Microsoft Defender Threat Intelligence Reviews

The solution is used for threat intelligence. The tool enables us to detect potential breaches and react to them proactively. Alerts are sent to our SOC team. Our SOC team investigates whether it's a positive or a negative alert. Depending on the result, a playbook is started.

The product runs so smoothly in the back end that we don't experience a hands-on. There is no performance degradation. It does what it is supposed to do. It detects what it is supposed to detect. We are happy with the tool. We didn't have an active incident for the last couple of years. The tool can proactively detect potential incidents.

The price could be improved.

I have been using the solution for five years. We've always tried to use the latest version, which the vendor recommends.

I rate the tool’s stability a ten out of ten.

I rate the tool’s scalability an eight out of ten. We have more than 10,000 users. Occasionally, we have some complaints about the performance, but those are unique cases. We have a 90% positive experience with the solution. We can manage the security with a global team of less than 30 people.

I am a technical person, and it is simple for me to handle the deployment. It is a major project. We assess the potential impact in the analysis phase. It takes a couple of months since we're a global company. We have to rely on external sources. From analysis to implementation, it took about six months to replace and implement a new security tool fully.

We are proactively detecting attacks. A few of them were real targeted attacks, and we were able to avoid them. The fact that we could deliver it to the business gives value to the product.

The price is reasonable for the quality that the tool provides. Every given product with an ecosystem has a very low price to attract customers. Once people are satisfied, the vendors tend to increase the prices. It's a closed ecosystem, and they benefit from the ecosystem. They tend to mention that the price rise is due to inflation, but we all know it's about revenue.

We evaluate several vendors and products. Microsoft Defender Threat Intelligence’s integrity with our existing ecosystem was a big benefit. We evaluated the tool with a red team/blue team approach. It was the best product evaluated by our teams.

I contact Microsoft when we have to do negotiations or technical improvements. People considering buying security tools must take their time and not rush. They must consider their business requirements and what they want to achieve. They must ensure that they have considered everything that impacts the user experience. Overall, I rate the product an eight out of ten.

I use the solution in my company since, overall, it is a good tool. You get good insights and details with the product. With the tool, you have good visibility over the underlying vulnerabilities in your environment, so you can act within the time for its remediation and align your vulnerability patching based on criticality and exposure.

The most valuable feature of the solution stems from the insight it provides.

Improvement-wise, if it can give the option to patch the updates directly from within the tool, it would be a good thing, which other tools offer currently.

The automation part of the product has certain shortcomings and is an area that needs to be improved. The in-built patching option should be given in the tool so that users don't have to route and export or import the patches and then do it.

The response time and quality of the support needs improvement. It takes time for the support team to understand the issue, and they then respond with a delay at times, which causes a lot of trouble. The support team should be faster and more knowledgeable.

Though the integration capabilities of the product are good, they need to be improved with time.

I have been using Microsoft Defender Threat Intelligence for a year and a half.

Stability-wise, I rate the solution an eight out of ten.

The product is scalable. It scales up with the business. Scalability-wise, I rate the solution an eight to nine out of ten.

The product is used on a daily basis in my company.

There are two to three admins who use the tool. The tool is used throughout my company.

The technical support for the solution is not the best, but it is good.

The product's initial setup phase was neither complex nor easy. There is only a medium level of difficulty with the setup phase, but after that it becomes smooth.

For the product's deployment phase, you should know your environment and make sure that all the devices are onboarded.

The solution is deployed on the cloud.

The solution can be deployed within three months.

The solution is deployed with the help of our company's in-house team.

There is a need to make yearly payments towards the licensing charges attached to the product.

The role of analytics in aiding the incident response process is good. It works completely fine, and our company gets help for it from Microsoft.

Microsoft Defender Threat Intelligence is a good tool others can go ahead with if they want to use it, but they should not expect too much from it in terms of automation, especially when it comes to the patching part. The insights and details are provided in a good manner by the product.

The integration capabilities of the product are good.

In terms of the value derived from the use of the product in my company, I can say that it helps secure the perimeter and other elements of the cybersecurity portion, especially the development areas.

I rate the tool a nine out of ten.

I use Microsoft Defender Threat Intelligence at my home for its threat prevention and blocking capabilities.

I can't comment on the valuable features offered by Microsoft Defender Threat Intelligence as the PC at my home is currently used by my family while I use my office laptop.

In Microsoft Defender Threat Intelligence, automatic threat blocking and in-memory attacks are areas of concern where improvements are required.

The stability of the product is an area of concern where improvements are required.

I have been using Microsoft Defender Threat Intelligence for a couple of years. I am a user of the product.

