There are several features that I consider valuable. These include anti-malware and anti-phishing capabilities, along with certain remediation abilities for addressing issues once identified. Moreover, the system allows for easy reporting of problems. In the event of a phishing attack, we can conveniently initiate a comprehensive search to identify all related elements of the campaign and remove them from users' mailboxes.

Additionally, the platform offers anti-spoofing measures targeting well-known high-value targets. This proactive approach helps in mitigating business email compromise by designating our high-value personnel. Consequently, any communication purporting to originate from these individuals undergoes a more rigorous verification process to ascertain its authenticity and whether it genuinely stems from a valid account associated with the respective individual.

I work in my company's IT department, so I use all of the products under Office 365 daily, including Microsoft Word, Microsoft PowerPoint, Microsoft Teams, and all the other components in the product. My company can't make it through a day or go by without using the products offered under Office 365. Some of our manufacturing workers may use Office 365 a lot less, but it is still necessary for things like Microsoft Outlook and Exchange.

I found Microsoft Teams to be the most valuable feature of the solution, along with all of the products and features offered under Office 365. My organization has remote workers, and we can't run the company without meetings organized with the help of Microsoft Teams.

The two main features that prove most beneficial for us are URL scanning and attachment scanning.

URL scanning involves an automatic scan of links and emails. When a user clicks on a link within an email, the system promptly checks the link's safety. If the link is deemed safe, access is granted automatically. However, if it is flagged as unsafe, we receive feedback and notification to caution us about the potentially harmful link. At this point, we are presented with the option to proceed or return. I have personally witnessed the system identify a few unsafe links, making this the primary advantage of using the solution.

The second crucial aspect is the scanning of attachments. When an email containing an attachment arrives, we receive a notification of the new email, along with information that the attachment is being scanned for threats. This additional layer of security provides peace of mind for our organization.

While Microsoft Defender for Office 365 offers numerous features, these two stand out as particularly impressive and valuable to us.

Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack. 

Most of our files are being stored in OneDrive. We need to safeguard those links because users have to forward them to multiple locations. Microsoft Defender has a feature to protect each and every attachment. Even if it's an encrypted attachment, it will check for any potential threats.

If there are any spam contents in an email, we will be notified. With the implementation of Defender, we're able to correctly monitor attachments, files, and safeguard the required data. 

Microsoft Defender for Office 365 provides us with visibility into threats. Our emailing system is Microsoft Office Outlook. We also use a mail server from Microsoft. If there's an issue, we're able to troubleshoot it right away and give a solution. All of the administrators are properly alerted in their dashboards.

Microsoft Defender for Office 365 helps us prioritize threats across our enterprise. It safeguards us from any incoming threats or viruses. It scans every bit of information from the software cloud, including attachments, links, or malicious emails that hackers generate to break the security system.

It's definitely important that Defender helps us prioritize threats across the enterprise because some of the security breaches are less serious, so there is more time to troubleshoot. We're able to see everything in the dashboard, so we're notified about the important threats and can act accordingly to resolve them.

Microsoft Defender for Office 365's most valuable features are safe attachments and safe links.

Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable. It's a unified solution that doesn't just cover Microsoft products. We're a multi-cloud shop, and having that coverage is critical. It also includes the latest IAM features like two-factor and multifactor authentication, giving us the most robust solution.

Microsoft Defender for Office 365's most valuable feature is its performance.

The ransomware protection is good.

Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks.

The Attack Simulator feature is built into Defender and runs real-time attack scenarios to identify any security vulnerabilities, phishing attacks, or ransomware attacks.

The automated incident responses, AIRs, have capabilities that save time and effort.

The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint. 

Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected. The convenience of having a centralized location for extracting comprehensive data is particularly noteworthy. With Threat Explorer, I can efficiently manage and mitigate the impact of these campaigns by removing problematic emails from mailboxes, all in one centralized location, eliminating the need to navigate through multiple areas. Effectively prioritizing threats across our enterprise is crucial for us, given that the primary avenue of attack is often through phishing emails. By having robust protection in place, we're able to significantly mitigate this prevalent threat, essentially clearing a major portion of the cybersecurity landscape.

The product helped us maintain collaboration and communication during the pandemic with the help of Teams. 

It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased.

Also, in the beginning, Microsoft Defender for Office 365 saved us time because we had started a completely new company. Now that we are more established, we need another, more advanced solution with more machine learning and artificial intelligence related functionality.

The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over. 

