Microsoft Defender for Identity and Microsoft Entra ID Protection are prominent in the identity and access management arena. Entra ID Protection appears to have the upper hand due to its strong conditional access and identity management features.
Features: Defender for Identity offers seamless integration with Azure Active Directory and Microsoft 365, providing comprehensive monitoring and automated threat alerts. It excels at detecting security threats through its integration capabilities. Entra ID Protection focuses on conditional access and adaptive risk-based policies, enhancing multifactor authentication and identity management for granular control over access.
Room for Improvement: Defender for Identity could benefit from direct remediation options and minimizing sensor impacts on domain controllers. False positives remain a challenge. Entra ID Protection needs better integration with third-party tools, more accessible documentation, a simpler licensing model, and optimized hybrid environment handling, while also addressing false positive concerns in passwordless contexts.
Ease of Deployment and Customer Service: Defender for Identity is tailored for hybrid and on-premises deployments, while Entra ID Protection is designed for hybrid and public cloud environments. Both offer straightforward deployment experiences. Customer service for both receives mixed reviews, with variance depending on regional resources and subscription level for Defender, and occasional delays for Entra ID Protection.
Pricing and ROI: Defender for Identity, included in Microsoft's E5 license, is viewed as costly yet competitive for its high-tier security features. Users report favorable ROI owing to effective security measures. Entra ID Protection, part of the Azure AD suite, shares a similar pricing perception, particularly among smaller organizations. Both solutions justify costs through enhanced security and reduced management time, despite the complexity of fully understanding pricing models.
There is a return on investment in terms of time-saving, control, and ease of manageability of the environment.
Generally, the support is more effective than other providers like Oracle.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
The people I normally use for support are very knowledgeable, especially when they help remote in and get to where I need to go and show me much faster and help me understand what I should be doing.
We classified it as a critical problem, and they accepted our classification and helped us quickly.
They often refer to internal blogs, which doesn't offer much new information and can limit our capabilities in troubleshooting.
Tickets often bounce from person to person, requiring the sharing of information multiple times.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
Since it is a cloud computing product, it can accommodate a range of company sizes, from a few users to large businesses.
There are no issues with scalability up to your license limitations.
We haven't experienced problems with Microsoft Entra ID Protection.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
We do not see any issues with the stability of Microsoft Defender for Identity.
Having recently started using it, reliability is affirmed, but manual investigation is often performed to verify if alerts identified by auto-remediation are accurate.
If Microsoft could develop a feature that indicates when impossible travel is caused by VPN connections, it would prevent unnecessary password resets and session disruptions, especially for VIP users in organizations.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
Reducing false positives is something we've been working on with Microsoft.
If there was some level of backup mechanism available with quick restore functionality, that would be beneficial.
Microsoft has not offered control over how they calculate high or low-risk scenarios.
There is no write-back feature from the cloud to local, which would allow me to use my own credentials from the cloud tenant securely.
If they can reduce the costs, organizations will be happy, and it will compensate for using the Azure environment, which is more expensive on the infrastructure as a service side.
Ensuring a fair price according to market standards.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
Entra ID Protection is not badly priced, but some clients, especially in medium to smaller scale companies in third-world countries, find it quite expensive.
Microsoft Entra ID requires additional licensing components.
The pricing for Microsoft Entra ID protection is not expensive.
We receive an advance report of risky users, allowing us to take preemptive action before an attack causes damage to organization details.
The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect.
The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks.
Having a single sign-on feature with Entra ID ensures seamless access to various applications, even those with significant security constraints.
These features ease the job of security analysts, providing a better vision of user activities and potential risks.
We use automated remediation for logon purposes and error purposes. It remediates issues and provides just-in-time access when applicable.
| Product | Market Share (%) |
|---|---|
| Microsoft Defender for Identity | 5.8% |
| Microsoft Entra ID Protection | 2.9% |
| Other | 91.3% |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 4 |
| Large Enterprise | 14 |
| Company Size | Count |
|---|---|
| Small Business | 15 |
| Midsize Enterprise | 1 |
| Large Enterprise | 5 |
Microsoft Defender for Identity offers real-time threat detection and protection for hybrid Active Directory environments. It integrates with Microsoft 365 components for seamless security and monitors advanced behaviors, enhancing identity protection across cloud and on-premises environments.
Microsoft Defender for Identity provides detailed threat insights and user behavior analytics to detect unauthorized access and notify anomalies. It allows setting custom detection rules, enhancing threat response automation. While it needs improvements in cloud security, SIEM integration, and access controls, users leverage its ability to mitigate identity threats like suspicious logins and ransomware. Enhanced integration with Microsoft security products ensures a coordinated threat response for identity control and privilege management.
What are the key features of Microsoft Defender for Identity?In specific industries, organizations implement Microsoft Defender for Identity to secure on-premises and hybrid Active Directory environments through user and entity behavior analytics, malicious activity detection, and integration with Microsoft security tools. This approach enhances security posture assessment and helps mitigate identity threats like identity harvesting and unauthorized access.
Microsoft Entra ID Protection enhances security through features like conditional access and multifactor authentication, optimizing identity management for enterprises. This robust solution ensures efficient control over access policies, supporting seamless integration and operational efficiency.
Microsoft Entra ID Protection provides advanced identity management, authentication, and authorization capabilities, supporting multifactor authentication and single sign-on to control digital identities effectively. It utilizes adaptive machine learning for security enhancements and automated risk-based actions, with seamless Microsoft Defender integration. Connectivity with third-party applications and real-time monitoring offers improved operational efficiency for managing large user bases. While it is a powerful tool, there is room to grow in areas such as identity labeling, password management, faster synchronization, better Mac compatibility, and improved scalability. Desired features include enhanced course availability for security training, streamlined implementation processes, and clarified interfaces.
What are the key features of Microsoft Entra ID Protection?Organizations leverage Microsoft Entra ID Protection to manage identities and access across sectors such as finance, healthcare, and technology. They integrate hybrid environments, enforcing multifactor authentication and conditional access policies, which enables them to secure digital identities and align with compliance operations. Many synchronize on-premises Active Directory with cloud services, effectively managing users, groups, and licenses.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