It is a stable solution. I rate the product's stability a six out of ten.

It is not a scalable solution since I use it on a PC at home, so per PC, a license amount is paid.

Only one person uses the solution at my home.

The product's initial setup phase was straightforward.

The product's installation phase just requires me to enable it on my system, as Microsoft Defender Threat Intelligence is a product that came along when I purchased my laptop.

The product is deployed based on the product's licenses, so it doesn't matter whether it is deployed on an on-premises model or on the cloud.

The basic requirements offered by the product are good enough for home-based PCs.

I use the product's default version, which is a free one and not the licensed version.

I rate the overall product a six to seven out of ten.

We use it for Cloud Security and Endpoint Protection. We have offices in each country on the planet. And so we have many, many, many external people who work with this solution. 

It's a bit complicated to manage because you have many dependencies of servers, many dependencies in queue, and so on. Entries or different endpoints, and you make different configuration topics for each one. So that's a major problem.

I would like to see a feature that would allow us to easily manage our Defender configurations.

It needs high-level administration.

We have been using it for about six months.

It is a very stable product.

It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company.

I used Trend Micro. Trend Micro has an easier grid, but the functions are the same.

The advantage is to have only one vendor, which provides Office tickets, communication, storage, and cloud. It's just one solution from one end, from one provider.

We have our documents and processes in the cloud, in the Microsoft cloud.

The maintenance is done by Microsoft. We are on-premises, and our configuration allows access outside the company's local data center.

I would recommend using this solution. It works. We have no problems with it.

Overall, I would rate the solution an eight out of ten. 

We use it to monitor endpoints for threats and duplicates on the server and defend identity and trust.

The solution monitors threat intelligence. It provides valuable insight and visibility into malicious activity at the endpoint.

The solution could have integrated pricing. We have an enterprise license. We still need to pay to activate Defender for Trend Micro Identity. The enhanced pricing model will empower organizations to manage their security costs effectively.

The product is stable.

The solution is scalable. In our organization, ten users are using this solution.

We use Microsoft resources for access-level support.

We initially used Trend Micro to defend endpoints. It's a solution that runs concurrently with our EDR. The setup serves and trains Trend Micro and EDR so they can play complementary roles. We activate all the licenses for some activities. We're using a combination of Trend Micro EDR and Defender.

The initial setup is straightforward, and takes three days to activate it.

Since it is a cloud-based solution, you must activate and continue using the license.

If you want to activate beyond the starting threshold, you have to pay an additional fee. Combining this within the license would be more scalable, economical, and better for the organization.

Three or four people are required for the solution’s maintenance. I recommend this solution.

Since Microsoft Defender Threat Intelligence provides a high volume of recommendations, there must be a methodology for prioritizing high-risk assets and sessions. Focusing on remediating these high-risk sessions is crucial.

Overall, I rate the solution a seven out of ten.

It can be used as an API solution to sign and send threat intelligence to a security operations center (SOC). This allows the SOC to detect and respond to threats more effectively.

Detection is good—also, analytics based on Gartner.  The solution is also well integrated with other Microsoft security products.

I would like to see more integration with other solutions. For example, integration well with Microsoft but not with other solutions. 

I have been providing this solution for one year. 

I would rate the stability a nine out of ten. We do not have a large number of users using the solution because it is not the technician's preferred solution.

We have around ten end users using this solution. 

There is no problem with scalability. The solution has a capacity of up to 10,000. 

Customer service and support are very good.

The initial setup is very easy. It just takes a few days. 

The deployment process is simple. We used Microsoft Intune, Microsoft's software distribution tool, to deploy the solution to our endpoints.

We only needed one technician for the deployment. One to manage without interrupting and to manage this solution. All our technicians manage the platform for accounts.

The ROI is good because the solution provides good protection. The solution can help you to prevent data breaches, which can save you a lot of money.

Usually, the licensing cost is yearly. But we got the solution through a solution distributor's agreement which usually helps. There are no additional costs. 

I surely recommend using this solution. The strongest point is integration capability with other Microsoft products. 

Overall, I would rate the solution a nine out of ten.  

The protection provided by Microsoft Defender Threat Intelligence is robust and effective.

It efficiently helped us in threat hunting.

The malware virus posed significant security challenges, but Microsoft played a pivotal role in addressing and resolving the incident.

The timeliness and accuracy of Threat Intelligence are commendable.

The primary advantage lies in its robust security and overall performance.

Its user-friendliness is its most valuable aspect. I am satisfied with its performance in general.

It would be beneficial to enhance the pricing structure and make it more affordable.

