Microsoft Defender for Endpoint Reviews

We are a system integrator and I specialize in practically everything that is security-related. This is a product that we sell as part of Office 365, and rarely as a standalone solution.

Usually, if we have a customer with Office 365 and they need this type of solution then we increase the subscription to a point where it is included.

From the user's point of view, this is classic anti-virus software. From a management point of view, this product gives better control over endpoint devices because some processes can be stopped remotely. If you have a person that is watching over the system then they have a higher level of control over endpoints.

This is a cloud-based product so it is always updated by the end-user.

They have to improve the email scanning where email is coming from somewhere other than our private network. The scanning is slow when it is working with incoming emails. Often, I can see the email but the scanning process is not finished and I cannot open the attachment. In general, the scanning has to be faster.

This solution looks stable. Provided that Windows 10 is updated, everything is okay.

I have not been in contact with technical support in regards to this product. However, technical support for Microsoft products is always of bad quality. In my experience, if you cannot find the solution yourself then you will have a huge problem because it is not an easy task to have them understand and support you.

You can lose a lot of time explaining the problem before you receive something that works.

My advice to is look for a good support library and try to find the solution yourself. This means that you don't need to contact support.

We have worked with many different security solutions. For example, we are selling a Security Operations Center as a service. We implement EDR, Privileged Access Management, Identity Management, anti-fraud solutions, web application firewalls, database security, and more. We are working with practically everything in cybersecurity.

We are working with between 10 and 15 different vendors. Sometimes, this is too many, but it is useful to have information about each product, its quality, and how it compares to others. Two products that we are working with now are Cisco AMP and Carbon Black.

There is a free version of Windows Defender, although the paid version has EDR functionality. We sell this product as part of Office 365 and it is not expensive.

I have never touched this product. I'm just selling it, and I don't recommend it to anybody as a standalone solution.

I would rate this solution a five out of ten.

We are using this solution for threat detection.

It shows us the risky sign-ins, and if a user's password has been compromised.

While have been using this solution for two years, I am not completely knowledgable. 

Due to license restrictions, we cannot use all of the features that are offered.

I am not sure if I will be using this product in the future because of the price.

I would like to see better pricing for this solution in the future.

I have been working with Microsoft Defender ATP for two years.

We are always using the latest version because it's on the cloud.

With what we have seen, it's a stable solution.

We are not using it widely because of the licensing limits.

We have three users only for Defender ATP, and if we are using the Microsoft ATA it applies to 500 users.

Technical support is good.

We did not use another solution previous to Microsoft Defender ATP.

The initial setup is straightforward. It's included with the Windows 10 Operating System.

There is no time taken for deployment as it is included with the operating system.

We completed the installation ourselves.

We have 15 administrators to deploy and maintain this solution.

Microsoft Defender ATP is expensive.

Because of my lack of knowledge or experience with the solutions full capacity, I cannot recommend this solution or offer any advice.

I would rate this solution a five out of ten.

This is an endpoint security product. It helps detect and prevent attacks and is very good when it comes to vulnerability assessment. It automatically detects attacks. It provides support for all the end devices, whether it is a Mac OS, Windows, mobiles, Android and iOS, it has support for all. I mostly deal with smaller and medium sized companies, I don't deal much with enterprises. I'm a customer of Microsoft and I work as a solution architect.

The product is very good when it comes to vulnerability assessment. It's a Microsoft flagship product and it integrates with Office 365. If my customers are using Office 365 or Azure or a Windows server, it helps to use Defender. Other products like Symantec or McAfee don't have that kind of integration with Microsoft products. In terms of identifying the attacks, it's far superior to Symantec. 

The GUI is very complex, particularly for normal users who work on it. It could be more user friendly. For future improvements, I'd be looking at internet security which we don't have as Microsoft does not distinguish whether a site is malicious or not. Kaspersky is very good at that but not Microsoft. It would be a big advantage for them if they were to include it. 

I've been using this solution for seven months. 

It's a stable product. Microsoft only recently entered this market and nobody believed that Microsoft antivirus would be good. They are now trying to prove everyone wrong in that sense by having a good security product. 

