2021-02-26T19:10:55Z

What is your primary use case for Microsoft 365 Defender?

Julia Miller - PeerSpot reviewer
  • 0
  • 22
PeerSpot user
33

33 Answers

Dinesh Jaisankar - PeerSpot reviewer
Real User
Top 10
2024-02-19T14:04:00Z
Feb 19, 2024

We are using Microsoft Defender XDR for our endpoint, desktop, and laptop protection.

Search for a product comparison
EA
Real User
Top 20
2024-02-13T13:17:00Z
Feb 13, 2024

Defender XDR is a solution that protects your enterprise systems and devices.

DM
Reseller
Top 20
2024-02-13T08:59:00Z
Feb 13, 2024

We provide services to medium-sized businesses in the banking and administrative sectors. We are also using Microsoft Sentinel and Defender for 365.

MY
Real User
Top 5
2023-12-27T10:54:00Z
Dec 27, 2023

We use Microsoft Defender XDR to centralize our security solutions.

IlanHamoy - PeerSpot reviewer
Real User
Top 20
2023-12-04T15:53:00Z
Dec 4, 2023

For endpoint protection, monitoring network traffic, and enabling automation of issues, we utilize Microsoft Defender XDR. If we are specifically referring to Defender for Endpoint, it is a perfect solution to monitor user behavior and activities across all of our web portals. This provides an easy way to analyze and generate reports about user online activities.

AM
Real User
Top 20
2023-12-04T11:53:00Z
Dec 4, 2023

We use Microsoft Defender XDR for antivirus, threat intelligence, and email blocking.

Learn what your peers think about Microsoft Defender XDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Dan Penning - PeerSpot reviewer
Real User
Top 10
2023-11-28T11:19:00Z
Nov 28, 2023

We use Microsoft Defender XDR to secure data.

MM
Real User
Top 20
2023-11-28T09:44:00Z
Nov 28, 2023

I'm managing the SIEM, but the SIEM is heavily integrated with 365 Defender and all the other components. Defender is a natural extension of Sentinel, and our entire SOC team leverages the solution. We utilize it daily for everything related to incident response from an advanced threat-hunting perspective. We do some KQL-based threat hunting and have set up some custom detections built into the platform, so we can raise an alert about a threat when we see it. Right now, we're onboarding our server environment to push Defender for server agents to see what that looks like. Defender is used widely by our SOC for everyday investigations. Our attack surface reduction teams use it for vulnerability information. Other teams at the company use the telemetry data, but it's primarily our SOC using it for incident response.

Michael Wurz - PeerSpot reviewer
Reseller
Top 10
2023-11-22T20:23:00Z
Nov 22, 2023

I work for a managed security service provider, where a dedicated team at our Security Operations Center manages the entire 365 Security Stack for our clients. This means we're constantly monitoring alerts, prioritizing incidents, and responding actively, leveraging automation features where possible. We also play a crucial role in the onboarding process, setting up and integrating security solutions with our platforms for efficient alert management and incident response. Furthermore, we handle policy configuration and hardening, ensuring effective security controls are in place. We actively maintain these policies, fine-tune them as needed, and adapt them to new features and updates, collaborating closely with clients throughout the process. In essence, we own and manage the security platform for our clients, providing them with comprehensive protection and peace of mind.

IP
Real User
Top 5
2023-11-20T13:31:00Z
Nov 20, 2023

We use Microsoft Defender XDR to protect our endpoints, computers, mobile devices, and emails.

Eusebiu Ciorobatca - PeerSpot reviewer
Real User
Top 10
2023-11-09T15:51:00Z
Nov 9, 2023

We use Microsoft Defender XDR for malware detection and browser protection. We have around 500 devices to protect. We use it to get reports for each of these devices.

Yusuf Buhari - PeerSpot reviewer
Real User
Top 20
2023-08-14T17:51:00Z
Aug 14, 2023

I primarily use the solution as an engineer. I use the product to protect the endpoint and I use it to protect my customer's environment.