I have been using it for six months.

It provides good stability capabilities with occasional delays. I would rate it eight out of ten.

I would rate its scalability abilities eight out of ten.

I used Norton previously, but that was quite some time ago.

The initial setup was straightforward.

Deployment is quick, typically ranging from five to ten minutes. I was responsible for the deployment. First, you need to install the antivirus software on the system. Then proceed with the installation process.

It's reasonably priced, though there's room for further improvement.

I would recommend it because of its strong security and user-friendly interface. Overall, I would rate it eight out of ten.

From a threat intelligence perspective, we use Microsoft Defender in conjunction with Azure and the cloud for our cloud-based customers. It helps us defend against various types of malicious code, whether it's through email inbounds or uploaded through USB sticks. It offers a wide range of capabilities.

Microsoft Defender is delivered in different components. One of them is the Microsoft community, where they share information about discovered malicious code, and remediation is promptly provided. This collaborative approach ensures that threats found in one country can be quickly addressed in other countries.

The global review and remediation of malicious code is probably the most valuable feature.

It's difficult to provide direct feedback to Microsoft, even as a Microsoft partner. However, the community out there supports and assists each other if that helps.

Microsoft itself is a major target for attacks and threats due to its size and popularity. That could be considered Microsoft's Achilles heel. Being the largest technology provider attracts significant threats. Microsoft is constantly fighting against threat actors trying to breach its technology. So by being the biggest, you attract the biggest threats.

I believe Microsoft could play more nicely with other IT security vendors. Currently, if you want your technology to integrate with Microsoft, you have to go through an extensive testing program to ensure compatibility with Azure. So, even the partnership program could be more efficient, allowing for smoother integration.

I've been working with it since its inception. I've been involved in IT security for over thirty years, so I've seen it evolve.

If I were to rate the stability, I would say it's around an eight. However, there are occasional outages in Microsoft 365. So, stability can vary depending on the region, and there are instances of outages.

I would give it an eight, without a doubt. It's highly scalable. Microsoft Defender can fulfill the needs of both small businesses and enterprise businesses effectively.

Directly contacting Microsoft can be quite challenging. However, there is a community platform where users can find resolutions to specific issues. Microsoft also has an extensive patching program, and Microsoft releases updates to its solutions on the first Tuesday of every month.

Positive

Microsoft Defender is comprehensive. It covers areas such as email security, local firewall, and anti-malware. It's a comprehensive solution with different components within Defender. It also supports the operating system, Windows 11. 

It's not limited to a single function. Defender encompasses various security aspects, like email security, local firewall, and anti-malware. Moreover, it's designed to work seamlessly with Windows 11.

On a scale of one to ten, where one is the most difficult and ten is the easiest, I would say it's around a seven or eight. No software is perfect, including Microsoft.

Most organizations are moving to the cloud now, so the majority of deployments are in the cloud. However, we don't provide extensive support for that. The deployment depends on how the customer wants to set it up. A lot of it is in the private cloud, but it is essentially in public areas. It's a combination of both.

The deployment process can vary, but on average, it can take anywhere from two to twenty-four hours, depending on the tenant and whether it's a single or multiple tenancy setup. So, it depends on the specific circumstances.

Considering Microsoft is constantly changing licensing, I would give it a seven out of ten. It can be difficult to get your head around it, especially for small to medium-sized enterprises (SMEs) like most of my clients. We typically deal with E3 licensing rather than the larger corporate E5 licensing.

So, the pricing is subject to changes, and it can be complex, especially for SMEs. It's traditionally based on E3 licensing for our clients.

I wouldn't always advise my clients to exclusively rely on Microsoft products. However, they should derive maximum benefits from the licensing they pay for. For example, you can't simply purchase Defender on its own because it's bundled with the operating system. So, that question loses some relevance since you already have it regardless of choice. So, the value of Defender is already included with the operating system, and users don't have the option to choose whether to have it or not.

However, you can explore other solutions to enhance the security of Windows 11 or Windows 10, such as cloud-based options. But I would suggest making the most out of Defender. If you encounter any limitations, then you can consider other technologies to fill those gaps. So, it's about maximizing the potential of Defender and, if necessary, supplementing it with additional technologies.

You have the option to bolster the security of your Windows system with other solutions if needed, but Defender should be your primary focus.

Overall, I would rate it an eight out of ten because it is bundled with Windows OS. However, it doesn't cover all threats, and it remains a target for threat actors. So, depending on your business needs and the specific areas where Defender falls short in delivering effective security, you may need to supplement it with other technologies to strengthen your overall security position.