We performed a comparison between Microsoft Defender for Identity and Microsoft Intune based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easy to set up. Based on the number of devices you would like to set up, you can use scripts, Group Policy, etc. It takes five minutes to set up."
"It automates routine testing and helps automate the finding of high-value alerts."
"All the integration it has with different Microsoft packages, like Teams and Office, is good."
"Defender for Identity has not affected the end-user experience."
"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"The solution offers excellent visibility into threats."
"One of our users had the same password for every personal and company account. That was a problem because she started receiving phishing emails that could compromise all of her accounts. Defender told us that the user was not changing their password."
"The feature I like most is that you can create your own customized detection rules. It has a lot of default alerts and rules, but you can customize them according to your business needs."
"Remote Wipe and Autopilot is one of the best features."
"The central administration con dashboard is very easy to use and provides very good oversight on all that needs to be monitored."
"The Asset Management and Auto Pilot are valuable features."
"The tool's most valuable feature is Autopilot."
"It's not working perfectly, but Microsoft's Autopilot offers great visibility into automated deployment solutions."
"The most valuable feature of Microsoft Intune is having all our devices compliant with our policies."
"Based on my experience, I find Intune very flexible for managing Windows devices. We can use scripting, and we can make use of the self-service portal or the company portal to publish some of the applications for Windows."
"I like that it's very good and very simple. I found that we just needed to have a proper subscription for an Intune tenant, and from the subscription, if we have the right role assigned, like the global admin role or the owner role, we can use Microsoft cloud resources. With the help of that, we can do many things like setting up Microsoft Intune in the cloud to create our virtual machines. All these can be done, and the steps are very simple. I really liked it. I like features like Windows Auto-Enrollment. I like it very much because whenever you supply it to the end-user, it will be ready to use immediately. The end-user only needs to provide the user credentials, and then they are good to go. I also really like Cloud PC, which was recently launched on Azure."
"Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies."
"The solution could be better at using group-managed access and they could replace it with broad-based access controls."
"There is no option to remedy an issue directly from the console. If we see an alert, we can't fix it from the console. Instead, we must depend on other Microsoft products, such as MDE. That is a significant drawback. It simply works as a scanner, which can sometimes put enough load on the sensors. Immediate actions should be possible from the dashboard because. It can prevent issues from spreading further."
"An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate."
"We observe a lot of false positives. Sometimes, when we go for a coffee break, we lock our screens. Locking the screen has a separate Windows event ID and sometimes I see it is detected as a failed login."
"And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"China blocks Google and Google Play Store, which makes installation challenging. Microsoft Intune is a company software, which has to be installed to the app portal or Microsoft Software Center."
"Some enrollment features could be improved."
"They can improve their MAM policies a little bit more and make them more granular. They should include more granular group policies. They are there, but they need to be more granular. Its stability should also be improved. It is not very stable. Sometimes, it shows some inconsistencies across tenants."
"It would be helpful if there was proactive remediation."
"The security features should be improved."
"I have a lot of Apple products in my environment. It would be nice to have an improved integration of Apple products with Microsoft Intune without Jam."
"I wanted to check if there is any provision at the Intune level to restrict certain things, such as a website, but unfortunately, that feature is available only in Microsoft Defender. Intune has web filtering capabilities, but they are only useful for protection from malicious websites, whereas we would like to be able to restrict a website. For example, YouTube is a clean website. No one would identify it as a malicious website, but if we want to stop the end-users from going to that website, we have to go for another product, such as Microsoft Defender or another third-party proxy solution. It would be great if this capability is included in Intune."
"Due to the abundance of features, there's a lot to organize, which makes managing and setting up the solution challenging. The setup is immense, and it would be good to see improvement in this area."
More Microsoft Defender for Identity Pricing and Cost Advice →
Microsoft Defender for Identity is ranked 8th in Microsoft Security Suite with 13 reviews while Microsoft Intune is ranked 3rd in Microsoft Security Suite with 164 reviews. Microsoft Defender for Identity is rated 9.0, while Microsoft Intune is rated 8.0. The top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". On the other hand, the top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Defender for Endpoint, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, SOTI MobiControl and Microsoft Entra ID. See our Microsoft Defender for Identity vs. Microsoft Intune report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.