We performed a comparison between Microsoft Defender for Identity and Microsoft Intune based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."
"The feature I like most is that you can create your own customized detection rules. It has a lot of default alerts and rules, but you can customize them according to your business needs."
"The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud."
"It automates routine testing and helps automate the finding of high-value alerts."
"All the integration it has with different Microsoft packages, like Teams and Office, is good."
"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"The best feature is that we don't need to worry about downtime. We don't need to worry about the network connections of our office or the virtual private network. Everything is being done through the internet. Using Intune Autopilot, we can configure and deploy everything to the devices."
"Application deployment and keeping the devices secure no matter where they are, by having this cloud solution — that has been great."
"Being able to manage the devices remotely is most valuable. We can push security requirements through Microsoft Intune."
"Its direct integration with all the other products that we have from Microsoft is valuable. We're using the E5 license, and we have a whole wealth of different products available. It just makes it easier to have everything from one provider."
"One of the biggest advantages of Microsoft Intune is that it brings the management of Windows, macOS, iOS, Android, and even Linux under a single pane of glass."
"For the price, the features included with Microsoft are appealing."
"As the solution is a software as a service, the scalability is unlimited."
"If the product works, remote access will be a benefit. To this point we have not had reason to have confidence in achieving that access."
"The tracking instance needs to be configured appropriately."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
"And when you are working in a priority IP address, Identity is not able to know that those IPs are from the company. It sees that the IPs are from Taiwan or from Hong Kong or from India, even though they are internal IPs, resulting in a lot of false positives."
"The technical support needs significant improvement. Documentation for more minor issues in the form of guides or walkthroughs could help to resolve this issue. The number of tickets raised would decrease, removing some pressure from the support team and making it easier to clear the remaining tickets."
"We observe a lot of false positives. Sometimes, when we go for a coffee break, we lock our screens. Locking the screen has a separate Windows event ID and sometimes I see it is detected as a failed login."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies."
"There is no catalog for mobile access management (MAM) security."
"Reporting could be improved. It needs to be more expensive and robust."
"For an existing customer who has an SCCM, it would need to be upgraded to an MECM first before I can introduce Microsoft Intune."
"An issue we have run into with Microsoft Endpoint Manager is that we cannot patch third-party products like Adobe and Chrome with it."
"We haven't really gone through all the features of Intune. We are just discovering them. Every day, we see a new feature that we want to apply, but what will be great for Intune is to be able to deploy apps in a simple fashion. We should be able to easily install various apps on the Windows platform, iOS, and Android. Currently, we have to write some scripts. It's not as straightforward as we would like it to be. It should be simplified so that we can do it just with three clicks—next, next, finish—without needing to write a script."
"Due to the abundance of features, there's a lot to organize, which makes managing and setting up the solution challenging. The setup is immense, and it would be good to see improvement in this area."
"The solution could improve its flexibility."
"The UI also needs improvements because it is complex for end-users. We have had feedback from a few users in our organization who found the UI is not feasible for tracking and analyzing all the processes and monitoring all the devices."
More Microsoft Defender for Identity Pricing and Cost Advice →
Microsoft Defender for Identity is ranked 8th in Microsoft Security Suite with 13 reviews while Microsoft Intune is ranked 3rd in Microsoft Security Suite with 164 reviews. Microsoft Defender for Identity is rated 9.0, while Microsoft Intune is rated 8.0. The top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". On the other hand, the top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Sentinel, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, SOTI MobiControl and Microsoft Entra ID. See our Microsoft Defender for Identity vs. Microsoft Intune report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.