Microsoft Defender for Endpoints supports any changes to file permissions, file access, and modifications to file delivery, as well as anti-virus and anti-malware protection. We enable Microsoft Defender on subscription. We depend on the solution for anti-malware, antivirus, and threat protection.
Regarding visibility into threats, Automatic integration enables Microsoft Defender on the level of subscription on the virtual machine. On the level of resources, and OS services, the direct integration between Azure Resources and Microsoft Defender is very smooth. The solution is perfect compared to using third-party software such as antivirus, Symantec, or any other option. We may face some issues in some integrations, but Microsoft Defender for Endpoint integration with Azure Resources is much better than trying to integrate with other solutions.
We use additional Microsoft solutions such as Gateway which is automatically integrated with Microsoft Defender by enabling it from the portal.
The integrated Microsoft products we are using work together to provide a coordinated detection response. The logs are all integrated and sent to a Log at network spaces. Level network spaces and Azure Monitor are already integrated with Microsoft Defender, and if an alert appears in the environment from a firewall, the web, or any other security component, it will automatically generate a security alert on Microsoft Defender. Microsoft Defender becomes the interface or supporter that manages all the security alerts in the environment.
All of our subscriptions are on the Cloud. We don't use anything on-prem. Microsoft Defender is a portal that manages all Endpoint Defender resources in an environment. This includes Defender for Endpoint on virtual machines, Defender for Cloud, Defender for App Service, and any other Defender resource.
We integrated Microsoft Sentinel with Defender Endpoint enabling us to ingest data from our entire ecosystem.
We utilize the interface for our Security Environment. We don't install any other third-party products such as Microscan at the outset, but we are a partner of Microsoft, and we only use Microsoft products.
We act according to the automatic alerts triggered by the Microsoft Center.
Microsoft Defender for Endpoint helps us eliminate the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription and the vulnerability that needs to be remediated for each resource.
Having a consolidated dashboard allows us to address the vulnerabilities that automatically appear on the portal sooner using the recommendations provided by the solution.
Microsoft Defender for Endpoint automatically protects our environment once a virus or malware is detected without any action from our end.
Microsoft Defender for Endpoint has saved us time detecting viruses, but we still have to manually manage any viruses related to the Windows updates batching in order to fix vulnerabilities on a monthly basis.
The solution has decreased our time to detect and respond to threats. Microsoft Defender for Endpoint should secure the environment automatically. We just act when any threat is detected on the back end by the SOC team.