This is used across our entire fleet of devices. It has allowed us to streamline the services we use as now most things are under the Microsoft umbrella.
This makes them much more worthwhile from a cost perspective as we're no longer paying for the functionality and another product for XDR.
Pros
Picks up issues that other products have not
Highlights vulnerabilities as well as live incidents
Cons
Speed of which the portal updates
Onboarding process
Visibility of all information needed to diagnose and resolve an incident
Likelihood to Recommend
The software links in well with other Microsoft products as they are all designed by the same people.
VU
Verified User
Employee in Information Technology (Aviation & Aerospace company, 501-1000 employees)
We use Microsoft Defender XDR to keep our computers safe from bad stuff like viruses and spam. It helps us stop the bad emails and things before they can hurt us. We use it on all our laptops and phones so everyone is safe. It is like a superhero for our computers and makes sure no sneaky hackers come in.
Pros
Unified threat detection across endpoints
Endpoint activity monitoring and logging
Rapid forensic data collection and analysis
Detailed threat analytics and reporting
Automated remediation workflows
Cons
Multi-tenant management complexity
Automated response configuration
User behavior analytics granularity
License complexity and cost
Likelihood to Recommend
I give Microsoft Defender XDR a 9 because it helps us watch all the computers and users. When bad things happen, it tells us fast so we can fix it. Sometimes it gets too many alerts and it's hard to know what to do first. But mostly it works good and keeps our company safe from hackers and viruses. I tell my friends to try it.
So in general, the idea of Defender XDR is to bring the security signals of the different areas together so that you have events on the client, on the user identity and this all needs to come together so that you have the full view so that you can easily see if there is an issue with the security configuration or if there is something actively going on. So I'm owning part of these applications in our company, so I'm responsible for everything, access control and all these things truly ensure that we have everything configured so that we get all the data we need to then run the analytics on it.
Pros
If you stay on the XDR endpoint management part, it collects really a lot of data from the endpoints. So it is not only a security tool, it is also helpful for operations. So if some user on the other half of the world has an issue, business machines, I do not necessarily rely anymore to have a connection to the client to find some log and audit things on the local machine because everything is in the cloud. I can do run the analytics right there to see really. But from user perspective really it's just an operational point of view. So he opened a website but was not able to access something, it was blocked by some firewall, all these things and so this is not only really security tool is really day-to-day tool use. Also by operations.
Cons
This is a general discussion we have in that best of suite approach so that sometimes even if deliver all Microsoft products and even if we live in the same console, we are not really talking to each other. So users and devices have different ID identities. So that means just because I see insecurity somewhere that there is an issue. I can in general, and it is a good point, create a task for the team that is doing client management, but it comes with totally the wrong identities because in the security world and the identity world and then the client management, the same device has three different identities. So the other team always need to do something, they need to have some conversion. That is of course bad. If these systems know each other, we should have a better understanding of the other part, the other product.
Likelihood to Recommend
Suit Really in everything, what is modern cloud work especially really if you work in a global company where your IT team is not always operational hour of the business users so that everything is really in the cloud can be managed from everywhere, but we do not access to local resources anymore. That's really a good point. What is always a little bit the pressure point is that general things in cloud things are moving fast so it's always difficult to keep the teams that is using these words up to date.
VU
Verified User
Administrator in Information Technology (Luxury Goods & Jewelry company, 10,001+ employees)
We use Microsoft Defender XDR for threat detection including mails and cloud services and the overall security of
our devices. Great compatability with Windows. We use it round the clock 24/7 to keep our important data safe and can prevent any cyber attacks.
Pros
Integration with Microsoft Products is exceptionally well.
Realtime Threat Detection and Counters
Getting Proper Support when required.
Cons
Room to add more features and functionality.
Occasional false positives, that does waste some time can be worked upon.
Compatibility with older devices can be better.
Likelihood to Recommend
Microsoft Defender XDR provides end user security, secure infrastructure. Gives coverage for endpoints, emails and docs, cloud apps. We use it basically for almost all our Security Services.
This most reliable security system prevents organizations from malware practices that can negatively affect confidential data. It detects viruses contained in URLs and email attachments. It has blocked many targeted attacks on private data in the enterprise. It has saved costs on security deployments and enhanced safe collaboration among teams.
Pros
Prevention of ransomware attacks.
Blocking unsafe content before it lands in email inbox.
Provision of alerts when there are impending attacks.
Cons
The data security models have impressed my team.
The system has displayed efficient performance.
Likelihood to Recommend
Microsoft Defender XDR is well suited to providing security across the enterprise that prevents all forms of external attacks. It has stable configuration data models that integrate easily with other tools. It has blocked phishing emails that could negatively affect the communication network. I have not experienced ransomware attacks since we deployed this platform.
As a young start up, our end users are not the most advanced in term of Security and since we bought 200 Licenses for O365, getting the defender is just something we have to do, as it provides layers of protection for our users from the popular phishing attempts, Protecting the other tools within our suite like one drive etc, not to mention the scary malware attacks. For other organization this might seems to be small, but for a start up where every dollar counts, this is a big matter for us, combining it with Hybrid working mode and a not too advanced users in term of security, this is just a must for us
Pros
Impersonation of email and account
Protecting our one drive's content from malicious uploads
Cons
This protection should come by default on every subscription, not an add on as it is vital tool
Price is another point
Likelihood to Recommend
If the organization is subscribing to M365, this is just a must to have as it will take care the security side that are just priceless, The IT team will be gladly to have this implemented as it will less critical pain point to take care, from the business side, it will be a great risk reduction in term of having a downtime from attacks that are just attempted daily these days
VU
Verified User
General Manager in Information Technology (Automotive company, 1001-5000 employees)
We use Microsoft 365 Defender to address cybersecurity and threat protection challenges across our Microsoft 365 environment. Business Problems Addressed : Email Security : Detecting and blocking the malicious emails, protecting from phishing attempts. Identity Security : monitoring and Protecting against identity based threats, prevent against unauthorized access Data Protection : Protecting against any data leak via DLP policies. Scope of use cases : We are using the Microsoft 365 Defender for primarily email security and comprehensively secure the Microsoft 365 environment.
Pros
Email Security
Protect from Phishing attempts
MFA Integration with Azure AD for extra layer of security to users accounts.
Cons
Need customizable incident response automation.
Need more enhanced reporting
Need to Reduce False positives.
Likelihood to Recommend
Well Suited : In my opinion, Microsoft 365 Defender is highly effective for organizations that want to boost their email security, which helps in identifying and blocking phishing attempts, malware, and other email-based threats, making it a valuable asset for email security. Also for the organizations heavily reliant on Microsoft 365 services such as Exchange Online, SharePoint Online, and OneDrive for Business. I think it is Less Appropriate for Organizations primarily using non-Microsoft productivity and collaboration tools.
In the company, we are an easy target for cyber attacks such as Spam, and phishing, among others. Microsoft 365 Defender helps a lot to mitigate these possible cyber attacks that could compromise some sensitive information of the company. We always seek to be at the forefront of security in order to avoid massively compromising situations since we are the largest marketplace in Latin America.
Pros
Protect from Phishing.
Protect from viruses.
Do an analysis to improve the security system.
Cons
Comercial spam.
Reverse internal security.
2nd, very security access.
Likelihood to Recommend
Regarding scenarios where Microsoft 365 Defender is well placed, it is undoubtedly email, adding the blocking of blacklist emails, additionally, teams as a functional communication tool between work teams undoubtedly do a very good job.