsoft Security Scorecard. It plays a crucial role in assessing the security profile across the cloud and endpoints in the Microsoft environment. Many users might need to grasp its significance fully, but I integrate security scorecards as a business to help clients understand their risks and perceptions. By leveraging the security scorecard, we can identify weak areas, mitigate risks, and proactively maintain robust security measures based on its reports and insights.

Integration can be improved. A substantial percentage of users operate on Windows 10, and Microsoft is urging the transition to Windows 11. Applications like Teams and Security CoPilot are stable on both platforms, but the full potential may be realized on Windows 11, which becomes more relevant as more users adopt it in the coming years.

The solution is stable. I rate the stability an eight out of ten.

The solution is scalable.

Deployment is just a console switch. It's integrated within the Defender package or business premium licensing. Flip the switch, and it reports back into the security scorecard.

The licensing model follows a per-user per-month structure. You gain access to various capabilities and features depending on the license tier (standard or Business Premium). The more advanced the license, the better the set of features and components available in Defender. The solution is expensive.

I recommend this solution. Overall, I rate it a seven out of ten.

Public Cloud

We use Microsoft Defender Vulnerability Management to identify vulnerabilities and determine which applications are vulnerable in the environment. It finds out the specific updates missing on endpoints. There are several auto-investigation techniques available in the product. 

The product’s most valuable features are compliance, recommendations, and inventories.

A few false positives demand legitimate customer mail requests, but the Defender flags them as vulnerabilities. They should be reduced. Along with it, small and medium enterprises should have customized environmental query features to help them save time. It will benefit organizations that don't have a large team with more technical experience.

Additionally, it is challenging to extract and customize reports from the system. Customers typically seek reports that provide information on assets, vulnerabilities, CVSS scores, remediation, priority, and effort. Combining all this data into a single report is difficult because it requires merging information extracted from standard queries. To simplify this process, we should be able to create one customized query that concatenates all the relevant queries and make it accessible through GUI on the platform.

I have been using Microsoft Defender Vulnerability Management for four to five years.

The platform is 99% available.

Most companies, including small, medium, and large enterprises, and the government, health, and insurance sectors, use the platform.

It is challenging to communicate with Microsoft’s technical support team.

The initial setup is simple. We are the consultants and help customers with the process.

Microsoft has P1 and P2, Defender for Endpoint. You'll need to purchase an additional license to use the same Defender for cloud and on-premise servers. If you're going to use more features, you have to upgrade the license from P1 to P2. The licensing feature from Microsoft is complicated to understand due to constant changes in the name.

The product’s pricing is medium.

We compared Microsoft Defender Vulnerability Management with Tenable, Qualys, and Rapid7 – all of which are more advanced. Among them, Tenable stands out as the market leader in vulnerability management but is expensive. Many customers opt for Microsoft's offering as it is more budget-friendly.

I rate the product an eight out of ten.

The constant changes in the product configuration or the console setup can sometimes be challenging. They can be disruptive because we need to adjust to these changes, which can interfere with ongoing tasks.

We have been using Microsoft Defender Vulnerability Management for approximately three months.

The solution is highly scalable. Since it is cloud-based, it easily expands and integrates well with other functionalities, such as security management and data loss prevention.

Microsoft's technical support is generally reliable. While getting immediate assistance can sometimes be challenging, their support is critical for our operations and has been helpful overall.

Positive

The deployment process took approximately three months, depending on the client size and available resources.

The licensing costs are reasonable. While the solution is not the cheapest, it is competitively priced and aligns with the industry average. There are no significant additional costs beyond the standard licensing fees.

I have considered alternatives such as Nexus, but they do not provide the same level of security as Microsoft Defender.

I recommend trying out the solution. It is user-friendly and highly effective once you get accustomed to it. 

We have integrated it with SharePoint, our email system, and our internal database. These integrations have strengthened our security measures and provided valuable insights.

I rate it a nine. 

Microsoft Azure

Microsoft Defender Vulnerability Management is a great tool to prevent and reduce attacks.

The solution is up-to-date and helps prevent zero-day attacks. It is also easy to use and well-integrated with the Microsoft stack and other platforms. The solution covers on-prem and on-cloud services.

The general support could be improved.

I have been using Microsoft Defender Vulnerability Management for about two years. I'm using the latest version.

The solution is stable, and I rate its stability a ten out of ten.

I rate the solution’s scalability a ten out of ten. We have around 15 customers using it.

Microsoft's security team is excellent. However, the general customer support is not that good. They are very friendly but need to work on their experience, know-how, and response time.

We have tried Trend Micro and Palo Alto CrowdStrike.

The initial setup is straightforward. It needs some knowledge to be used well, which is why there are engineers to help put up scenarios.

The solution comes with a license customers might already have. And in case they do need to pay, the cost is minimal. It is not expensive compared to other solutions and when considering Microsoft's bundle.

I rate the solution's scalability a ten out of ten. We have around 15 customers using this solution.

We use the solution, and we also suggest it to customers. It is used for vulnerability management and patch management. It can also be used for automatically deploying patches. It is used for threat detection and response.

The solution helps identify threats and vulnerabilities. It has some capabilities similar to SOAR. Our customers haven’t had any major complaints. It works well. It has helped us manage and prioritize vulnerabilities based on the severity of threats. The solution identifies the software and patches that are outdated. We get severity-based reports. Integrating the tool within our broader security ecosystem has been very helpful.

The product must be a little bit more precise in identifying vulnerabilities.

I have been using the solution for almost three years.

The tool is stable.

The technical support takes too much time to resolve tickets. I rate the support a five or six out of ten.

Neutral

The tool is a bit costly.

My organization is a partner. Overall, I rate the solution an eight or nine out of ten.