[German]How does Microsoft Defender actually compare to third-party ICES solutions for protecting Microsoft Office 365? ICES solutions can be integrated into Microsoft Defender for Office 365. I recently came across an overview from Microsoft with a comparison.
ICES eco system for Microsoft Defender for Office 365
The abbreviation ICES stands for Integrated Cloud Email Security. Microsoft has created the option in Defender for Office 365 (MDO) to integrate security systems from email security providers. The integration supports a multi-layered defense strategy.
It enables customers to benefit from niche features offered by external partners and ensures a consistent user interface in the Microsoft Defender portal. The integration allows users to view and manage quarantined emails from Defender for Office 365 and non-Microsoft providers in a single user interface.
The advantages of this ICES ecosystem are described by Microsoft here. There is also a Techcommunity article entitled Introducing the Microsoft Defender for Office 365 ICES vendor ecosystem dated June 17, 2025, which describes the ideas behind the concept.
Comparison of ICES email security solutions
On July 17, 2025, Microsoft published an overview entitled Transparency on Microsoft Defender for Office 365 email security effectiveness, which aims to provide transparency about the effectiveness of Microsoft Defender for Office 365 email security. I came across this article a week ago via the following tweet.
The article presents the interaction of Microsoft Defender for Office 365 with third-party email security features such as SEG (email gateway) from providers such as Barracuda, Hornet Security, etc., as well as ICES (Integrated Cloud Email Security) providers such as Check Point Harmony, Cisco, etc. It also touches on the shared management dashboard and presents a list of various vendors.
The article also discusses benchmarking of various providers in comparison to Microsoft Defender for Office 365 (MDO). Microsoft has benchmarked seven SEG providers and Microsoft Defender for Office 365.
Secure Email Gateway (SEG) Vendor Benchmark Data
This analysis showed that Defender for Office misses the fewest threats compared to other solutions (see image above).
As companies adopt multi-layered security strategies, ICES (Integrated Cloud Email Security) products run after Microsoft Defender for Office 365 and serve as a second filter. These solutions provide additional layers of detection that focus on specific types of threats or user behavior patterns.
Microsoft's analysis shows that combining ICES products with Defender for Office 365 has the greatest impact on detecting spam or bulk emails, with an average improvement of 20%. For malicious messages and spam, the average improvement across all providers tested was 0.30% (malicious message detection) and 0.51% (spam detection). Details on individual providers can be found on the benchmarking website.
