Microsoft Defender for Office 365 Reviews

Microsoft Defender for Office 365 is used to protect our organization from attacks.

Our deployment is a hybrid model with 80 percent being on the cloud.

The visibility into threats is excellent. A dashboard provides real-time information on emails, blocked emails, blocked files, and blocked URLs.

We integrated Microsoft Sentinel and Microsoft Intune with Microsoft Defender for Office 365. Integrating Intune was a little difficult but we managed.

The solutions work natively together to provide coordinated detection and response across our environment. This is important.

The integrated Microsoft solutions provide comprehensive insights into threat issues through threat analytics.

Microsoft Sentinel allows us to ingest data from our entire ecosystem. This is important because it provides us with a vital security feature that allows our organization to monitor and respond to alerts and threats detected in our enterprise via Sentinel. We have configured custom alerts and triggers in Sentinel, which gives us a better understanding of the threats in our organization.

Microsoft provides a comprehensive view of alerts to help investigate issues and address malicious emails. We can investigate and share feedback in our message tracking log and the threat explorer in Defender to mitigate and resolve the root cause of the issues.

Microsoft Defender for Office 365 saves us time with our investigations.

We now use the cloud to maintain our email as a gateway which has saved us money by not requiring on-prem hardware.

Our time to detect and respond to malicious emails was decreased. The solution provides the CPU resources needed to scan emails for malicious content, and it also makes it easy to track the number of administrative emails sent to users.

Microsoft Defender for Office 365's most valuable features are safe attachments and safe links.

The GUI is sometimes slow to fetch the device report and could be improved.

It would be great if Microsoft Defender for Office 365 were priced at the tenant level, rather than the user level. This is because the feature is used by all users in the tenant, not just individual users.

I have been using Microsoft Defender for Office 365 for two years.

Microsoft Defender for Office 365 is stable.

Microsoft Defender for Office 365 is scalable.

Technical support is often unsatisfactory. When I open a ticket, the initial engineer I speak to often has no hands-on experience and needs to escalate the issue to someone else. This can take a long time, as the engineer needs to check with the internal team before they can provide any assistance. In the end, the issue is eventually resolved.

We previously used Barracuda Email Security Gateway, but it did not sandbox emails. After careful consideration, we decided to switch to Microsoft Defender for Office 365.

The initial setup was straightforward. We just follow Microsoft's documentation and fine-tune the default custom policies as well as new days on custom policies for data management and checking. Two people were required for the deployment.

The implementation was completed in-house.

We have seen a return on investment.

The license is expensive because the cost is based on the number of users. The more users there are, the higher the cost.

I give Microsoft Defender for Office 365 a nine out of ten.

We have four people that directly access the solution.

There is no maintenance required from our end.

Before using Microsoft Defender for Office 365, organizations must ensure that the policies are configured correctly to fit their specific needs.

It is better to choose a single vendor with high expertise in a specific area, rather than a best-of-breed strategy.

365 Defender is a critical tool for mitigating attacks and preventing threats. We use it for email filtering and blocking phishing attacks throughout the entire enterprise. We have around 1,500 users. 

365 Defender has improved our security across multiple categories. It's effective against advanced attacks like phishing and ransomware. Defender's attack disruption works well if you have a strong policy configuration. It will automatically block threats and filter them in most cases without the need to investigate. It will remedy the threat immediately. 

The automated response reduces the manual work, saving our security team time. I would estimate it saves about six hours per day. 

Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable. It's a unified solution that doesn't just cover Microsoft products. We're a multi-cloud shop, and having that coverage is critical. It also includes the latest IAM features like two-factor and multifactor authentication, giving us the most robust solution.

You should be able to deploy Defender for every subscription without the need to add servers. 

I have used 365 Defender for almost six years

I rate Microsoft 365 Defender nine out of 10 for stability.

I rate Microsoft 365 Defender nine out of 10 for scalability.

I rate Microsoft support nine out of 10. Their support is excellent. 

Positive

We migrated to 365 Defender from a McAfee solution.

365 Defender is a cloud-based solution deployed on Azure. You can set it up in two days with some help from Microsoft support using two people.

365 Defender is worth what we paid for it. 

I rate Microsoft 365 Defender nine out of 10. It's the most economical product you can buy, offering a range of features for safeguarding your enterprise. 

I work in the industry where we use Microsoft 365 and its associated products like Office Works, PowerPoint, Excel, and Word.

We use Microsoft Defender to help protect our business areas by integrating it with our existing infrastructure, including Azure, which assists in defending the business areas.

We use Microsoft Defender for its ability to integrate with existing business technologies, which is beneficial for protecting business areas.

Configuration at the mid-level could be improved for the support team.

