Microsoft Defender for Endpoint Reviews

The solution is primarily used for antivirus and malware protection.

It definitely improves the organization in terms of security and productivity. We integrate the Defender with the Microsoft Cloud platform as well. It provides us with sandboxing and other functionalities in real time, where we can have the protection we need. 

It's integrated with advanced threat analysis so we can see how the threat is coming into our network, what it is doing, and more. We can see everything step by step if a threat comes, including how this threat impacted the organization, et cetera.

The first thing which I noticed is that it is completely compatible with Windows. It does not make Windows slow, as compared to all of the third part antiviruses.

The stability has been good.

Technical support is helpful and they have a very robust online community as well.

The product can scale very well.

We would like more customization, actually. They're not too customizable. We'd like the flexibility to be able to set some applications on a white list. We need more options. 

I've used the solution for approximately five years. 

The solution is stable and responsive. 

We have the solution deployed to around 350 users across four different locations.

It can scale to the thousands and thousands. I have seen customers here, some have approximately 12,000 devices and they're running that one program and it's going far without any issues. 

Technical support is good. They know things about the solution. The best part is that if anything happens, the Microsoft community is so big that any problem comes up, you can also just Google it and you will get the solution.

We used McAfee and another solution as well and they both are great and amazing, however, they make PCs slow and every time something happens you have to call the vendor and they will help you support. The difference is, with Defender, it doesn't slow things done and you never have to call Microsoft.

The initial setup is very straightforward. IT is actually my default. We actually helped our end-users with system centers, integrated Defender updates, Defender itself, patching, and Defender configuration using the consent and configuration manager. It's simple. It's not complex to set it up or manage.

It's a bulk operation to set it up, therefore, even if you have 100 PCs, it will only take you about an hour and you will be up and running with everyone. You only need one to two percent of your staff to handle the deployment and maintenance tasks. 

We used an integrator during the initial setup. They were quite helpful. Our experience with them was good. 

We have seen an ROI.

The solution is free for end-users. 

While we have the solution set up on our private cloud, you can also use a hybrid setup if that's better for your organization. 

I would advise new users to connect it with an endpoint manager and connect it with the cloud and then let the real magic happen.

I'd rate the solution an eight out of ten.

We use Microsoft Defender for Endpoint as an antivirus and antimalware solution. We also use it for endpoint management.

What I'd like included in the next release of Microsoft Defender for Endpoint is more integration with different platforms.

We've been using Microsoft Defender for Endpoint for four years.

Microsoft Defender for Endpoint is stable, except for occasional internet connection issues, but it's stable.

We contact the technical support team for this solution whenever we have an issue, and once you open a ticket, they respond as quickly as possible, though it would still depend on the severity level that you define.

The initial setup for Microsoft Defender for Endpoint was straightforward. It wasn't complicated.

We pay for our Microsoft Defender for Endpoint subscription yearly.

We've been working with various Microsoft solutions, e.g. Microsoft Defender for Endpoint, Microsoft Azure, etc.

Microsoft Defender for Endpoint has been awesome, so far.

I wasn't around during the setup of the solution, so I have no idea on how long setting it up took.

We have 6,000 end users of Microsoft Defender for Endpoint within the company, and it's being used on workstations, servers, and mobile devices.

I'm rating Microsoft Defender for Endpoint nine out of ten. I found it to be a good product. It's a fine product.

We use Microsoft Defender for Endpoint for network and endpoint protection.

Microsoft Defender for Endpoint could improve by making the reporting better.

I have been using Microsoft Defender for Endpoint for approximately three years.

Microsoft Defender for Endpoint is stable in my usage.

I have found Microsoft Defender for Endpoint to be scalable.

We have approximately 700 people using this solution and we plan to increase usage.

The technical support from Microsoft is very good. We are part of the Microsoft Suite, and from being part of this we have consistent news regarding Microsoft Defender for Endpoint.

I have previously used ESET.

The initial setup of Microsoft Defender for Endpoint was straightforward. 

We have two engineers that do the implementation and maintenance of Microsoft Defender for Endpoint.

Microsoft Defender for Endpoint has improved a lot over the years and it is a lot better now.

I would recommend this solution to others.

I rate Microsoft Defender for Endpoint an eight out of ten.

Defender is basically a protective seal that is used to protect your Windows applications. Whenever you enable it your system is safe. You feel safe and your data and your security are verified by Defender and protected by the Defender seal. 

Defender is a part of Windows; you just need to enable it. There is no need to install anything. 

