Code42 Incydr and Microsoft Defender for Endpoint are both robust cybersecurity solutions with unique strengths catering to different needs. Based on user reviews, Microsoft Defender for Endpoint has an edge in features and ease of deployment, whereas Code42 Incydr excels in support and pricing.
Features: Code42 Incydr users value its comprehensive data protection, recovery capabilities, and incident response streamlining. Microsoft Defender for Endpoint users appreciate its advanced threat detection, automated investigation features, and extensive security functionalities.
Room for Improvement: Users suggest that Code42 Incydr enhance its integration with other systems, simplify analytics tools, and improve the interface. For Microsoft Defender for Endpoint, improvements could include better compatibility with non-Microsoft environments, reduced complexity, and enhanced user experience.
Ease of Deployment and Customer Service: Code42 Incydr is praised for straightforward deployment and responsive customer support, making it accessible for organizations with limited IT resources. Microsoft Defender for Endpoint, while powerful, can be challenging to deploy and configure.
Pricing and ROI: Code42 Incydr is considered cost-effective with favorable pricing and solid return on investment. Microsoft Defender for Endpoint, despite a higher price point, is valued for its extensive feature set and perceived long-term benefits.
The return on investment is primarily in time savings and better observability of what's happening.
I rate Microsoft support 10 out of 10.
Due to our size, we don't have access to direct technical support, but the knowledge base, Microsoft Learn, and the articles available are really good.
The level-one support seems disconnected from subject matter experts.
We managed to scale it out in a short amount of time, with two months of planning and three months of implementation on 10,000 computers.
Defender's scalability is phenomenal, and it's going to be one of the keys to resolving issues for the SOC.
It's pretty easy to scale with Microsoft, as they make it easy if you look into the documentation.
I rate Defender 10 out of 10 for stability.
Defender for Endpoint is extremely stable.
I haven't seen any outages with Microsoft.
Repeated interactions are necessary due to Level One's lack of tools and knowledge, hindering efficient problem-solving and negatively impacting our experience with Microsoft support.
We have multiple endpoints, and we want to look for signals across tenants.
An additional feature that could be included in the next release is free Copilot.
Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs.
The pricing, setup, and licensing were very easy and simple.
Defender for Endpoint's coverage across different platforms in our environment is pretty good. We have devices running Linux, Mac OS, Windows, iOS, and Android. It covers all of them.
Attack surface reduction and limiting attack surface vectors are valuable features.
The notification and reporting features are most valuable because we are part of a compliance project, and maintaining SOC 2 compliance is critical.
Detect file exfiltration via web browsers, USB, cloud apps, email, file link sharing, Airdrop, and more. See how files are moved and shared across your entire organization – without the need for policies, proxies or plugins. Incydr automatically identifies when files move outside your trusted environment, allowing you to easily detect when files are sent to personal accounts and unmanaged devices.
Incydr prioritizes file activity based on 120+ contextual Incydr Risk Indicators (IRIs). This prioritization works on day 1 without any configuration. Incydr’s risk scoring logic is use case-driven and transparent to administrators. Incydr uses Watchlists to programmatically protect data from employees who are most likely to leak or steal files, such as departing employees.
Take action with appropriate responses to contain, resolve and educate on detected risk. Use Incydr Flows or SOAR integrations to initiate response controls that are proportionate to an activity’s risk severity. You’ll stop data leaks without getting in the way of employee collaboration and sanctioned file activity.
Improving your Insider Risk posture requires a change in employee behavior. Code42 Instructor provides bite-sized training to employees, delivered when they need it. Use Instructor in tandem with Incydr to send responsive video lessons when employees put data at risk. You’ll ensure appropriate data governance and compliance with security standards and corporate policies as well as report on the positive impact of your Insider Risk Management program.
Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NEA, and Split Rock Partners. For more information, visit code42.com.
Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.
With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.
Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.
Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.