Scaling in or out is very easy. Scalability is really about licensing so you just have to request a registration license.

Ninety-nine percent of the time, I'm able to solve the problem. I do not have access to Microsoft support so if I go to their open support page and try to login a request, it takes up to 24 hours for the support agent to get back to me. It's pretty average. If you have the premium support or if you're a support partner of Microsoft, they respond back in one or two hours, something like that.

I tested the difference between Symantec and Defender by taking a malware from the internet and downloading it. Symantec allowed me to do it, even though it shouldn't have, but Defender, gave me notification and wouldn't allow me to do it. That said, Symantec is a very stable product that's been on the market for a long time. They have more expertise in endpoint protection than Microsoft. Symantec is not a cost-effective product for most customers. It's integrated with third party companies and is good in protecting endpoint. Because my customer base is companies that use Office 365 and Microsoft Azure so Microsoft integration with these products is very good.

The initial setup is very simple, you just have to attach it to the user's email address. Once the user logs in, it automatically downloads and starts working. I do the implementation.  In terms of maintenance, sometimes my engagement with the client is one time but sometimes, I do maintenance as well. This is a subscription-based, cloud-based product. They have to call me every year to renew. 

I would suggest that if you're already using Microsoft products, then I think it makes sense to go with Microsoft Defender over any other product.

I would rate this solution an eight out of 10. 

We are a consulting company and we use this product for endpoint protection across the company, as well as for our clients.

Windows Defender makes it easy to streamline the updates so we don't really worry about managing it.

The patch management is very easy, as it can be done automatically or added to a schedule. This will update all of the virus signatures.

We have a hook from our on-premises application to the cloud services for advanced threat protection, so the management is in the cloud. Centralized management allows us to schedule malware scans.

When you hook it up to the cloud's advanced threat protection, it gives you more than protection from ransomware. It covers different types of malware and allows you to see what malicious software is being executed on the machine.

The product allows you to manage your machine through it, similarly to the way SCCM does.

I would like to see better integration with their other security products to give better visibility from a higher level. Integrating with email, Azure, identity management, and other security applications, putting them all together, would be very good.

The first level of technical support is not very useful and it sometimes takes time to escalate to somebody more knowledgeable.

We have been using Microsoft Windows Defender for years.

This product is pretty stable.

We have had no issues with scalability. We deploy it anywhere from a small environment with a hundred users, to a large environment with 15,000 to 20,000 endpoints. The majority of our clients are small to medium-sized, with 3,000 to 4,000 users in the mid-range.

I would rate Microsoft's technical support an eight out of ten. At the first level, the support is very limited. You have to escalate it to the more senior team to get good value.

Some of our clients have used different products from vendors such as Symantec and McAfee, and they were not happy with them. We steered them towards Windows Defender and they switched because of the ATP hook to the cloud.

With other products, you have a management console, so you have to push the signature updates. We still do that now, but it's all in the cloud.

Both Symantec and McAfee come at an additional charge because they are not included in the operating system.

The initial setup is very straightforward.

We are using the version that is included with Windows 10. If you don't purchase the advanced threat protection then there is no additional charge.

My advice for anybody who is implementing Windows Defender is to purchase the ATP, which is in addition to the version that comes with Windows 10. This will allow you to really get the benefits and manage your organization's endpoints as a whole. This requires a presence in the Microsoft environment, such as a subscription to Office 365 or Azure.

I think that people should explore Windows Defender before looking at third-party products. While they are not a pioneer in anti-malware and anti-virus software, they are attacking it and they have a good budget. The advanced threat protection has a large cloud presence in Azure that we can take advantage of, and they update their product frequently. As soon as there is a new threat, they act on it right away.

I would rate this solution a nine out of ten.

I use Microsoft Defender for Endpoint to protect my computer when downloading files. Whether it's documents from my email or web browser, this is the first thing I use the solution for. It also provides protection against ransomware. Additionally, the monthly report indicates the number of infected files that were blocked during that month.