It's quite good for security. We are using Windows 11 and Windows 10. In Windows 11, Defender is very, very strong. They built in good features, good seals. Earlier, ransomware protection was not there. However, now, new ransomware protection is also available in Defender.

The solution is stable.

The solution could always be more secure. 

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze.

The scalability is totally based on your OS operating system as it's a part of the OS. You can't define it in a different way. If your Windows platform is working fine and is of a certain size, then you can say that it's quite good and it will cover that.

We have 200 to 300 people using the solution. Some of our employees use Windows and have Defender. Others use Mac devices. 

We've used technical support in the past and don't have anything negative to say about their services.

There isn't really an installation process. It's already a part of Windows and just needs to be activated. You can install Windows in home or business devices and have Defender at your fingertips immediately.

While you don't need a technical team to install it per se, every organization has an IT team that likely would be able to install Windows and everything else. We have a 40-plus IT team. Everybody has a defined role. 

We handled the implementation in-house using our IT team.

The solution is included with Microsoft Office 365 subscriptions.

New users who are leveraging Microsoft can decide if they want to use Defender. It's already there - you can either activate it or not, depending on your preference. It's nice that you have a choice. Many companies find Defender is enough for them, however, if you want more security, you may be able to add other firewalls or security features to your existing infrastructure.

I'd rate the solution at a seven out of ten.

It is an Endpoint Detection and Response system (EDR), and it seems the new term is XDR. We use it for anti-malware protection. It protects from a virus, worm, ransomware, and other similar things. 

It can automatically scan and remediate stuff without an administrator doing anything. We use it for threat and vulnerability management. There are components in there that will tell us about any vulnerable software running on endpoints. There are a whole bunch of other things too.

It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool. 

It has got some awesome threat hunting capabilities. It can search for malicious activity that could indicate that an asset is being compromised, but it is not something to which you would have necessarily got alerted.

We're fully Microsoft, it integrates with other Microsoft security products very well. Its interface is also fine.

It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years.

I have been using this solution for nearly four years.

It can get a little laggy sometimes, but overall, it's fine when investigating events.

It is easy to scale.

There are different levels of technical support that you can purchase from Microsoft. We don't have the top level, but we used to have the top level, and that was good. I would rate them a five out of five. They've got a dedicated team specifically looking at threats for all their customers. 

I was not involved in its setup. I am only a user of the solution, but I'm pretty sure it's pretty straightforward. It's just deployed by Intune or a partial script or something like that.

It was implemented internally. In terms of maintenance, it generally doesn't require any maintenance. There are some policy configuration changes that we can tweak, but the signatures, behavior analysis, and all similar things in the engine are kept up to date by them. We have four people who are dealing with this product.

Licensing models of Microsoft are renowned for being complex. We just purchased the whole E5 stack. With E5 licenses for users, we get access to a bunch of features that are not just related to security. I would rate them a three out of five in terms of pricing.

One of the things that I like to constantly do is assess other vendors in the same space. We get vendor demonstrations, and for the most of it, it seems like Defender is well truly up there with the other best players in the market. I've never done a proof of concept with any other tool, so I can't really compare it with others. Most of the time, vendor demonstrations are all about glitz and glam to sell their product and show how much better they are than competitors.

I would advise doing your due diligence. This is more than just an endpoint security solution, and sometimes, you've got to think of your technology stacks before applying or purchasing certain security solutions and see if they're applicable to your environment. 

I would rate it an eight out of 10. No endpoint solution is ever going to be able to be perfectly good at stopping all types of threats. No endpoint solution would ever get a 10 in my point of view. 

Microsoft Defender for Endpoint can be used for system protection. For example, anti-virus, malware, and EDR.

The most valuable feature of Microsoft Defender for Endpoint is that it is embedded into the Windows system. Additionally, the performance is good and simple to maintain.

Microsoft Defender for Endpoint is secure but when it comes to security all solutions could improve security.

I have been using Microsoft Defender for Endpoint for a couple of years.

Microsoft Defender for Endpoint has been stable in our usage.

We have more than 5,000 users using this solution.

We are quite satisfied with the support.

We use many solutions in our company, such as Panda, Trend Micro, McAfee, Microsoft, and FireEye.

There is no installation required.

We have a five-person technical team that supports this solution.

The solutions price could be cheaper.

I recommend this solution to others.

I rate Microsoft Defender for Endpoint an eight out of ten.

The solution is used for endpoint detection and response, however, it also has vulnerability management. I don't use that as much as the endpoint detection and response. I use it in combination with Cloud App Security and Endpoint Manager.

