Microsoft Defender for Endpoint Reviews

We replaced our antivirus with Microsoft Defender, and we are implementing three products. We have Microsoft Defender for Endpoint, which is deployed on all our endpoints. We also have Microsoft Defender for Office, which works very well to protect Office documents. 

We are using this solution for MDM and MAM for the endpoints. We are using its latest version.

It integrates very well with all Windows workstations or other Microsoft Endpoint products. It also works quite well. So far, I have not had any issue that hasn't been sorted out. 

It doesn't use too many resources, so you don't have to install different things.

Its price could be better.

We have been using it for three months. 

It is very stable for Windows. 

It has very good scalability. We have 151 users.

I have not directly interacted with them. My colleagues have interacted with them.

We were using another solution that was number three in the market according to Gartner 2019.

There wasn't really much that we had to do because we have Intune, so it was very easy to deploy. We used the Control Panel, and it was deployed on the rest of the machines. What took longer was the onboarding of the machines to Intune, but once they were there, they were all protected. We, of course, had to remove the old antivirus.

We used a partner. We had two people for this.

It is within the same range as other products. It is not too expensive, and it is also not cheap. Its price can be better, but, well, it is Microsoft.

I would recommend this solution to others. I have a lot of good things to say about it. We are still navigating through it, and it has been working very well. We will absolutely keep on using it. 

I would rate Microsoft Defender for Endpoint an eight out of ten.

We have this security solution activated on 10 different Windows PCs, and we have it for Office 365 products as well.

The most valuable features are that it is flexible, and it is integrated with Microsoft products. That gives us peace of mind.

I like the security center, as well as the full picture of our security profile and insights.

I would like to have additional features such as DNS lookup, which would help for detecting malicious sites. This is a key part that I would like to have, and other products already have it implemented.

I have been using Windows Defender for approximately five months.

Windows Defender is a stable product and we plan to continue using it in the future.

This is a scalable solution. We have between 120 and 140 users right now.

We have not had any problem with the support from Microsoft.

We used a different product prior to this one, but I switched because I have a unified security overview of the corporation. The Security Center is key for being able to work everything from one console.

The initial setup was easy and the installation for the cloud-deployment took no more than an hour.

We deployed with our in-house team. We have two people, not full-time, who take care of deployment and maintenance. They are engineers.

This is a good product and I can recommend it to others.

I would rate this solution an eight out of ten.

We use Microsoft Windows Defender for normal internet security. We use it to detect viruses. We have about 100 users.

We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis. We don't use any other third party products.

There is no behavior analytics for devices and endpoints. There is no behavior-based protection. It does not allow us to pull data from ransomware and zero-day attacks.

We have used Microsoft Windows Defender since 2010. We used Microsoft Essentials with Windows 7 then we upgraded to Windows 10. Since then we have used Microsoft Windows Defender.

Microsoft Windows Defender is stable.

We have had no issues with scalability.

We have not needed any support from Microsoft so far so there are not any complications with customer support so far.

Recently we tested another product that employs Endpoint Detection and Response and also behavior analysis protection. It also was able to filter activities or data. These are things that Microsoft Windows Defender does not do. We stayed with Windows Defender because of the cost.

Microsoft Windows Defender is easy to set up and easy to manage.

We were able to set it up in-house. We have two people in-house that manage Windows Defender.

If you require Endpoint Detection and Response or Behavior Analysis and you can afford it then go with those products. I would rate Microsoft Windows Defender a seven out of ten.

Defender is an antivirus solution deployed on all Microsoft PCs. Thousands of employees at my company use it. 

Defender works in the background monitoring the traffic for viruses.  

Defender could be more secure and stable.

We've been using Microsoft Defender for a couple of years.

Setting up Defender is straightforward. My administrator takes care of all that. 

I rate Microsoft Defender eight out of 10. 

Defender's endpoint protection is good.

I've been using Defender for less than one year. Defender is free for one year. Once that year is over, we will switch to Kaspersky.

Defender is stable. The performance is good.

In terms of scalability, I rate Defender 10 out of 10. 

I haven't dealt with Microsoft support for this product.

It's easy. Defender came pre-loaded on our computers.

I rate Microsoft Defender for Endpoint eight out 10. I would recommend it to others.

Our primary use for the solution is threat detection and response.

It's basically for security implementation, response planning capabilities and other security functions. Obviously, auditing, HR, requirements, legals, auditing, banking, and financial services all require a lot of the data that are generated and reported out of the platform.

