Overview
Product Information on Microsoft Defender for Identity
What is Microsoft Defender for Identity?
Microsoft Defender for Identity Pricing
Overall experience with Microsoft Defender for Identity
“Enhanced Threat Detection in Active Directory With Improved Microsoft Integration”
“Cumbersome Policy Tuning and Poor User Experience Challenge Security Team Effectiveness”
About Company
Company Description
Microsoft enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more. Microsoft is dedicated to advancing human and organizational achievement. Microsoft Security helps protect people and data against cyberthreats to give peace of mind.
Company Details
Do You Manage Peer Insights at Microsoft?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About Microsoft Defender for Identity
Reviewer Insights for: Microsoft Defender for Identity
Deciding Factors: Microsoft Defender for Identity Vs. Market Average
Performance of Microsoft Defender for Identity Across Market Features
Microsoft Defender for Identity Likes & Dislikes
1. Active Directory focused detection. The detections around threats like lateral movement of credential theft were strong and gave us visibility we didn't have previously, to the point where we found real bad actors threats within the first month as a result. 2. Good context within Microsoft Defender XDR. Alerts come in with timelines and excellent context which enables faster triage without the pain points of engaging in raw log hunting. 3. Integration with the rest of the Microsoft Security stack made correlation clean and reduced much of the tool and context switching that came come from having disparate tools.
nothing in particular
Its seamless integration with Microsoft's security ecosystem provides visibility into on-prem and cloud environments. Its capability to analyze massive number of signals on a daily basis allows org to quickly identify and detect complex identity-based attacks and features like automated response can perform the pre-defined response for such attacks without human intervention.
1. Initial setup can be painful if you don't have a solid understanding of your Active Directory topology, otherwise it's far too easy to scope sensors improperly or even misread alerts. 2. While detection is strong, the native one-click remediation actions are quite a bit lighter than what I've seen from other tools. Manual playbooks or custom created automated remediations are still required. 3. Pricing was reasonable given the number of identities and DCs we were working with, but it's still something to consider if you still have a small AD footprint still.
user experience, administration, support, information summary and presentation
If the service is not configured properly, it can create an overwhelming number of alerts that can lead to many false-positive alerts. Although it integrates seamlessly with Microsoft services and platforms, it has limited integration capability with third parties.
Top Microsoft Defender for Identity Alternatives
Peer Discussions
Microsoft Defender for Identity Reviews and Ratings
- CLOUD APPLICATION SECURITY ENGINEERGov't/PS/EdEducationReview Source
Enhanced Threat Detection in Active Directory With Improved Microsoft Integration
We have deployed Defender for Identity to cover our hybrid identities that exist within our on-prem AD instance and our Entra environment. In practice, it's been a net win due to its ability to spot identity driven attacks within Active Directory. The tradeoff on this was due to the initial alert volume for normal user behavior, so the value depends on your willingness to own and manage the tool internally. - IT SECURITY & RISK MANAGEMENT ASSOCIATE50M-1B USDServices (non-Government)Review Source
Seamless Integration With Microsoft Ecosystem Enhances Hybrid Identity Security Monitoring
Microsoft ITDR has proven to be an effective and robust solution to strengthen the identity security posture for organizations. It easily integrates with other Microsoft security platforms like Defender or Entra that can provide you with real-time threat detection and will also provide you with visibility across hybrid environments. - Forensic Analyst<50M USDIT ServicesReview Source
MS Defender Operates Quietly in Background While Alerting to Potential Threats
My experience with MS Defender was smooth and seamless. I see it running in the background most of the time and I infrequently pull it up to see how things are going. Also when there are scans, I always know what's going on and if I have any threats to deal with. - DIRECTOR, IT SECURITY AND COMPLIANCE<50M USDSoftwareReview Source
Least Privilege Permissions and Lateral Movement Risks Managed Using Defender for Identity
Microsoft Defender for Identity provides crucial data associated with Identity based attacks. We utilize it heavily to ensure that permissions are scoped to least privilege and also to identify risks associated with lateral movement. If you are using Active Directory and/or Entra, this product is a must have. - IT SECURITY & RISK MANAGEMENT ASSOCIATE1B-10B USDManufacturingReview Source
It is one of the best security tools in the current cyber market.
A comprehensive security tool by Microsoft. Complete overview of all my endpoints, allowing me to have thorough visibility of my attack surface. It also provides contextual alerts, which enables the me to have an in-depth idea of any ongoing incident. The 90-day trial period before purchase will allow you to fully gauge its capabilities, if it's right for your organization. Highly recommended!