We performed a comparison between Microsoft Defender for Endpoint and Webroot Business Endpoint Protection based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: When selecting the best Endpoint Protection (EPP) for business, PeerSpot users feel Microsoft Defender is the better choice for Windows and Azure products, although Webroot does receive higher marks in the service and support and deployment categories.
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The setup is pretty simple."
"NGAV and EDR features are outstanding."
"Ability to get forensics details and also memory exfiltration."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The solution was relatively easy to deploy."
"The fact that it's from Microsoft, you don't have many false positives, unlike products from other vendors might have."
"I like the process visibility. This ability to visualize how something was executed is valuable, and the fact that Defender ATP is also linked to the threat intelligence that they have is also valuable. So, even if you have something that doesn't have a conventional signature, the fact that you get this strange execution means that you can detect things that are normally not visible."
"Microsoft Defender for Endpoint is quite good. We haven't really experienced any issues with it."
"Microsoft Defender can block some viruses or malware. So, it can protect my files. It can save files on Office 365 OneDrive. I use encryption for some files, then I can recover them from OneDrive."
"We have very good visibility on our endpoints. The level of information it throws back is helpful."
"The most valuable feature is that we can use the solution right out of the box without too much configuration."
"The most valuable feature is its ability to effectively detect threats. It has the EDR feature, endpoint detection and response, and that is very good."
"The most valuable aspect is information, specifically the automatic investigation of packages."
"Low performance requirements."
"Valuable features include good scanning, very light footprint and management console that the client can access and (just as important) in which I can see status of groups of computers (I am a consultant, IT role)."
"It is pretty unintrusive. It doesn't take over the system like McAfee or Norton. It doesn't use a whole lot of resources. McAfee and Norton use a lot of resources."
"It is very lightweight on the workstations, not slowing them down while still doing its job very well."
"Its ease of installation is valuable. It has been a low-resource tool and the continuous updates in the past have made it attractive from the standpoint of the trust level on the protection."
"The ease of use of the centralized admin console is its best asset."
"The initial setup is not complex at all. It's very straightforward."
"I rate the initial setup phase a ten on a scale of one to ten, where one is difficult, and ten is easy."
"The support needs improvement."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We find the solution to be a bit expensive."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution is not stable."
"The only minor concern is occasional interference with desired programs."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We encountered some misbehavior between Microsoft Office Suite and Defender. We had issues of old macros being blocked and some stuff going around the usage of Win32 APIs. There is some improvement between the Office products and Defender, and there is a bunch of stuff that you can configure in your antivirus solutions, but you have several baselines, such as security baselines for Edge, security baselines for Defender, and security baselines for MDM. You have configuration profiles as well. So, there a lot of parts where we can configure our antivirus solution, and we're getting conflicting configurations. This is the major part with which we're struggling in this solution. We are having calls and calls with Microsoft for getting rid of all configuration conflicts that we have. That's really the part that needs to be improved."
"The product development team makes frequent changes that affect the stability of the solution."
"One thing that was lacking in Defender was web filtering. Its web filtering wasn't as comprehensive. Sophos was a little bit better than Defender for blocking URLs or installing programs."
"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
"It is not very scalable from the eyes of an MSP because there is no dashboard that you can use to see all of your devices that have Windows Defender unless you have your own dashboard or an RMM tool to actually look at it. So, you might not get to know that a particular computer of a client is doing something, and it might have got a virus. That person might know that, but unless you set it up to actually send you the information, you won't get to know that. That's one of the things that is hard with Microsoft Defender. It is not made for the MSP world where you have one pane of glass to see all of your clients with Microsoft Defender on it unless your RMM tool already has that built-in and it can see the telemetry from Microsoft Defender."
"I would like to see integrations with other products, such as Spunk and other CM solutions. That would create possibilities for me, and for a SOC, to consolidate all events in an older console, not one provided by Microsoft but provided by a third party, and use it to create more insights."
"I miss having an executive dashboard or a simple view for viewing things. Everything is extensive in this solution. Everything is configurable and manageable, but the environment of Microsoft 365 has about 13 administrative dashboards, and in each of the dashboards, there are a gazillion things to set up. It is good for a large enterprise, but for a 200-seat client, you need to see 5% of that."
"The pricing could be a bit better."
"The console spins up relatively slowly, and some of the configuration items are obscure (e.g., reporting back one time per day is a default setting) and need to be tweaked."
"It doesn't do anything proactive. The virus has to hit the machine before it detects it."
"We need to have a stronger defense against CryptoLock and other attackers."
"Their customer support should be better. We started having some issues with it, and we didn't get the required support."
"Webroot Business Endpoint Protection needs to focus on how they can widen their area of scope by not just being an antivirus tool anymore. The shortcoming in the customization area of the tool needs improvement."
"The solution could improve by providing better ransomware protection."
"Since they're dealing with multi-core environments now, the best option would be for them to enhance the product so that the product can automatically do an assessment on the machine."
"Usually, when it comes to reliability, McAfee and Norton are at 99 percent. Webroot's percentage is lower. It is 94% reliable in terms of what it catches, but you're trading that percentage for customer satisfaction because your computer isn't being constantly told that it just blocked something, or it just did something."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
More Webroot Business Endpoint Protection Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Webroot Business Endpoint Protection is ranked 34th in Endpoint Protection Platform (EPP) with 30 reviews. Microsoft Defender for Endpoint is rated 8.0, while Webroot Business Endpoint Protection is rated 8.2. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Webroot Business Endpoint Protection writes "Lightweight and not hard to set up however, does not offer good reporting". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas Webroot Business Endpoint Protection is most compared with CrowdStrike Falcon, Huntress, HP Wolf Security, SentinelOne Singularity Complete and Cynet. See our Microsoft Defender for Endpoint vs. Webroot Business Endpoint Protection report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.