Benjamin Van Der Westhuyzen - PeerSpot reviewer
Reseller
Top 10
2023-07-28T08:41:00Z
Jul 28, 2023

We're using it for our email filtering to check incoming emails and URLs. We're also using it for vulnerability management to see the status of our assets that are registered on the system. We also check it to see what kinds of threats and campaigns are currently being launched via emails.

NY
Real User
Top 20
2023-07-26T10:42:00Z
Jul 26, 2023

My role is to monitor Microsoft 365 Defender. We investigate various alerts and incidents that occur there. We utilize the solution to block any malicious domains, URLs, or other harmful elements that could affect our environment. Microsoft 365 Defender is our tool of choice for this purpose, and it helps improve our secure score. We assess the available remediation options to determine if they are suitable for our enrollment. Additionally, we use it for email analysis and make use of all the features provided by Microsoft 365 Defender.

DO
Real User
Top 20
2023-05-17T15:09:00Z
May 17, 2023

Microsoft 365 Defender works together with Exchange Online is my area of specialty. Microsoft 365 Defender incorporates a capability to identify potentially malicious emails or emails originating from suspicious senders.

PD
Real User
Top 20
2023-05-17T11:22:00Z
May 17, 2023

I've mainly used the EDR component within 365 Defender, which is Microsoft Defender for Endpoint. It does a good job of bringing the whole attack story together, so you can see email activity, endpoint activity, cloud app activity, and some sort of sign-in activity as well relating to Azure AD, but I've mainly dealt with it from the EDR aspect.

Mikael Nordby - PeerSpot reviewer
Real User
Top 5
2023-05-17T09:30:00Z
May 17, 2023

I am a trainee in an IT support company, and I am using the solution to advise clients of our company.

BS
Real User
Top 20
2023-05-17T09:28:00Z
May 17, 2023

My company mostly uses Microsoft Office products, so we use 365 Defender for our security. 365 Defender is deployed globally, and it works the same whether you are in Europe, China, or India. It currently covers around 4,000 people worldwide.

Axel Viloria - PeerSpot reviewer
Real User
Top 20
2023-04-16T15:49:00Z
Apr 16, 2023

I've been using it for endpoints and for Microsoft 365, along with Microsoft Defender for Identity. I use it to create policies for anti-spam, anti-malware, anti-phishing, as well as safe links. I also use it for the security score, making sure that our company achieves a good security score across the organization.

AkashGupta2 - PeerSpot reviewer
Reseller
Top 10
2023-03-24T20:13:00Z
Mar 24, 2023

I'm a Security and Compliance consultant providing 365 Defender as a security solution for my clients.

MP
Real User
Top 20
2022-11-15T23:00:00Z
Nov 15, 2022

The main use case has been for threat hunting, not in the sense of actively looking for the threat, but in terms of analyzing the ongoing process within clients' machines. I was looking into what kind of changes happen when you install any new software and it asks for so many permissions. I wanted to analyze the criticality of the permissions being asked and so on. Usually, when we install any software, we just click next, next, and next. We don't look at the details. So, my role was to check how it behaves within a system. For that reason, I used Microsoft Defender. I used the query language to do advanced threat hunting. I ran different queries to collect the data. The data was then brought into Power BI. We had data coming from different channels. So, we used Power BI to collect it at a single point.

Lukasz Rutkowski - PeerSpot reviewer
Real User
Top 10
2022-10-26T20:22:00Z
Oct 26, 2022

Almost every use case is about security layers for messaging in Teams and for email. It especially used for phishing filters, spam filters, and composite authentication, as well as Zero-day advanced protection, and for protection within already received emails. Clients are also looking for link protection in Teams and in SharePoint.

Florian Stamer - PeerSpot reviewer
Real User
Top 10
2022-09-13T22:50:00Z
Sep 13, 2022

We mainly use this solution for security reasons. We use it for the complete stack of email security so we don't have to use a third-party tool, and we use the extended security features that are included in M365, like sandboxing. The solution is deployed on the Azure cloud. We're a cloud-only company, so we only deploy cloud workloads, but we also have customers with legacy systems. If we're not able to migrate them to Azure, Defender for the server can be deployed on-premise. The solution is deployed across Germany in four regions: Munich, Cologne, Bremen, and Hamburg. However, most people work from home. There are about 50 endpoint users, but we have customers with thousands of users. We focus on customers with a thousand seats or more. We use the entire M365 E5 license for everything that's going on in the M365 world. We try to accomplish everything we need with Microsoft products. It was very easy to integrate the solutions. We integrated them so we could have an overall good view of our assets. The installation was fully automated via Intune.

