Microsoft Defender for Endpoint Reviews

Our primary use for the solution is threat detection and response.

It's basically for security implementation, response planning capabilities and other security functions. Obviously, auditing, HR, requirements, legals, auditing, banking, and financial services all require a lot of the data that are generated and reported out of the platform.

The features that are most valuable for us are cloud analytics from the APT (Advanced Threat Protection) engine or quarantine, deletion, and removal. Basically, they work by web engine. Simply, it is proactive in resolving potential issues.

There are certain features that do have room for improvement. I think with the analytics engine they're looking at it from the desktop and the server perspective. I think the desktop engine should also include the script analytics — what executed, what's the power shelf or UI commands, or some form of Splunk regex. I know we don't have that functionality with a run-time analytics platform, but it's a JS (JavaScript) based one. So it would be good if they had a regex to JS converter.

The biggest problem is they need to take things out of preview. I know that they're developing on the platform service with the analytics engine, but so many services still rate it as a preview after 12 to 18 months, which is stopping adoption with businesses knowing that that solution could be filled and redirected at any time. So that delay is limiting technology to be able to be updated because they don't have to release all production support.

In the last 12 months, we've moved up to the Gartner Magic Quadrant report as a leading form of threat analysis. Obviously, the more clients that migrate to Cloud Services the more analytics platforms are picking it up. There are auto-resolutions and it's getting more cross-correlations between tendency. So we're getting a lot more APT (Applied Predictive Technologies) and IOC (Indicators of Compromise) data through which you can get a better response, better response times, automatic remediation tasks, reduce the amount of the alerts and false positives — that sort of thing. It's all really useful. It's scaling out on its own.

We get direct support. They're literally across the road from us. We've got multiple Microsoft engineers assigned to our contract as well, so we deal directly with their engineering teams.

The setup was simple and straightforward.

Here we SCOM (System Center Operations Manager) SCCM (System Center Configuration Manager) deployment for pushing out the agent's, done the deployment for the AIP (Azure Information Protection) scanners and load that unified data locally.

We consulted with Microsoft, but we're a full IT workhouse so we have qualified engineers that were coming off a three-year capability program to deliver all of those services.

As far as the amount of staff we use to support the solution, we have a lot of managed providers and different international SOC (Security Operations Center) teams and different agencies that manage a lot of the services. I would say that globally we would have probably about close to a hundred engineers working on the solutions full-time with cloud app development and Kubernetis and things like that.

We compared extensively between multiple services, everything from Azure, cloud service providers, identity providers, platform SaaS providers — we did all that before we sort of consolidated on certain technologies in different areas.

We're utilizing a lot of the services. There will be some future state planning goals, but we're taking a risk-averse assessment on the product. We're more controlled about how things like our customer member data protections, cryptography and those types of things are working. So we're doing still doing a little bit of assessment. I know it's got the ASD clearance rating and certain services, but that's based off the tenancy agreements.

I'd say the product rates about an eight out of ten as it currently stands.

You have to implement the product — there's no choice. You can't use the exchange online protection or the advanced analytics or obscure identity IP protection without the APT being installed on the endpoint. Otherwise you're not getting into threat intelligence or the actions. You're not going to get the full response plan or activities that occurred. You cannot deploy without APT being installed on the desktops and have a full, defined solution for unified labeling. That has to be deployed and tested for unstructured data for at least six months with the AIP (Azure Information Protection) scan that's deployed with APT.

Microsoft Defender for Endpoint is a basic endpoint protection solution. If you do not combine it with another solution then you will leave yourself open to vulnerabilities. I used Microsoft Defender for Endpoint in conjunction with other solutions, such as Cylance.

Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed.

I have been using Microsoft Defender for Endpoint for a few years.

I have not called Microsoft technical support.

Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows.

The solution comes as part of Microsoft Windows. 

I wouldn't call Microsoft Defender for Endpoint a solution, I'd call it part of a solution. I don't think I would be going around recommending it.

I rate Microsoft Defender for Endpoint an eight out of ten.

I use Microsoft Defender for Endpoint for an antivirus solution.

Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management.

I have used Microsoft Defender for Endpoint within the last 12 months.

The solution has good performance, I have not seen a problem.

I have used ClowdStrike previously.

The initial setup is easy.

I did the implementation of Microsoft Defender for Endpoint.

The price of Microsoft Defender for Endpoint is reasonable. Other solutions are more expensive, such as ClowdStrike.

Microsoft Defender for Endpoint only provides a basic level of security. I don't find it overly useful or appealing. I can trade it with another endpoint security solution. It's an addition to other endpoint security solutions.

I rate Microsoft Defender for Endpoint a five out of ten.

Within our company, there are roughly 400-500 users of this solution.

The antivirus features are very useful.

We encountered some issues when we were trying to enable automatic updates from our group policy.

We have onboarded a number of machines without any issues.

