The product should keep updating its software as to counter incoming threats since threats are becoming more advance with time. The product should be strong in all parts. I would recommend if the product continues to be updated that the way it updates is faster for downloading and updating in our system. The stability is good and should continue to perform well in that way. With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras.
MIS Director at a real estate/law firm with 5,001-10,000 employees
Real User
2019-10-02T11:08:00Z
Oct 2, 2019
There's scanning going on that occasionally topples the memory, causing everything to freeze. This should be fixed. In future releases, it would be helpful if they included something that can control any handset viruses.
I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number. I would like to be able to customize my protection on the dashboard.
Program Manager at a tech services company with 51-200 employees
Real User
2019-09-08T09:50:00Z
Sep 8, 2019
The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices.
Microsoft Enterprise administrator at a comms service provider with 1,001-5,000 employees
Real User
2019-07-16T05:39:00Z
Jul 16, 2019
I think the console can be better. The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified. I think the solution is complicated. This one is one of the concerns that I like to talk about because some end-users do not know how to navigate through the console and how to work with them. I think this is not such a big deal, but I know that there will be other things that may be important to us like, how we can centrally manage users and reports are really important for us. For example, in Kaspersky, we had a problem where we couldn't detect the attacks that we had in some of our zones in our data center. I think if Microsoft Windows Defender can report these things, it's going to be great.
This solution is not perfect. Sometimes it detects something and it's not a threat. The good news is that you can restore something and analyze it better and you can restore the file and copy it or disable the defender and run it again. The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened.
Learn what your peers think about Microsoft Defender for Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Information Security Analyst at a financial services firm with 501-1,000 employees
Real User
2019-07-09T05:26:00Z
Jul 9, 2019
There are certain features that do have room for improvement. I think with the analytics engine they're looking at it from the desktop and the server perspective. I think the desktop engine should also include the script analytics — what executed, what's the power shelf or UI commands, or some form of Splunk regex. I know we don't have that functionality with a run-time analytics platform, but it's a JS (JavaScript) based one. So it would be good if they had a regex to JS converter. The biggest problem is they need to take things out of preview. I know that they're developing on the platform service with the analytics engine, but so many services still rate it as a preview after 12 to 18 months, which is stopping adoption with businesses knowing that that solution could be filled and redirected at any time. So that delay is limiting technology to be able to be updated because they don't have to release all production support.
Associate System Engineer - Security Services at a educational organization with 10,001+ employees
Real User
2019-06-30T10:29:00Z
Jun 30, 2019
There were a few detections that are not picked up, and then Microsoft picks up on that and they update it. That's just a normal thing you go through based on every antivirus solution. You're always going to have viruses and signatures that are coming out. So, I wouldn't say it's the perfect solution because if you're looking at next-generation behavioral based things, for example, if you're going to use ATP, that's when you can get more methods out of it. With Defender, if you pay more you can get the ATP component, which is sold separately by Microsoft. We do have some challenges in the reporting aspect of it. There's a lot of manual effort involved to configure what we need. There are also a few issues with policies.
Microsoft Windows Defender doesn't have a game mode. Other antivirus software (like BitDefender) have something known as a game mode. If you want to play a game, just enable the game mode to allow certain traffic without needing to configure it. Windows Defender doesn't have that. There's no Windows Server edition for Windows Defender as part of the distribution.
I'm sure the premium product has extra features, like listing questionable websites. Defender is just an antivirus product. It would be nice to have a paid upgrade that would provide additional screening of the day-to-day activities.
Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.
With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to...
The product should keep updating its software as to counter incoming threats since threats are becoming more advance with time. The product should be strong in all parts. I would recommend if the product continues to be updated that the way it updates is faster for downloading and updating in our system. The stability is good and should continue to perform well in that way. With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras.
There's scanning going on that occasionally topples the memory, causing everything to freeze. This should be fixed. In future releases, it would be helpful if they included something that can control any handset viruses.
I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number. I would like to be able to customize my protection on the dashboard.
The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices.
I think the console can be better. The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified. I think the solution is complicated. This one is one of the concerns that I like to talk about because some end-users do not know how to navigate through the console and how to work with them. I think this is not such a big deal, but I know that there will be other things that may be important to us like, how we can centrally manage users and reports are really important for us. For example, in Kaspersky, we had a problem where we couldn't detect the attacks that we had in some of our zones in our data center. I think if Microsoft Windows Defender can report these things, it's going to be great.
This solution is not perfect. Sometimes it detects something and it's not a threat. The good news is that you can restore something and analyze it better and you can restore the file and copy it or disable the defender and run it again. The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened.
There are certain features that do have room for improvement. I think with the analytics engine they're looking at it from the desktop and the server perspective. I think the desktop engine should also include the script analytics — what executed, what's the power shelf or UI commands, or some form of Splunk regex. I know we don't have that functionality with a run-time analytics platform, but it's a JS (JavaScript) based one. So it would be good if they had a regex to JS converter. The biggest problem is they need to take things out of preview. I know that they're developing on the platform service with the analytics engine, but so many services still rate it as a preview after 12 to 18 months, which is stopping adoption with businesses knowing that that solution could be filled and redirected at any time. So that delay is limiting technology to be able to be updated because they don't have to release all production support.
There were a few detections that are not picked up, and then Microsoft picks up on that and they update it. That's just a normal thing you go through based on every antivirus solution. You're always going to have viruses and signatures that are coming out. So, I wouldn't say it's the perfect solution because if you're looking at next-generation behavioral based things, for example, if you're going to use ATP, that's when you can get more methods out of it. With Defender, if you pay more you can get the ATP component, which is sold separately by Microsoft. We do have some challenges in the reporting aspect of it. There's a lot of manual effort involved to configure what we need. There are also a few issues with policies.
Microsoft Windows Defender doesn't have a game mode. Other antivirus software (like BitDefender) have something known as a game mode. If you want to play a game, just enable the game mode to allow certain traffic without needing to configure it. Windows Defender doesn't have that. There's no Windows Server edition for Windows Defender as part of the distribution.
I'm sure the premium product has extra features, like listing questionable websites. Defender is just an antivirus product. It would be nice to have a paid upgrade that would provide additional screening of the day-to-day activities.