I have about ten years of experience with Microsoft Defender for Office 365.

The solution is very stable, and Microsoft products have general high availability within the company.

Microsoft 365 meets the needs of the company, which suggests that Microsoft Defender is a scalable solution.

We have a premium contract for Microsoft support, which is rated nine or ten. Although I am not directly involved with their support, clients usually appear satisfied.

Positive

I do not have experience with other email security solutions.

The setup is easy and not difficult.

I do not understand the question regarding return on investment.

I do not know the value of the contracts or the cost compared to competitors.

I have not evaluated other solutions for email security.

Configuration for end users is simple, but improvements can be made in mid-level configurations to make it better for the team.

I'd rate the solution eight out of ten.

We primarily use Defender for 365 for email protection.

My company receives 100,000 emails daily. We implemented Defender to supplement our Broadcom anti-spam solution. Our Broadcom solution wasn't analyzing the server or the body of the messages. 

Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack. 

The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included. 

I have used Defender for three years.

Defender for 365 is stable. You can subscribe to all the alerts and notifications of every service in the cloud, and it won't affect the stability. Your devices will be seamlessly updated from the cloud automatically with no problems. 

Defender for 365 is scalable because it's in the cloud. It will give you more resources as needed, whereas the scalability of an on-premise solution is determined by your processing power and other hardware limitations. 

Deploying Defender isn't complex. You only need to buy the license and connect your devices to the cloud. 

Defender for 365 is reasonably priced, but it isn't cheap. I think the price per user is $3 or $6, depending on the license.

I rate Microsoft Defender for Office 365 nine out of 10. Before deploying Defender, you can compare its engine with that of Symantec, Trend Micro, and other brands.

We are using Microsoft Defender for Office 365 to avoid spam, malware, and similar threats.

Microsoft Defender for Office 365 helps us prioritize threats across our enterprise. I am able to let the system fix the malware while I focus on other tasks.

Microsoft Defender for Office 365 automates routine tasks and highlights critical alerts, significantly improving our security operations. This automation saves us time by reducing repetitive tasks, allowing us to focus on developing new services instead of solely on security operations.

The threat intelligence feature helps us take proactive steps to prevent threats.

Microsoft Defender for Office 365 saves us time and money and has helped decrease the time to detection and response.

It has helped us to avoid malware in the system and prevent unwanted emails from entering our system.

The most valuable aspect of Microsoft Defender for Office 365 is its ability to protect us from malware. This has effectively helped us avoid malware in the system and keep out unwanted emails. It allows us to spend less time on repeated tasks, enabling us to develop new services.

The changes to customer service, specifically the new model for support agreements, are not favorable. We have to pay $600 for every instance, making it too expensive. We might need to look at other support options.

I have been using Microsoft Defender for Office 365 for over ten years.

Microsoft Defender for Office 365 is stable. It's doing what it's supposed to do.

The solution is scalable. Microsoft Defender for Office 365 is flexible with other security products we use. Our usage depends on Microsoft adding features.

We have a premier support agreement. Initially, it worked well, but the new model, where we have to pay for every instance, is not satisfactory.

Positive

We used alternative solutions prior to implementing Microsoft Defender for Office 365. We selected it due to its superior integration with our existing security infrastructure.

The implementation was completed in-house.

We evaluated other solutions before switching to Microsoft Defender for Office 365.

I would rate Microsoft Defender for Office 365 ten out of ten.

We use Defender with Sentinel to investigate user activity on Office 365 applications.

Defender enables us to secure all 365-related activity from a single place. It gives us visibility into everything happening in Outlook, protecting us against phishing and other email-based threats. Defender helps us detect any suspicious behaviors.

The solution helps us automate some tasks. For example, instead of going through alerts one at a time, we can ping using Sentinel, and everything will be reduced to one group because it is already done in Defender. I don't need to write a KQL or investigate everything. It reduces the time spent and helps me to prioritize. Sentinel usually resolves the low-level alerts on its own, so I don't need to spend much time. 

Defender lets us consolidate dashboards, so we can see all the information we need in one place. It's time-consuming to switch between multiple dashboards to find what you need. 

The solution's threat intelligence helps us stay on top of new attacks. Novel threats are flagged in Microsoft Defender. It will show you what to look for, and you can learn the recommended remediation steps, so you can take steps to mitigate risk before the issue occurs.

It reduces the work we need to do for our clients because we can quickly find the information we need and take action. Every alert takes some time to respond to. If we see something suspicious, we can gather all the details and provide them to the client. We do about 90 percent of the work; the other 10 percent is the client's responsibility. 

Defender provides all the details and evidence we need about an incident, so you don't need to look for it. Once you enter the tab, you get all the information about the user's activity and everything you need to know within the alert. 

