We performed a comparison between Microsoft Defender for Identity and Microsoft Intune based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud."
"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."
"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."
"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."
"This solution has advanced a lot over the last few years."
"Defender for Identity has not affected the end-user experience."
"The solution offers excellent visibility into threats."
"All the integration it has with different Microsoft packages, like Teams and Office, is good."
"I like that it's very good and very simple. I found that we just needed to have a proper subscription for an Intune tenant, and from the subscription, if we have the right role assigned, like the global admin role or the owner role, we can use Microsoft cloud resources. With the help of that, we can do many things like setting up Microsoft Intune in the cloud to create our virtual machines. All these can be done, and the steps are very simple. I really liked it. I like features like Windows Auto-Enrollment. I like it very much because whenever you supply it to the end-user, it will be ready to use immediately. The end-user only needs to provide the user credentials, and then they are good to go. I also really like Cloud PC, which was recently launched on Azure."
"We are a remote company, and the product helps us manage the global endpoints. It helps us natively manage the endpoints in the cloud from anywhere."
"The product has eased the deployment of Microsoft apps to the devices. We can manage it properly. We can control it and push the updates. Another company helped us with the deployment. However, we can do it internally."
"Stable solution at a good price."
"The dashboards, the security, and the customization capabilities work very well for us."
"Intune's unified endpoint management platform is invaluable."
"It supports end-users who tend to lock their devices quite frequently. Its conditional access policy helps us keep the users logged into their devices."
"It is very easy to use. It has a very easy interface."
"I would like to be able to do remediation from the platform because it is just a scanner right now. If you onboard a device, it shows you what is happening, but you can't use it to fix things. You need to go into the system to fix it instead."
"The solution could be better at using group-managed access and they could replace it with broad-based access controls."
"An area for improvement is the administrative interface. It's basic compared to other administrative centers. They could make it more user-friendly and easier to navigate."
"The tracking instance needs to be configured appropriately."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
"When the data leaves the cloud, there are security issues."
"We need the capabilities of the Cloud Management Gateway (CMG) to be enhanced through Intune instead of Azure."
"An issue we have run into with Microsoft Endpoint Manager is that we cannot patch third-party products like Adobe and Chrome with it."
"There should be more focus on mobile device security and integration."
"Intune has some limitations when it comes to application updates for third-party applications. You can schedule an update, but when it's a package setup, you need to supercede and replace it each time."
"I'd like some more reporting so that I don't have to delve into PowerShell and I can pull more of the local device information such as memory, apps installed, etc. It would be nice to be able to see the apps that are present there but might not be managed. For example, if they installed 7Zip, it could report that back via an installed program or feature to see what was currently installed."
"The reports that are generated aren't so great. They don't give a lot of meaning so far, but that could be down to user knowledge than the actual reporting side of things. I'm not a big user of it, but I was a bigger user of MaaS360, and we used to be able to run weekly and monthly reports. In the case of any deviations. we'd get a warning immediately. That's not so easy to do or to get in place for Intune. This could be just a user issue, but when I compare both, that's the only thing that's lacking for me."
"One big problem with Microsoft is that they're changing the names of the products quite often, or they're quite consistently doing so. Intune is now Endpoint administration. Constantly switching the user interface or the administrative interface makes it quite hard to keep pace. If you are on a two-week holiday and you come back and look at the same screen you have looked at for the last couple of months, it looks different, which is annoying. Changing things around all the time doesn't make it easy."
"What would make this product better is adding more security policies and features in the next upgrade."
More Microsoft Defender for Identity Pricing and Cost Advice →
Microsoft Defender for Identity is ranked 8th in Microsoft Security Suite with 13 reviews while Microsoft Intune is ranked 3rd in Microsoft Security Suite with 164 reviews. Microsoft Defender for Identity is rated 9.0, while Microsoft Intune is rated 8.0. The top reviewer of Microsoft Defender for Identity writes "Offers robust protection from insider threats, but the customer support is poor". On the other hand, the top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". Microsoft Defender for Identity is most compared with Microsoft Entra ID Protection, Microsoft Defender for Office 365, Microsoft Entra Verified ID, Splunk User Behavior Analytics and Microsoft Defender for Endpoint, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, SOTI MobiControl and Microsoft Entra ID. See our Microsoft Defender for Identity vs. Microsoft Intune report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.