Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs OPSWAT Filescan Sandbox comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Anti-Malware Tools
1st
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (5th)
OPSWAT Filescan Sandbox
Ranking in Anti-Malware Tools
30th
Average Rating
8.0
Reviews Sentiment
7.5
Number of Reviews
1
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Anti-Malware Tools category, the mindshare of Microsoft Defender for Endpoint is 17.0%, down from 22.2% compared to the previous year. The mindshare of OPSWAT Filescan Sandbox is 0.9%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Anti-Malware Tools
 

Featured Reviews

AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
reviewer2390334 - PeerSpot reviewer
An easily integratable solution that helps scan files
I recommend leveraging the data and using case transcripts to understand how the tool can address your needs. Additionally, testing the solution in your environment can be helpful. If we keep it updated and ensure that the engines and the latest definitions are up-to-date, the solution functions without problems. It continues scanning without any delays. I rate the product an 8 out of 10. With OPSWAT Filescan Sandbox, we can scan various file types, including IOCs, Python compressors, and QR codes from images. All the configuration settings are user-dependent and can be modified over time. It's highly configurable—you can easily navigate to the console, click on any option, and quickly adjust settings, including the default size.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution integrates very well with Windows applications and Microsoft endpoint products."
"The most valuable features are the Windows Firewall and the regular virus definition updates. These features are very helpful and have helped to improve our security."
"Technical support has been great."
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"I find the vulnerability management section of Microsoft Defender for Endpoint to be very useful for organizations."
"It's free. There is no additional cost. It's part of Windows."
"It performs well. The stability is seamless."
"The patch management is very easy, as it can be done automatically or added to a schedule."
"What I find most valuable about it is the design interface."
 

Cons

"Microsoft Defender for Endpoint should include better automation that will make it faster to detect the latest threats happening across the world."
"The solution can be more user-friendly."
"From an audit point of view, our auditors would like to have more reports on how things are used, if things go wrong, and how they went wrong. For example, if something got a warning, "Why?" So, we would like more versatility for tracing and reporting. That would improve the product, as long as the user interface doesn't get bogged down."
"The documentation could be better. When they update their manuals, sometimes they refer to products by their old names, so it is a little confusing. For example, the documentation might still say "Advanced Threat Protection" instead of Defender for Endpoint."
"Features like device inventory continue to lack essential workstation drill-downs showing the entire device information with the least effort."
"Right now, there's a portal for Azure, portals for Microsoft Office, and portals for endpoints. It would be good to have only one portal and integrate everything."
"The solution has minimal customization options, especially compared to Mandiant, so we want to see more scope for customization. A single portal for customization would also be a welcome addition."
"I would like to see online updates for patches for this solution. I would also like to see online information about what is trending in the market in terms of spams, viruses, or trojans. It takes some time to understand how this solution works. A few things are unclear at the beginning, such as whether it actually restricts the virus or spam at the initial stage, or when there is a security update, how will we come to know and how will it get synchronized. It would be really helpful if there is some kind of knowledge base in the form of video, audio, or document that can explain in a user-friendly way the setup, features, risks, and process to mitigate the risks. Currently, I have installed endpoint security for every individual system. I could not install it like other endpoint solutions where we have a server and a client. It would be really helpful if Microsoft Windows Defender has a server-client based model so that I can save some bandwidth when it downloads or uploads features. It will be helpful if we have a LAN-based or WAN-based controlling system."
"There's a size limitation, allowing us to scan only small files."
 

Pricing and Cost Advice

"Even if you are not registered as a not-for-profit, the offering that they have is definitely worth consideration. This is in the sense that the E5 stack just gives you so many benefits. You get your entire productivity suite through Microsoft 365 apps. You get all your security and identity protection. You get the Defender for Endpoint and Defender for Identity. You get the cloud access security broker as well. You get Azure Active Directory Premium P2, which gives you so many good things that you can configure and deploy. You don't have to configure them on day one, but you have access to so many different tools that will protect your data, security, endpoints, and identities that you could build out a security strategy 18 months long, and slowly work your way through it, based on what you have available to you through your license."
"The price is fair for the features Microsoft delivers. If you want tailor-made features, you have to mix different licenses. It isn't straightforward."
"If you don't purchase the advanced threat protection then there is no additional charge."
"I got it with the Microsoft Windows license."
"Licensing fees are paid annually through a partner."
"Compared to ESET, the pricing for Microsoft Defender for Endpoint is on the higher side."
"The license cost is around $35 per machine, which is not expensive compared to other products."
"There is no licensing fee."
"The tool is free, but there's a size limitation, allowing us to scan only small files."
report
Use our free recommendation engine to learn which Anti-Malware Tools solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
12%
Government
7%
Financial Services Firm
7%
Computer Software Company
15%
Financial Services Firm
13%
Insurance Company
10%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
What do you like most about OPSWAT Filescan Sandbox?
What I find most valuable about it is the design interface.
What is your experience regarding pricing and costs for OPSWAT Filescan Sandbox?
The tool is free, but there's a size limitation, allowing us to scan only small files.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
No data available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Information Not Available
Find out what your peers are saying about Microsoft, SentinelOne, VirusTotal and others in Anti-Malware Tools. Updated: January 2025.
849,190 professionals have used our research since 2012.