Microsoft Defender for Endpoint provides excellent visibility into known threats, thanks to their comprehensive database of malware information. 

Microsoft Defender for Endpoint helps us prioritize threats across our enterprise according to our needs. We focus on protecting against malware first, followed by email protection, and URLs.

Microsoft Defender for Endpoint has helped protect our organization against malware.

The ransomware and malware protection is the most valuable feature.

When there is a significant amount of malware, I believe that Microsoft Defender for Endpoint may not be as effective as other firewall solutions. I tested Microsoft Defender for Endpoint and found that it allowed me to download files infected with malware from certain sites, and its protection did not work as expected in that aspect of my work. I suspect this is because I use a GRAPH file with a password, and the solution only detects a file when it's related to clean files or open files. It doesn't seem to recognize encrypted log files that require a password for access.

Microsoft Defender for Endpoint does not assist in automating routine tasks or identifying high-value alerts. Therefore, we had to turn to other solutions like Cortex XDR by Palo Alto Networks. Additionally, Microsoft Defender for Endpoint lacks the capability to upload a list of IPs for blocking.

Microsoft Defender for Endpoint is effective for validating work, but not ideal for investigations. As a result, our experts have to dedicate more time when investigating threats using Microsoft Defender for Endpoint compared to other solutions.

The zero-day detection, as well as the sandboxing for unknown malware and URL detection, needs to be improved. These settings were not functional when we tested the solution.

I have been using Microsoft Defender for Endpoint for one year.

I give the stability an eight out of ten.

I give the scalability a ten out of ten.

The deployment is straightforward.

Microsoft Defender for Endpoint is more affordable compared to some other endpoint solutions.

We evaluated Cortex XDR by Palo Alto Networks and Fortinet. We found that Microsoft Defender for Endpoint was easier to deploy and offered a better price.

I would rate Microsoft Defender for Endpoint a seven out of ten. The solution is stable, easy to deploy, and scalable. However, threat detection could use some improvement.

Our organization is a cybersecurity company, and after using Microsoft Defender for Endpoint for one year, we found that it lacked features such as endpoint detection and response. Additionally, it was weak in certain areas, like detecting a set of malware and providing email protection. As a result, we started exploring other solutions, even though they may be more costly.

Microsoft Defender for Endpoint is a basic endpoint protection solution. If you do not combine it with another solution then you will leave yourself open to vulnerabilities. I used Microsoft Defender for Endpoint in conjunction with other solutions, such as Cylance.

Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed.

I have been using Microsoft Defender for Endpoint for a few years.

I have not called Microsoft technical support.

Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows.

The solution comes as part of Microsoft Windows. 

I wouldn't call Microsoft Defender for Endpoint a solution, I'd call it part of a solution. I don't think I would be going around recommending it.

I rate Microsoft Defender for Endpoint an eight out of ten.

Defender is an antivirus solution deployed on all Microsoft PCs. Thousands of employees at my company use it. 

Defender works in the background monitoring the traffic for viruses.  

Defender could be more secure and stable.

We've been using Microsoft Defender for a couple of years.

Setting up Defender is straightforward. My administrator takes care of all that. 

I rate Microsoft Defender eight out of 10. 

The stability has been good so far. 

If I compare its features to the other solutions in the market, it has some good features. It's comparable to others.

The solution can scale as needed. 

In India at least, it seems to be a bit more expensive than other options. 

I've just recently been introduced to the product. I haven't used it for very long. 

The stability has been fine. There are no bugs or glitches and it doesn't crash or freeze. 

The scalability has been great. If you need to expand, you can.

I have never needed to contact technical support. I can't speak to how helpful or responsive they are. 

The pricing is a bit high for the Indian market.

We are a partner and we consult clients on security solutions. It's one of the solutions we take to our clients.

For companies that are Microsoft shops, I would recommend the product. It saves a lot of integration requirements as compared to other solutions. It's a good product that does what it says it will do. 

I would rate the product a seven out of ten. There are improvement opportunities in terms of the overall tech and commercial aspects of the product. It needs to be more competitive and technical.