Microsoft Defender for Endpoint Reviews

The most valuable feature is its ability to effectively detect threats. It has the EDR feature, endpoint detection and response, and that is very good.

The management console is something that can be improved.

I have been using Microsoft Defender for Endpoint for about two years.

It is stable.

It is scalable.

The initial setup is quite simple because it is built into the operating system.

Microsoft Defender has more granular capabilities because of the native operating system that it is built into. It is better integrated into the operating system because both the product and the OS are from Microsoft. That is an advantage.

It is an Endpoint Detection and Response system (EDR), and it seems the new term is XDR. We use it for anti-malware protection. It protects from a virus, worm, ransomware, and other similar things. 

It can automatically scan and remediate stuff without an administrator doing anything. We use it for threat and vulnerability management. There are components in there that will tell us about any vulnerable software running on endpoints. There are a whole bunch of other things too.

It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool. 

It has got some awesome threat hunting capabilities. It can search for malicious activity that could indicate that an asset is being compromised, but it is not something to which you would have necessarily got alerted.

We're fully Microsoft, it integrates with other Microsoft security products very well. Its interface is also fine.

It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years.

I have been using this solution for nearly four years.

It can get a little laggy sometimes, but overall, it's fine when investigating events.

It is easy to scale.

There are different levels of technical support that you can purchase from Microsoft. We don't have the top level, but we used to have the top level, and that was good. I would rate them a five out of five. They've got a dedicated team specifically looking at threats for all their customers. 

I was not involved in its setup. I am only a user of the solution, but I'm pretty sure it's pretty straightforward. It's just deployed by Intune or a partial script or something like that.

It was implemented internally. In terms of maintenance, it generally doesn't require any maintenance. There are some policy configuration changes that we can tweak, but the signatures, behavior analysis, and all similar things in the engine are kept up to date by them. We have four people who are dealing with this product.

Licensing models of Microsoft are renowned for being complex. We just purchased the whole E5 stack. With E5 licenses for users, we get access to a bunch of features that are not just related to security. I would rate them a three out of five in terms of pricing.

One of the things that I like to constantly do is assess other vendors in the same space. We get vendor demonstrations, and for the most of it, it seems like Defender is well truly up there with the other best players in the market. I've never done a proof of concept with any other tool, so I can't really compare it with others. Most of the time, vendor demonstrations are all about glitz and glam to sell their product and show how much better they are than competitors.

I would advise doing your due diligence. This is more than just an endpoint security solution, and sometimes, you've got to think of your technology stacks before applying or purchasing certain security solutions and see if they're applicable to your environment. 

I would rate it an eight out of 10. No endpoint solution is ever going to be able to be perfectly good at stopping all types of threats. No endpoint solution would ever get a 10 in my point of view. 

We use it for antivirus. You can use it for malware and Zero Trust. Some people use it for fact-checking too. I can also use it with Intune, which is good. 

We deploy Microsoft Defender on all kinds of devices, including Microsoft, iOS, and Mac.

Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine.

I like the tamper protection. For example, if I buy a notebook with Windows 10 and put Microsoft Defender on it, then I can activate the tamper protection. This keeps people from entering the machine, encrypting it, and changing passwords.

Microsoft Defender is fully integrated with Azure Sentinel. In addition, GPO can be connected with Microsoft Defender and Azure AD.

It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement. 

With Windows 10, version 18.0.3, I couldn't see the documentation to open the ports. If you don't open the ports, then the machine can't communicate with the console.

I like its stability a lot.

You push out all the devices that you want. There is no limitation beyond money and licenses.

In the past, I have used McAfee and Kaspersky. 

I only work with Microsoft products right now. It integrates well with other products. I also work with Microsoft Defender for Identity.

The deployment process is not difficult because Microsoft Defender comes with Windows 10. You just right click, then it connects you with Azure. 

There are other processes that can be connected, e.g., Microsoft Download Center.

I implement Microsoft Defender for Endpoint. It takes me one or two days to design Microsoft Defender for Endpoint. It is easy to do this, and the more you implement, the easier it gets over time.

Sometimes, when I change the configuration, I have to wait six to eight hours.

It is so expensive. It isn't cheaper than McAfee or other solutions.

I prefer Microsoft Defender for Endpoint instead of McAfee, Kaspersky, and other products.

I would rate this solution as 10 out of 10.

We use this product for our endpoint detection and all the remediation.

The solution provides good security features. The key valuable feature for me is that you can view it in the central console.

I'd like to see more integration in the next release and the solution should be file protected.

I've been using this solution for five years.

The solution is scalable. 