We find that Microsoft Defender Antivirus is very stable. We've experienced complications with other solutions in the past and found that this is one of the most stable solutions. It's also very scalable, too.

Marine data systems also handle our support. If we have any issues, we come to them first. Their support has been really good.

At first, the initial setup was a bit complex, but after we had some experience with it, it wasn't a problem.

Marine data systems is a partner of ours and they helped us with deployment — they're excellent.

We have evaluated and used Mindset before. We also evaluated Kaspersky. We decided to go with Microsoft Defender Antivirus because of its onboarding capabilities and automatic updating.

Before settling on this solution, you should explore more than one form of ATP. Overall, Microsoft Defender Antivirus is a very good application.

On a scale from one to ten, I would give this solution a rating of ten.

I primarily use Defender for web protection.

I've been using Defender for over ten years.

Defender is stable enough and is competitive with the other products in the market.

The scalability could be improved - I would rate it between a seven and an eight.

The initial setup was not complicated. 

We implemented using a Microsoft team.

Defender is available on a yearly subscription.

Defender is an ideal solution for web security. I would rate it as seven out of ten.

Just as the name states, we use this solution to defend endpoints. 

We're actually in the process of moving away from this solution. We are beginning to use SentinelOne.

For me, It's just a standard malware and antivirus solution — nothing more, nothing less. 

I personally haven't experienced any pain points, but some of my coworkers feel that it isn't secure enough.

It would be nice if they could guarantee that we'll always be safe and secure with them. 

I have been using Microsoft Defender for Endpoint for roughly four years. 

For me, this solution is both reliable and stable. 

I have never had to contact their technical support. 

The initial setup was straightforward. 

Microsoft Defender for Endpoint is quite good. We haven't really experienced any issues with it.

I would recommend Microsoft Defender for Endpoint to other users. Overall, on a scale from one to ten, I would give this solution a rating of eight. 

We use this solution and we also implement it for customers. We mainly use it for its anti-malware and threat protection capabilities. If a client comes to us who uses Office 365, then we suggest this solution.

At the moment we have between 10 to 50 customers.

We definitely plan to keep using this solution. We're currently just pushing out all other solutions because they're not integrated and they have additional deployment costs. The only thing which is a bit peculiar is that you need to convince the customer that you're not talking about an antivirus solution. If we do, then they end up comparing things that are incomparable.

The primary advantage is that you don't need to install it. It's included in the Windows 10 delivery.

It's part of the Microsoft 365 suite, so it's integrated. We also use it for collaboration with other components within the suite. These two things are the most important for us at the moment.

Some integration components for Mac should be added. We use both Windows 10 desktops and Mac desktops, but presently, the Mac component is still lagging a bit behind. However, I think this is a temporary case.

I have been using Microsoft Defender for roughly one year.

On Mac, it's quite unstable and unusable; however, it's very stable for Windows. We're content with what it does and how it works.

It's on the cloud, so scalability is not an issue.

We've had no problems with customer support.

There's no installation to be done on the device itself, so it's quite easy. Configuration takes roughly two to three days.

Our company acts as both a consultant and integrator. 

Licensing options vary. Some customers buy it as an enterprise agreement and pay yearly. Others buy it as a CSP, so they pay per month. It completely depends on the customer's needs.

Overall, on a scale from one to ten, I would give this solution a rating of nine. Some integration components on Mac should be improved. It should be more stable on Mac. If they fixed this, I would give it a rating of ten.

I primarily use it for myself and my businesses as a protection solution.

The most valuable feature is the protection given via the antivirus.

The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices.

The solution is stable.

The solution is easily scalable. I'm always trying to increase the usage to maximize the capabilities of the product offering. As soon as new capabilities appear I will expand usage to include them. In terms of physical expansion to other devices, I already have the solution on all of my devices.

I've never needed to contact technical support.

I did previously use a different solution, but it was more convenient to work with Defender. I wanted to use the same provider. I'm using the Microsoft operating system and Microsoft applications. It seemed to be a logical step. 

Defender is integrated into the operating system. It's integrated with everything. You don't have to spend time analyzing what you have to do to be sure that the integration is okay between the security tool and all the other apps. This, from my point of view, is the main advantage.

Initially, a few years ago, the setup was not so easy. Now, with Windows 10, it's automatic. It's already within the system, so now we don't have to worry. Initially, before Windows 10, we had to install it. It was not so complicated, but a bit more complicated than now where you don't have to do anything at all. Originally, the deployment took about 10-15 minutes. You only need one person for deployment and maintenance. With the 2000 version, maintenance is almost nonexistent. You just follow up and approve the updates. It's a fraction of the time.

I implemented the solution myself.

You have a standard licensing fee. As far as I know, there are no other costs above and beyond this.

We are using the public cloud deployment model of the solution.

I would recommend the solution. I would rate it ten out of ten.