HB
Real User
Top 10
2022-08-23T07:23:00Z
Aug 23, 2022

Microsoft 365 Defender is an extension of Windows Defender. Windows Defender is an AV that is integrated with Windows OS, and with this extension, you also get the EDR functionality for security purposes. Microsoft 365 Defender gets more access to the device and provides more insights and control over that. Apart from the Windows platform, it also includes other OSs, such as Linux and macOS. We do have multiple options for deployment. We did deploy it on the cloud. We got the on-cloud license, and we onboarded our devices to the portal. The portal is deployed on the Azure cloud.

Tochukwu Josiah Okafor - PeerSpot reviewer
Real User
Top 10
2022-07-28T15:30:00Z
Jul 28, 2022

We are a Microsoft partner and we have clients who are Microsoft 365 administrators in several companies. They are looking for ways to secure their tenants and make sure that their security is top-notch. That's where Microsoft Defender comes in. We use Microsoft 365 Defender for security and compliance to secure tenants from malicious attacks, including spam and phishing attacks. And when it comes to compliance, it is used for data privacy and data protection to ensure that very sensitive data doesn't go out to the wrong location.

Hande Tarhan - PeerSpot reviewer
Consultant
Top 10
2022-03-31T19:16:55Z
Mar 31, 2022

Microsoft 365 Defender is one of the first layers to our security. It's our first layer security product, e.g. we use it, then we also use Exchange Online Protection for email, Safelink, etc. We always recommend these products to our customers, e.g. if the customer is using another third-party product. We are always recommending these compliance and security products, e.g. Microsoft 365 Defender, Cloud App Security, etc. We usually recommend cloud security because it connects all of these security and compliance products in one center to take logs and make them meaningful, plus you can also create alerts. We are also recommending it because of Microsoft Teams usage, especially because in Microsoft Teams, users sometimes do mass deletion, mass download, etc. We always say: "Let's connect your Cloud App security with your Azure Information Protection, with Microsoft 365 Defender and your Microsoft Teams, your Engula, etc. We find cloud security to be very useful.

Alejandro Bartolomeo - PeerSpot reviewer
Real User
Top 5
2022-03-29T19:54:44Z
Mar 29, 2022

We have many clients that have large companies in the south region of Mexico. They use the solution for security.

WG
Real User
2022-02-23T12:58:37Z
Feb 23, 2022

We use Microsoft 365 Defender to help secure threats of the Office package, such as Word, Excel, and PowerPoint. Additionally, it can fix issues.

NP
Real User
2021-11-17T18:11:00Z
Nov 17, 2021

We have very strong DLP policies. The product will inspect each and every outgoing email and what kind of attachments they have, including if any have business-sensitive information such as outgoing email going to some public domain such as Gmail or Yahoo. If the solution detects this, it'll raise an alarm and notify the required teams. On top of that, the incoming email will scan attachments for any potential malware tech or any phishing link.

PD
Real User
2021-08-17T15:34:57Z
Aug 17, 2021

I use the solution for security against system threats.

GV
Real User
2021-04-08T21:04:51Z
Apr 8, 2021

The primary use case for Defender is to control the endpoint systems at the user level. On the networking level, we use it to analyze spam and see if any antivirus services are required or if there's a ransomware attack. As of now, I am just using it for monitoring.

Ramprasad Yalavarthi - PeerSpot reviewer
Real User
Top 10
2021-03-15T17:58:21Z
Mar 15, 2021

We use the solution to back up our data frequently.

PT
Reseller
2021-02-26T19:10:55Z
Feb 26, 2021

We primarily use the solution as security for our endpoints. It covers everything.

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.  It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.  Users have found it effective in detecting and preventing various types of attacks, such as...
Download Microsoft Defender XDR ReportRead more