We performed a comparison between Microsoft Defender for Endpoint and ThreatLocker Protect based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Forensics is a valuable feature of Fortinet FortiEDR."
"This is stable and scalable."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"NGAV and EDR features are outstanding."
"The stability is very good."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The price is low and quite competitive with others."
"The virus scanning capability is excellent, and it feeds all the logs into the Microsoft 365 Defender portal, making them easy to search for."
"The integration with all variations of Microsoft Defender, for Endpoint, 365, and Cloud is valuable."
"One of the main features is the solution is very light on resources and we do not have any problems with it."
"Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows."
"The endpoint detection of threats is valuable. The initial detection of things like ransomware and viruses and being able to shut down machines immediately and stop a threat is valuable. We can stop a threat at a source versus allow it to propagate it across the network."
"It's a very complete application. I have all the controls in one site. I can track emails, attacks, and threats, and I can research information. I really like this configuration because I have all the information in place."
"Defender for Endpoint provides good visibility into threats and has favorable threat intelligence."
"The antivirus features are very useful."
"Using ThreatLocker is effortless because I can access it from an app on my phone, so I can help clients after hours. My client had an issue while I was at dinner, and I didn't have a tech on the problem, but I could deal with it from my phone. I can see what the client is doing and approve or deny it. It helps me deliver better service to my clients when they need it."
"The most valuable feature is probably the ability to block programs from running. ThreatLocker has some built-in features that make it super easy. You can also contact their support within the program. If you're having issues, you can click on that button and connect with someone in five to 10 seconds."
"The interface is clean and well-organized, making it simple to navigate and find what we need."
"We use ThreatLocker's Allowlisting to whitelist specific applications and prevent unauthorized software from running."
"While it can be frustrating at times, we appreciate the low-level security provided by the application whitelist."
"The biggest improvement has been knowing that something unauthorized isn't going to get installed on anyone’s machines."
"Feature-wise, the learning mode and the fact that it's blocking everything are the most valuable. I don't see why more companies don't use the type of product."
"The most valuable feature is selective elevation, which allows elevating an individual process to admin privilege without granting admin privilege to that user, which has been by far the most useful feature outside of the overall solution itself."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The only minor concern is occasional interference with desired programs."
"The dashboard isn't easy to access and manage."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The solution should address emerging threats like SQL injection."
"The scalability could be improved - I would rate it between a seven and an eight."
"There's a lot of manual effort involved to configure what we need."
"Microsoft Defender for Endpoint is effective for validating work, but not ideal for investigations."
"With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras."
"I had some cases a while back and told an agent my issue. When I called the next day, I had to explain everything again to a different person, so I found it annoying to repeat myself all over."
"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management."
"The biggest issue I had with Microsoft Defender for Endpoint was the antivirus and ransomware. I wanted central visibility over all the machines that we operate."
"The GUI is very complex and could be more user friendly."
"We identified several areas that we would like to see improved."
"If you have a thousand computers with ThreatLocker agents on them, when you approve or create a new policy saying that Adobe Reader that matches this hashtag and meets certain criteria is allowed to be installed, it applies at the top level or the organization level. It applies to every computer in the company. When you make that new policy and push it out and it goes out and updates all of the clients. Unfortunately, at this time, it does not look like they stagger the push-out."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"The snapshots used in the ThreatLocker University portal are outdated snippets and have not been updated in conjunction with the portal itself."
"ThreatLocker Allowlisting needs to improve its user interface and overall workflow."
"More visibility in the built-ins would be nice."
"From a reporting perspective, enhancing the ability to customize reports would be beneficial."
"There are some times when applications get submitted, the hashes don't really line up."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while ThreatLocker Protect is ranked 26th in Endpoint Protection Platform (EPP) with 13 reviews. Microsoft Defender for Endpoint is rated 8.0, while ThreatLocker Protect is rated 9.2. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of ThreatLocker Protect writes "Integration is simple, deployment is straightforward, and extensive well-written documentation is available online". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas ThreatLocker Protect is most compared with SentinelOne Singularity Complete, CrowdStrike Falcon, Huntress, GravityZone Business Security and Fortinet FortiClient. See our Microsoft Defender for Endpoint vs. ThreatLocker Protect report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Advanced Threat Protection (ATP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