The most valuable feature is the fact that, if you have the M365 E5, it's included and everything is in the bundle. 

It's a very solid security system and the advanced hunting and everything really lets you dive deep into things.

Overall, they're doing a much better job. However, recently, they added the Azure Defender. When you use the Azure Defender licenses, you're already enrolled. 

I prefer that they had the old interface that was not combined with compliance, and still, they've changed that to make it better. I would just like them to have more consistency, and that's a comment that's across the board with Microsoft. They change things a lot.

I probably started diving into Microsoft Defender about two years ago.

Stability-wise, I have not had another product that has been as stable and has had fewer issues. It's amazing.

The solution is scalable. For example, I helped a 12,000-person company put it in and automated it without any issue.

In terms of technical support, I have not had to call them related to anything on Defender for Endpoint. I'm a CSP, so I'm calling and I'm getting different assistance than, say, a home user. That said, at the same time, it really depends on if you're getting level one or level three support.

The initial setup is very straightforward. There's a lot of people putting it in that don't understand it, however. They're not using device groups and auto-remediation settings.

I do a lot of security reviews as well, and what I find is that, although it works well out of the box, there are missing components. Another thing is that people will basically use the product, and yet, not set up the integrations with Cloud App Security and Endpoint Manager. When they do that, they're not getting the full functionality of it. I, on the other hand, know the system, so I see people often having trouble with it. If people are trained or go through training, they would be able to get the full functionality out of it.

I can't give numbers, however, for the price, when you're increasing from an E3 to an E5 license, the amount of features you get eliminates a lot of other systems. Therefore, you do get a pretty good ROI. On top of that, you only have one management system and one reporting system. Overall, the numbers have been quite impressive.

I don't know the standalone costs. It is my understanding that the M365 E5 is $56 a month or something close to that pricing. That would be for the full suite. Just Defender might be $8 a month. I can't say for sure.

I'm a consultant. I primarily work with Microsoft and I do the threat management and check vulnerabilities on the database. I'm looking for something that is not super expensive yet covers vulnerability management and where you can pick the products, and pick alerts, and you get a weekly digest report, just so that we can better manage everything.

I work with pretty much all of the 365 products. I'm pretty widely experienced in Defender. I work for a managed service provider. I'm one of the people that's, besides having my Microsoft Azure architecture, Azure security, Microsoft 365 expert level, plus M365 security knowledge. I focus on Azure and M365 security.

For Microsoft Defender, the product is cloud-based, therefore it is managed and it's updated constantly.

I would advise users to take advantage of Microsoft integrations. I would suggest that they put it all together, so they can use it as a full bundle.

I'd rate the solution at a ten out of ten.

We use it for endpoint security.

When looking at the ecosystem as a whole, security-wise, Microsoft provides a complete solution with the E5 Security suite. Microsoft has a big advantage because Defender knows how to interact with the CASB and all the other security components that you have. Overall, that makes the management of the environment much easier. It's easier to understand what's going on, to become aware of risks, and to take action.

• Defender has very little impact on the end-user.
• The agent works quite well with a minimal impact on the client and server.
• It's very easy to deploy it.

We did a trial of Microsoft Defender for Endpoint for about three months, and now we are in the process of rolling it out.

We have about 4,300 users of Defender and it took two days to have it fully deployed. With Cortex it took some time. With Cortex, we had some 500 clients that we had to investigate because for some reason they did not get the agent immediately and we had to do some tweaking to get it to all the end-users.

We used consultants for the deployment of both Cortex and Defender.

We gave Palo Alto Cortex XDR a try and we are now in the process of removing it and going to Microsoft Defender for Endpoint. I have experience with both of them.

Cortex has quite good management capabilities that give IT organizations quite a good picture of attempted cyber attacks. It has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex.

The onboarding process with Defender is much easier. In two days we were able to deploy it to our whole organization. Cortex is much more cumbersome. But the onboarding process is not the issue. A more important difference is that once you have security risks that you would like to mitigate, Cortex more easily gives you information regarding the threats. Microsoft gives you exactly the same information, but you have to know how to dig a bit more and do some manual steps that, with Cortex, are more straightforward.

The main issue that we had with Cortex, and the reason we decided to roll back and go to Defender, is that Cortex has a horrible impact on the performance of the system. For an enterprise-level organization, it kills the system. Users were complaining that when moving between emails in Outlook it would take a lot of time, creating a lot of delays and timeouts. Web browsing and every action on their computers took much more time than usual with Cortex.

I would rate Defender a nine out of 10, while Cortex XDR is a five out of 10.