I'd like to see a quicker response time from the company's technical support. 

The initial setup was straightforward. It didn't take long and was part of the deployment of our endpoints, and part of the integration. We currently have around 3,000 users and no plans to expand. We have four people involved with maintenance. 

I recommend this solution and rate it eight out of 10. 

We're using the solution on our endpoints.

The functionality is very important to us. 

The cloud provisioning is great. 

It's a Microsoft product, therefore, it's easier to deploy this product than other options. It's very important for us to have a simple way to deploy new PCs when we buy the new PCs. We don't want that deployment to be a burden. The easy deployment feature is very helpful.

At the moment we are currently testing it. We are not major users of the product, and therefore we have no idea of what it can and can't do just yet.

At this time we don't have any recommendations concerning the Windows product interface.

It would be helpful if they offered video tutorial guides. 

I've used the solution for three or four months.

We are testing it right now and we didn't get into the production state just yet. Therefore, it's hard to gauge the capabilities in terms of stability. So far, however, it has been stable.

The scalability is okay. 

Support is always okay. I've always had a positive experience dealing with support. 

The deployment is seamless and super simple. It's not complex at all, and that's the main selling point for us. 

We did negotiate on the pricing, however, I can't speak to the exact costs involved. 

We did not really compare this solution to other options. The advantage is that this solution is available on mobile devices, and we needed something that covered everything, from desktops and laptops to mobile. Therefore, we didn't really consider anything else. 

We are Microsoft customers. We don't have a special relationship with the organization. 

We are using the latest version of the solution. 

It's a good product overall. I would rate it an eight out of ten.

It's an XDR (Extended Detection and Response) system.

It's an enterprise solution that provides a centralized console and it supports all the platforms that we use, including Windows, Linux, Mac, iOS, and Android. Microsoft Defender is embedded in Windows and is a basic anti-virus, but Defender for Endpoint is an enterprise-grade XDR system.

Microsoft should improve support for third-party platforms, because not all functionality is available for all of them. It's a good product, but they should just extend the functionality for all platforms.

I have been using Microsoft Defender for Endpoint for about three months.

It's quite stable. Sometimes it can overload the CPU of endpoints, but Microsoft provides ways to solve this problem.

Microsoft Defender for Endpoint is scalable. It's the ground-level service for other Microsoft security services. Microsoft provides a full range of security services and you have the ability to extend it anytime and in a simple way. You can scale the range of security services by just buying the license and implementing some extra service.

We have close to 200 users in our organization, but we plan to deploy this product to the whole company, with a total of nearly 800 people.

We have not had to contact Microsoft's technical support because we get support from our partner.

When it comes to the initial setup, Microsoft is very strong in that area and it is very simple. That's why we use it in our company. Some products are hard to deploy. Another solution was declined because it was not possible to roll it out in a bigger company.

We don't have a dedicated person to maintain the solution. Two people share the role. One is a Layer-1 specialist who maintains a daily routine, and the other is a Layer-2 engineer.

We started to install this product for ourselves, but Microsoft proposed some different kinds of programs in which an integrator helps key customers deploy services and products. We accepted the proposition and we are happy we did so because the partner was very professional with very deep experience with the product.

Microsoft has different plans for buying this product. The price depends on the configuration of the full set of products that you buy and on the licensing program in your contract. Microsoft provides a flexible licensing program and you can choose what you want.

The pros of Microsoft Defender for Endpoint are that it's simple to deploy and has all the required functionality. The drawback is that it lacks some functionality for other platforms, such as Linux.

I would recommend implementing this solution together with a certified partner. That will help to avoid a lot of mistakes and save you money, because licensing is a big part of the project.

I use it mostly to detect threats or viruses. I am using its latest version.

It is stable and easy to use. Everything is okay, and there are no performance issues.

Its detection is not as quick. There should also be more frequent updates.

I have been using this solution for maybe five years.

It is stable.

We have about 20 users.

I have not contacted Microsoft's technical support.

I didn't use or evaluate other solutions.

Its installation is very easy. It came with Windows.

I can install it myself. We have three teams for deployment and maintenance.

It came with Windows.

I would recommend this solution. I would rate it a seven out of 10.

I use Microsoft Defender for Endpoint protection on my personal computer.

The solution has an easy-to-use interface, is always updated, and is user-friendly.

The solution could improve by providing more integration.

I have been using Microsoft Defender for Endpoint for approximately one year.

The solution is stable and secure.

I have found the scalability quite good.

The installation is simple.

I did the implementation of the solution.

The solution is free and comes with Windows.

I rate Microsoft Defender for Endpoint a ten out of ten.