Must buy to protect systems
September 22, 2023
Must buy to protect systems
Score 7 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft 365 Defender
Microsoft 365 defender is very useful in preventing office products from virus attacks like trojan horses , ransomwares. It is used for implementing email security in one of the organisations that I had worked with. It is helpful in Protecting endpoints within the organization, strengthening identity and access management, ensuring data protection and compliance, monitoring and responding to security threats across the Microsoft 365 environment.
Pros
- email security implementation
- endpoint security implementation
- threat detection and response mechanism
Cons
- Cost effectiveness
- A cleaner UI
- reducing false positive results
- Documentation and training provision
- Enhanced security of the nodes
- Preventing spread of virus through email
- Active threat monitoring
Securing the legacy systems, Resource constraints in the team, Meeting regulatory and compliance requirements, such as GDPR or HIPAA, and Alert Fatigue which is Security teams often receive a large number of alerts from various security tools and systems and distinguishing between false positives and genuine threats can be time-consuming and overwhelming . all of these are challenging
The organsiation cyber defence posture has very effectively being managed by microsoft 365 defender solution which is continuously monitoring the system for any attack vector. It has helped reduce the job of security team as they do not need to be available 24 x 7 checking for latest attacks
automated response actions include: Isolation: Automatically isolating a compromised device from the network to prevent it from spreading malware or participating in malicious activities. User Account Suspension: Suspending or disabling user accounts that have been compromised to prevent further unauthorized access. Email Quarantine: Moving suspicious or malicious emails to a quarantine area to prevent users from interacting with potentially harmful content.
I am actively using it
Microsoft Ecosystem: Integrating Microsoft 365 Defender with Microsoft Sentinel tends to be relatively straightforward, as both solutions are part of the Microsoft ecosystem. .Connector Availability: Microsoft provides pre-built connectors or integrations to facilitate the flow of data from Microsoft 365 Defender to Microsoft Sentinel. These connectors can streamline the configuration process. Log Forwarding: Microsoft 365 Defender allows for the forwarding of security-related logs and data to a SIEM platform. Configuration involved setting up log forwarding rules within Microsoft 365 Defender to specify what data should be sent and where it should be sent (e.g., Microso ft Sentinel). It was a easy process overall
Microsoft is a known leader in the cyber security space and the trust microsoft has is greater than any other product. The pricing though bit on the higher side , but it ensures a proper support with using the product which makes it more preferred in our organisation.it is fairly having a better documentation
Do you think Microsoft Defender XDR delivers good value for the price?
Yes
Are you happy with Microsoft Defender XDR's feature set?
Yes
Did Microsoft Defender XDR live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Microsoft Defender XDR go as expected?
I wasn't involved with the implementation phase
Would you buy Microsoft Defender XDR again?
Yes
Comments
Please log in to join the conversation