Impersonation detection is also crucial because attackers are increasingly advanced. They keep changing their tactics and adapting. People are getting emails with display names that look like people from their organization. SDF records, DMARC, and all that stuff don't always work because people often ignore email addresses. We have also used the phishing simulation component. That's pretty good.

The email protection is excellent, especially in terms of anti-phishing policies. 

The solution's information protection around sensitive labels and compliance-related security features are also very valuable.

Defender for Office 365 provides excellent visibility into threats; we can see the attacks and phishing campaigns running against our users from the portal.  

The product helps us prioritize threats across the enterprise, which is essential because most of our clients come to us with alert fatigue. They have so many alerts they often need help determining which ones to work on, and the solution's threat prioritization helps us narrow that down.  

The comprehensiveness of the threat protection provided by Microsoft security products is excellent; we wouldn't use any other third-party security solutions, and it all comes packaged with Azure or an E5 license.    

Microsoft Sentinel enables us to ingest data from our entire ecosystem, which is vital because when we deliver security products for clients, one of their primary requirements is to collect all the on-prem logs and put them in the cloud. Sentinel is capable of this and requires some expertise to operate in this way. 

Sentinel allows us to investigate threats and respond holistically from one place; that's what it's built for. We work offsite as we aren't in the same region as our clients, so the ability to respond remotely is essential to us.  

The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time.

The most valuable feature is the score. By looking at the score, you can identify if you are at risk or not.

It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have.

It gives me everything I need, visibility-wise. It also helps prioritize threats across our enterprise and that's very important. That means we can identify the critical vulnerabilities first and keep an eye on other vulnerabilities. By looking at the dashboard, I immediately get an idea of how critical an issue is and we can fix vulnerabilities before they result in an attack.

It has also helped eliminate looking at multiple dashboards, giving us one XDR dashboard, which has made our security operations really easy. We can also create internal tickets within the portal itself. We can assign them to people and see how long it took them to close the tickets. That makes things really easy.

Defender provides all the details and evidence we need about an incident, so you don't need to look for it. Once you enter the tab, you get all the information about the user's activity and everything you need to know within the alert. 

It also helps us identify vulnerabilities. When a new threat is discovered, Defender will flag the client's vulnerable assets and tell us what needs to be patched. That is helpful information to share with our clients. They can patch the vulnerability before being affected. 

Microsoft Defender enables us to prioritize threats. It's crucial because if we ignore critical alerts, we might miss a severe vulnerability, and the user host could be affected if that happens. We must prioritize alerts to address the ones with the highest risk first. Next, we move on to the medium or low-risk alerts and the purely informational notifications. 

We use Defender for 365 with Defender for Cloud and Sentinel. Microsoft Defender for Cloud is primarily for checking the client's security posture. Sentinel ingests data from our entire ecosystem and helps us correlate events from the logs to understand user activity better. 

We can run queries on user behavior or check the logs for any activity related to the alert. Integrating Sentinel and Defender is vital because getting the information from the logs is much easier. We don't need to look at the metadata because we can see the events in a structured format. A few of the alerts can always be resolved by SIEM analysis. If it isn't a high-priority alert, Sentinel can clear it. 

Having everything available in one place is helpful for our investigation. We can forward those details to our clients so they can take action. All the information is in the logs. 

Sentinel allows us to analyze user behavior and assign user risk based on patterns. For example, we can see if a user attempts to log in with an abusive IP. It detects the behavior, so we don't need to search the logs or look through the threat intel. Sentinel gives us a report of all the risky users. The sign-in logs and audits are neatly formatted so we can click through instead of searching manually.

The deployment capability is a great feature. We're able to activate this feature throughout France with a click.

It is a high-impact tool. It keeps users from doing anything wrong.

Microsoft Defender for Office 365 helps people to work remotely. It is a secure solution. We don't need to use our company's computers or get VPN connections to the networks. I can control how they share screens and what they send to the devices. It keeps our organizations confidential and sensitive information safe. 

Defender for Office 365 can help your organization configure policies, analyze threats to your organization and respond to attacks.  It is important to note that there are different levels of protection and capabilities depending upon which version of Office365 license you have. The best features we found most valuable are Forwarding Report, Safe Attachment Files Types, Treat Protection Status, Malware Detected in Email, URL Threat Protection and many more.

I like its investigation capabilities, as that is what is most important to me. It is fairly simple with a user-friendly interface. 

Also, all Microsoft products can be used with each other, as opposed to other vendors' products that cannot be used with each other.

