We performed a comparison between Bitdefender Sandbox Analyzer and Microsoft Defender for Identity based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, ESET and others in Advanced Threat Protection (ATP)."It is easy to use, and there is a lot of automation. So, users don't need to worry about that."
"The solution is useful in the event of a gray file or grayware, as there are certain files users may download of which we know little about."
"Sandbox Analyzer is easy to use. It's simple to drill down into the data. In a lot of the competing products, an extremely informed end-user can do battle with the tools provided, but in today's market, end-users have less and less time to try and keep up. The CSAW alerts come out every day, and they're huge. Adobe did a master patch last Thursday and another one a few days later."
"I like the fact that it works pretty well. It can be a little aggressive at times, but I'd rather have it be a little bit aggressive than not catch what it's supposed to catch. We've been running that platform for about five years, and we've not really had any viruses or malware get through. It's also easy to set up, and it's easy to manage."
"Defender for Identity has not affected the end-user experience."
"One of our users had the same password for every personal and company account. That was a problem because she started receiving phishing emails that could compromise all of her accounts. Defender told us that the user was not changing their password."
"This solution has advanced a lot over the last few years."
"Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence."
"The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud."
"The solution offers excellent visibility into threats."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"We would like to see the time it takes for the sandbox to analyze a file reduced from its ten or fifteen minute duration to five."
"It would be better if there were real-time alerts. The whole suite, unlike most anti-virus consoles that just ping you when there's an infection or something, for some inexplicable reason, Bitdefender doesn't do that. The most you could do is get an hourly email, or maybe if there's an outbreak that affects 30% of our machines, it sends me an email. There's no real-time alert to say, "Hey, so-and-so literally 30 seconds ago just had this happen on their machine." Real-time reporting would be a huge improvement. All in all, it's a pretty nice product, generally speaking. They do a pretty good job. They can pretty much go toe to toe with just about anybody. But it's that kind of real-time nature. I've not had occasion to use the EDR portion to actually try and do any kind of custom scripting to drill into things that are going on at the endpoints. But my understanding from reading comments of others is that it's not particularly flexible in that regard to be able to do things like that."
"It should be more secure. There should be more protection, especially for non-signature-based malware. It works fine for non-signature-based malware, but I expect it to become a bit more advanced to be able to cope with future or upcoming environments."
"We propose the on-premises solution to most of our customers, for which we must provide a license, although no such request accompanies customers who want a cloud-based solution."
"It does everything we need. We haven't been able to throw anything at it that it couldn't handle."
"There is no option to remedy an issue directly from the console. If we see an alert, we can't fix it from the console. Instead, we must depend on other Microsoft products, such as MDE. That is a significant drawback. It simply works as a scanner, which can sometimes put enough load on the sensors. Immediate actions should be possible from the dashboard because. It can prevent issues from spreading further."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."
"The technical support needs significant improvement. Documentation for more minor issues in the form of guides or walkthroughs could help to resolve this issue. The number of tickets raised would decrease, removing some pressure from the support team and making it easier to clear the remaining tickets."
"I would like to be able to do remediation from the platform because it is just a scanner right now. If you onboard a device, it shows you what is happening, but you can't use it to fix things. You need to go into the system to fix it instead."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
"We observe a lot of false positives. Sometimes, when we go for a coffee break, we lock our screens. Locking the screen has a separate Windows event ID and sometimes I see it is detected as a failed login."
More Microsoft Defender for Identity Pricing and Cost Advice →
Bitdefender Sandbox Analyzer is ranked 17th in Advanced Threat Protection (ATP) with 4 reviews while Microsoft Defender for Identity is ranked 6th in Advanced Threat Protection (ATP) with 13 reviews. Bitdefender Sandbox Analyzer is rated 9.0, while Microsoft Defender for Identity is rated 9.0. The top reviewer of Bitdefender Sandbox Analyzer writes "You can create time-sensitive policies, apply them, and push reconfiguration, so that engine is functioning, tuned, and safe". On the other hand, the top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". Bitdefender Sandbox Analyzer is most compared with Microsoft Defender for Office 365, whereas Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Sentinel.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