It also helps us identify vulnerabilities. When a new threat is discovered, Defender will flag the client's vulnerable assets and tell us what needs to be patched. That is helpful information to share with our clients. They can patch the vulnerability before being affected. 

Microsoft Defender enables us to prioritize threats. It's crucial because if we ignore critical alerts, we might miss a severe vulnerability, and the user host could be affected if that happens. We must prioritize alerts to address the ones with the highest risk first. Next, we move on to the medium or low-risk alerts and the purely informational notifications. 

We use Defender for 365 with Defender for Cloud and Sentinel. Microsoft Defender for Cloud is primarily for checking the client's security posture. Sentinel ingests data from our entire ecosystem and helps us correlate events from the logs to understand user activity better. 

We can run queries on user behavior or check the logs for any activity related to the alert. Integrating Sentinel and Defender is vital because getting the information from the logs is much easier. We don't need to look at the metadata because we can see the events in a structured format. A few of the alerts can always be resolved by SIEM analysis. If it isn't a high-priority alert, Sentinel can clear it. 

Having everything available in one place is helpful for our investigation. We can forward those details to our clients so they can take action. All the information is in the logs. 

Sentinel allows us to analyze user behavior and assign user risk based on patterns. For example, we can see if a user attempts to log in with an abusive IP. It detects the behavior, so we don't need to search the logs or look through the threat intel. Sentinel gives us a report of all the risky users. The sign-in logs and audits are neatly formatted so we can click through instead of searching manually.

Microsoft sometimes has downtime, and we'll get several incidents coming back-to-back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once.

A few days ago, we had an issue where everything that came into the user's mailbox was flagged. We got hundreds of notifications. It was problematic for us, but the investigation was easy. 

I have used Defender for 365 for around six months.

I rate Defender for 365 an eight out of ten for stability. 

I rate Defender a nine out of ten for scalability. 

I rate Microsoft's support a nine out of ten. 

Positive

I rate Microsoft Defender for Office 365 a nine out of ten. We work in more of an investigative role. Defender helps us automate many tasks. It's better to go with a single vendor instead of a best-of-breed strategy. 

We mainly use Microsoft Defender for Office 365 to secure our Office 365 combined application package, which includes Outlook, Word, Excel, PowerPoint, OneDrive, Skype, and Teams. We have all of these combined packages in our cloud. 

Before we deployed Defender, we didn't have the right solution to safeguard these applications because our data was moved from multiple locations, from Outlook to OneDrive, for instance. After the introduction of Defender, we could instantly control most threats.

We also use Microsoft Defender for Identity and Cloud Apps. We deployed Identity recently. 

Integration is easy because Microsoft is the vendor of all of these security products. Most of these products are closely integrated, whether they're on-premise or deployed on the cloud.

These solutions work natively together to deliver coordinated detection and response across our environment. All of these features work on different security layers to ensure protection. Microsoft Defender for Identity gives protection to users. That's an application layer. Simultaneously, Defender for Cloud also provides a layer of security. Each Microsoft product offers a different layer of security, so our organization is secure.

These security products offer comprehensive threat protection. Each day, thousands of people send emails that contain malicious content. Microsoft Defender for Office 365 constantly monitors those attachments and gives us alerts so that we're able to focus on threats and prioritize them accordingly.

We use the bidirectional sync capabilities. It's an important feature to us because we need it for proper syncing and security, both on-premises and on the cloud.

The solution is deployed on a public cloud.

Defender is used in one tenant, and multiple departments use it. It provides security for about 2,000 users.

We have seen multiple benefits from using Defender. Our data was on-premises about five years ago. We migrated our data to the cloud to improve our security. It's awesome to get all of the security features in the cloud. To apply these features on-premises requires different hardware and multiple vendors. With Microsoft Defender, we're able to have a single manufacturer.

Microsoft Defender for 365 helps automate routine tasks and the finding of high-value alerts. It's a detection mechanism, so it doesn't solve the issue, but it will give us alerts and other notifications. It provides system alerting and patches.

The alerting automation definitely affects our security because our organization requires alerts constantly. The Defender setup for Office 365 applications gives us a clear alerting dashboard. The dashboard has multiple features that are linked to most of our applications, so it's more secure.

This solution helps eliminate the need to look at multiple dashboards. With different vendors for security, we obviously had vertical dashboards. Microsoft Defender gives us a single dashboard that we can link to other applications. 

Defender has reduced time spent by 50%.

It definitely saves us money because other vendor products cost more. The hardware itself costs money. Defender's subscription costs less. We have saved 50% compared to other solutions.

Defender decreases the time it takes to detect and respond. We're able to detect 20-30% faster.