Defender for 365 provides a single integrated platform for securing and managing Office 365 solutions like Microsoft Exchange, SharePoint, Microsoft Teams, etc. Sentinel is included in the same security package. It provides continuous monitoring and alerts.

Microsoft security solutions work together to provide comprehensive protection. They are regularly updating the threat database, and we can detect any novel threats on all the endpoints within the cloud. We have policies in place to relocate affected devices to a sandbox, and we can restore it after clearing it.

It's a little early to tell which features are most valuable, but by default, it gives analytics on user behavior. We have not been able to leverage it fully, but that is one of the interesting features. It's also very simple to use. The documentation has made it quite easy to implement and our team has been able to understand it.

And while we haven't had even one threat incident yet, functionality-wise, Defender for Office 365 can proactively detect threats and prevent them. It is not just a reactive mechanism.

Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features.

The anti-phishing component and the investigation consoles that Microsoft gives you with this product are the most valuable features. The consoles are very detailed and mostly accurate. There are fewer false positives than in other products that I've used.

It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the email to the workstation itself. It's a really awesome product in terms of giving me visibility into what's happening with the endpoints in my corporate environment.

On the investigation console, it shows the form of attack vectors that I may be exposed to and it prioritizes things based on the risk factor. I know what to give priority to when it comes to remediation and prevention.

In addition to Microsoft Defender for Office 365, we use Sentinel and ATP. They are all integrated. I wouldn't be the best person to speak about the integration process itself because I had huge assistance with that aspect. But I'm assuming it was not too tough because that part of the project was pretty quick. It's all license-based, so it's not that difficult.

These products work together, natively, to deliver detection and response in a coordinated way. Whatever is reflected in one of them can be seen through evidence in the other tools. For example, if there's an email threat in an attachment and it is downloaded, Defender continues to pick up the trail from there and resolves the threat.

One aspect of Sentinel that is very important is that it enables us to ingest data from our entire ecosystem. Sentinel is like having built-in AI that analyzes everything that goes on in the environment. The feedback from Sentinel is very important, so it's very important that it has 100% visibility into the environment. It helps us to make a lot of logical decisions.

Sentinel also helps us to investigate threats and respond in an integrated way from one spot. That is important because the speed at which you respond to a threat is very important. The longer you take, the harder the threat will be to dissolve. The quicker the response, the better it is when it comes to remediating the attack or undoing the damage, and keeping downtime to a minimum.

And the AI technology of Sentinel has helped to automate finding high-risk alerts. The alerts are prioritized based on the risk factor.

The solution does a thorough job of examining emails for malicious content and examines the URLs and potential malicious content in emails. It offers peace of mind with more real-time updates as far as what they're looking for as opposed to a signature-based solution. It's probably the most valuable feature in my mind. I've deployed it for a couple of clients in a 365 environment and it seems to be a pretty solid solution. 

Defender helps us prioritize threats across our organization. Defender for 365 is highly efficient and saves us time. We save about 35 percent compared to other solutions. 

We are a small Software as a Service company, so when we hire contractors for projects, we usually move on to a different contractor with the relevant expertise. This means we have a lot of contractors coming in and out of the company, and the solution helps to keep our platforms secure when they have finished working by removing their credentials.

Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links. Anything that has the word "safe" in it is essentially made to defend against the common email vulnerabilities that you would see in similar products. Without these features, it does not have nearly the capabilities. 

On the information protection side, the best features are probably the data loss prevention policies that cover the whole suite of Office 365 applications. I will explain it a little more, from an information protection standpoint, Defender for Office 365, does strictly apply to the Office apps, but that is where it can get confusing because it can do more. It works with MIP, and MIP can be part of a SKU in the M365, particularly the E5 SKU or equivalent. It can protect and prevent data loss of data wherever it operates. It does not matter where it operates, it can be in a different cloud service, on-premises, in Office, a SaaS application, or even It could be your own applications that you have developed. Defender for Office 365 helps with the loss prevention for Office 365 applications.

The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not.

The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance. 

The tool's most valuable feature is virus scanning, which has saved us from malware and ransomware. 

The basic features are okay and I'm satisfied with the Defender.

The initial setup is pretty simple. It's easy to configure.

Microsoft products are always easy to use.

The solution has been stable and reliable. 

The good part is that you don't have to configure it, which is very convenient.

At the moment we are satisfied with this product. It's a stable, scalable, and resilient solution for us.

The most valuable feature of Microsoft Defender for Office 365 is the ease of use.