The features that are most valuable for us are cloud analytics from the APT (Advanced Threat Protection) engine or quarantine, deletion, and removal. Basically, they work by web engine. Simply, it is proactive in resolving potential issues.

There are certain features that do have room for improvement. I think with the analytics engine they're looking at it from the desktop and the server perspective. I think the desktop engine should also include the script analytics — what executed, what's the power shelf or UI commands, or some form of Splunk regex. I know we don't have that functionality with a run-time analytics platform, but it's a JS (JavaScript) based one. So it would be good if they had a regex to JS converter.

The biggest problem is they need to take things out of preview. I know that they're developing on the platform service with the analytics engine, but so many services still rate it as a preview after 12 to 18 months, which is stopping adoption with businesses knowing that that solution could be filled and redirected at any time. So that delay is limiting technology to be able to be updated because they don't have to release all production support.

In the last 12 months, we've moved up to the Gartner Magic Quadrant report as a leading form of threat analysis. Obviously, the more clients that migrate to Cloud Services the more analytics platforms are picking it up. There are auto-resolutions and it's getting more cross-correlations between tendency. So we're getting a lot more APT (Applied Predictive Technologies) and IOC (Indicators of Compromise) data through which you can get a better response, better response times, automatic remediation tasks, reduce the amount of the alerts and false positives — that sort of thing. It's all really useful. It's scaling out on its own.

We get direct support. They're literally across the road from us. We've got multiple Microsoft engineers assigned to our contract as well, so we deal directly with their engineering teams.

The setup was simple and straightforward.

Here we SCOM (System Center Operations Manager) SCCM (System Center Configuration Manager) deployment for pushing out the agent's, done the deployment for the AIP (Azure Information Protection) scanners and load that unified data locally.

We consulted with Microsoft, but we're a full IT workhouse so we have qualified engineers that were coming off a three-year capability program to deliver all of those services.

As far as the amount of staff we use to support the solution, we have a lot of managed providers and different international SOC (Security Operations Center) teams and different agencies that manage a lot of the services. I would say that globally we would have probably about close to a hundred engineers working on the solutions full-time with cloud app development and Kubernetis and things like that.

We compared extensively between multiple services, everything from Azure, cloud service providers, identity providers, platform SaaS providers — we did all that before we sort of consolidated on certain technologies in different areas.

We're utilizing a lot of the services. There will be some future state planning goals, but we're taking a risk-averse assessment on the product. We're more controlled about how things like our customer member data protections, cryptography and those types of things are working. So we're doing still doing a little bit of assessment. I know it's got the ASD clearance rating and certain services, but that's based off the tenancy agreements.

I'd say the product rates about an eight out of ten as it currently stands.

You have to implement the product — there's no choice. You can't use the exchange online protection or the advanced analytics or obscure identity IP protection without the APT being installed on the endpoint. Otherwise you're not getting into threat intelligence or the actions. You're not going to get the full response plan or activities that occurred. You cannot deploy without APT being installed on the desktops and have a full, defined solution for unified labeling. That has to be deployed and tested for unstructured data for at least six months with the AIP (Azure Information Protection) scan that's deployed with APT.

Microsoft Defender for Endpoint is a basic endpoint protection solution. If you do not combine it with another solution then you will leave yourself open to vulnerabilities. I used Microsoft Defender for Endpoint in conjunction with other solutions, such as Cylance.

Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed.

I have been using Microsoft Defender for Endpoint for a few years.

I have not called Microsoft technical support.

Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows.

The solution comes as part of Microsoft Windows. 

I wouldn't call Microsoft Defender for Endpoint a solution, I'd call it part of a solution. I don't think I would be going around recommending it.

I rate Microsoft Defender for Endpoint an eight out of ten.

I use Microsoft Defender for Endpoint for an antivirus solution.

Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management.

I have used Microsoft Defender for Endpoint within the last 12 months.

The solution has good performance, I have not seen a problem.

I have used ClowdStrike previously.

The initial setup is easy.

I did the implementation of Microsoft Defender for Endpoint.

The price of Microsoft Defender for Endpoint is reasonable. Other solutions are more expensive, such as ClowdStrike.

Microsoft Defender for Endpoint only provides a basic level of security. I don't find it overly useful or appealing. I can trade it with another endpoint security solution. It's an addition to other endpoint security solutions.

I rate Microsoft Defender for Endpoint a five out of ten.