Most of our files are being stored in OneDrive. We need to safeguard those links because users have to forward them to multiple locations. Microsoft Defender has a feature to protect each and every attachment. Even if it's an encrypted attachment, it will check for any potential threats.

If there are any spam contents in an email, we will be notified. With the implementation of Defender, we're able to correctly monitor attachments, files, and safeguard the required data. 

Microsoft Defender for Office 365 provides us with visibility into threats. Our emailing system is Microsoft Office Outlook. We also use a mail server from Microsoft. If there's an issue, we're able to troubleshoot it right away and give a solution. All of the administrators are properly alerted in their dashboards.

Microsoft Defender for Office 365 helps us prioritize threats across our enterprise. It safeguards us from any incoming threats or viruses. It scans every bit of information from the software cloud, including attachments, links, or malicious emails that hackers generate to break the security system.

It's definitely important that Defender helps us prioritize threats across the enterprise because some of the security breaches are less serious, so there is more time to troubleshoot. We're able to see everything in the dashboard, so we're notified about the important threats and can act accordingly to resolve them.

The advanced threat protection requires awareness and knowledge from administrators. Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features.

I have used this solution for about five years.

It's completely stable.

It's scalable.

Technical support is really good. I would rate them as nine out of ten.

Positive

We haven't used any other solutions.

The setup was straightforward.

Maintenance isn't required because the solution auto-updates.

We received support from Microsoft for implementation. Four system administrators were needed for implementation.

We have definitely seen a return on investment. OneDrive stores a lot of data, and maintaining the security of that data is a large task. It would be expensive to integrate another solution for that task. Since implementing Defender, we have saved a lot of money.

There are other Microsoft products included in the package, so we're able to save more money. I think there's a great return on investment.

The pricing is normal. Considering its popularity, it's not overpriced.

We haven't evaluated other options. To secure Microsoft Office 365 applications, we wouldn't necessarily go for other third-party solutions because Microsoft has its own proprietary solutions.

I would rate this solution as nine out of ten.

My advice for other people who are in security is to try Defender. It's much better than other top security appliances and it's completely affordable. For large and medium enterprises, it's definitely worth trying because applications like OneDrive require constant monitoring. 

Multiple security solutions must be monitored constantly, and the maintenance cost will be much higher. Dependency issues will arise, and you will need multiple support people to troubleshoot issues. Sometimes the issue won't be found if it involves multiple dependencies from other vendors. We prefer to go with a single-vendor product like Microsoft because of their support.

The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint. 

Microsoft Defender for Office 365 should improve the troubleshooting tools. It's unclear whether the device is blocked at the firewall level or at the device itself. The granularity needed for troubleshooting is currently lacking.

From my perspective, Microsoft should address this issue to benefit many users who likely share the same sentiment.

I have been using the product for three years. 

Microsoft Defender for Office 365 is stable. 

You can scale up as you pay. 

Evaluating Microsoft support can be a bit mixed. Sometimes, it's good, but not so much. The initial contact is typically with the help desk. When I call, I usually need someone at a higher level, maybe level three, to assist with more complex problems. The challenge is that it can take up to two weeks to resolve issues, and my main complaint is the waiting times and the basic nature of level-one support. Getting to the expert who can fix the problem often takes a couple of weeks.

Neutral

My clients used Norton and McAfee before Microsoft Defender for Office 365. It makes sense in the long term, especially when many clients already have Microsoft 365 in their licenses. Paying more to get the security features with Microsoft instead of additional licensing costs with a different company is a practical choice. It seems to be mainly about saving money.

The tool's deployment is not straightforward. However, it has good documentation. 

The solution is good but not cheap. It offers a big ecosystem where you can manage everything from one place. 

Integrating identity and access management into Microsoft 365 Defender is important for my customers and me. The ability to centrally manage these aspects within the platform is highly valuable. Rather than navigating through numerous consoles to verify various aspects, having almost everything in a single location saves time. This integrated approach streamlines operations and reduces the complexity of learning and managing different products.

Nowadays, everyone uses not just Microsoft products but also third-party ones. It would be good if Microsoft could make its security tools work with all kinds of software. Nowadays, there are so many cyber attacks and security threats. Having one product that can handle and manage all these threats across the board is beneficial.

We have stopped using Trend Micro in a couple of places. I am not sure if it was due to cost or pricing. 

The product is more convenient to manage, and it saves time. Instead of navigating through different controls, having everything in one place allows the security team to take action on threats or issues.

I rate the product a nine out of ten. I have used it for security and compliance. In my experience, they're doing quite well; it's a good product. If people are considering Microsoft products, I would say, why not? It's just that support during implementation could be better sometimes. However, it's a good product with frequent updates.