Microsoft Defender for Endpoint Reviews

Microsoft Defender for Endpoint is used for protection against threats.

The reporting in Microsoft Defender for Endpoint should improve. The solution has limited features.

I have been using Microsoft Defender for Endpoint for approximately three years.

Microsoft Defender for Endpoint is stable.

The scalability is good.

My team did the implementation of the solution.

This solution is part of an enterprise license we have.

There are a lot of other products on the market that have better features.

If you have a mid-sized organization, the solution works well. However, in a large size organization, there are challenges.

I rate Microsoft Defender for Endpoint a seven out of ten.

My primary use case is as an end-user solution. It helps protect the computer against viruses and malware. It has a firewall option and offers basic protection for an end-user and a home user. If you are a home user, it's a very good solution for you.

The most valuable feature is that it is easy to use; the solution is already there when you load Windows. It's effective against most types of infection, and the firewall is perfect for protection.

One area where the product could be improved is that I don't think it can be used all by itself, if you are working with a business. If you are using the laptop as a business, you need to add an extra protection with this solution.

The solution could be more friendly for end-users, with different type of scans or scheduled scans for it. The antivirus database update could be a cloud protection instead of waiting for the database to be updated every now and then.

I have been using the solution since it launched, around 2014.

The solution is stable and working fine for me. I haven't faced any problem with it.

The solution is scalable.

I haven't had a crash or problem with Microsoft Defender, so I haven't needed to contact the support.

The solution is a Windows feature, so it's already there when I launch the operating system.

The solution is free with Windows.

I would rate the solution a seven out of ten. As it's a free solution, it doesn't have a lot of features like paid versions. If you are a home user or don't have a paid version of any other antivirus, Defender will be fine for you.

Microsoft Defender for Endpoint is useful for the protection of your business information and threat prevention.

The deployment of Microsoft Defender for Endpoint on Windows 10 is not quite so straightforward. This could be made easier.

I have been using Microsoft Defender for Endpoint for four years. 

I am satisfied with the stability of Microsoft Defender for Endpoint. 

Microsoft Defender for Endpoint is scalable. Currently, we have 600,000 users in our organization.

I have never contacted the technical support. 

The company pays for the license so I do not know much about that. 

I would recommend Microsoft Defender for Endpoint.

In terms of the installation, ease of use, and user interface, Defender has been great so far.  

I think Microsoft needs to improve some of the security aspects of Defender. 
The email part, in particular, needs to be improved in terms of security effectiveness.

We started using Defender just this year. 

So far, we haven't had any issues, and we're using it for the server right now.

Installing Defender is straightforward. One person from our security team is enough to deploy and manage it. 

It's a yearly subscription.

I will rate Microsoft Defender eight out of 10 for now, but we need to evaluate it more, especially the virus detection, which still isn't proven. I think we need to evaluate it first. 
Yes. I wouldn't recommend it for end-users who already have a more capable antivirus solution. But if someone would like to try in a small environment, we can recommend Defender security.

Our primary use case of this solution is endpoint protection. In general, we use it to protect our devices, rather than using third-party software. 

This solution is deployed on-prem. 

The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use. 

Microsoft Defender could be improved with features more like the McAfee ePO. It would be better if I had a console to get all the information for my endpoints. Maybe this is too much for it, but it would be better if it could handle those non-signature-based malicious codes or viruses. In the future, more and more non-signature-based activities or viruses will appear, which you can see in the market with software like CrowdStrike or other products that target non-signature-based attacks. 

There are two groups: one is signature, which means that people know it, and the other is non-signature, which means that these are abnormal activities unknown to people. If Defender could also handle those non-signature-based attacks or abnormal activities, it would be better. 

I have been using Microsoft Defender for one or two years. 

This solution is quite stable. In our opinion, it's similar to those signature-based antivirus software, and almost at the same level. 

There are about five or six users of Microsoft Defender in my organization, because we are not very big. Other people and other teams like to have different end device software. 

We have a support contract with Microsoft, so we have a ticket system where we can pass questions to them. These things are handled by the help desk people, though, not me. 

It's not difficult to install Microsoft Defender. I don't remember how much time it took, but the process is easy. 

We pay a yearly license for Microsoft Defender. We also have a support contract with them. 

I wish that Microsoft Defender had a feature like McAfee's ePO, where I could have a console to get all the information for my endpoints. I also evaluated CrowdStrike because it can target non-signature-based attacks.  

I rate Microsoft Defender an eight out of ten. I would recommend it to others, but it depends on whether they have their own policy for deploying antivirus products. It's good for some users who have some preferences—who need to follow their security policy or who have some budgeting issues. 

We primarily use the solution for cloud security. It was used for threat detection and endpoint to endpoint.

The product can be used for organizations that use Microsoft as their primary security defender and need zero-day threat protection. It's good for companies that want to make sure there are no threats or attacks on their information.

It's one of the best antiviruses on the market.

The solution could be even more secure and provide an even higher level of security.

I've been using the solution for more than two months at this point.

We have a team of up to four or five people that use the solution.

I've never contacted technical support or worked with them on any issues. 

The installation is very straightforward and the deployment is quick as well. 

While I recall the deployment not taking too much time, I don't remember the exact amount, as it was already installed by my team here. It was likely less than ten minutes.

You only need roughly four people, at a maximum, to install the solution. You need one good manager and four or five engineers.

I can handle the installation process myself. 

In order to use the solution, a base subscription is required.

We are always using the latest version of the solution.

I'd rate the solution at an eight out of ten.

I would recommend the solution to other users and organizations.

It's used to protect endpoints and, for some customers, it is used to deploy Microsoft 365 suite features. Most of our clients are medium-sized businesses.

The most important and the most relevant features of Defender for Endpoint are the malware and ransomware protection.

I would like to see the next generation of the tool improved to work with other operating systems, like Linux.

I have had about a year's worth of experience with Microsoft Defender for Endpoint. I am a subject matter expert for a Microsoft partner in Colombia. We develop portfolios and solutions for our customers that need Microsoft products in their infrastructure. My role deals with the architecture of solutions.

I don't recall any issues with the solution.

It scales easily.

I haven't had to use technical support for the solution.

The setup depends on the customer, but it is generally simple.

Some customers have the licensing of the suite and have all infrastructure prepared for the installation and deployment. But in some cases, when customers haven't deployed the solution and don't have licenses, it can be expensive to start from scratch.

Customers haven't given us any feedback about difficulties with the solution. With its intelligence and tools over cloud infrastructure, it's a good product. We are developing some use cases and projects for customers with Microsoft Defender for Endpoint. It is good for us.

The solution is used to protect the endpoint. Also, there's an antivirus and then advanced threat protection. It's also detecting threats and sending that to the cloud and correlating that without the events from other parts of the EMS suites. That's primarily what we are using it for. It is also capable of doing some attack surface reduction that you can configure on the endpoint. It's basic protection plus surveillance. It's also an EDR, however, we are not using that.

It's always very difficult to measure, however, it integrates very well with the other Microsoft products. It's easy to handle them. That's an important point when you want to achieve a higher security level that it's easy to manage. You can be sure that it's up to date and it's managed and the alarms are taking care of and so on. It's not only the technical capabilities, that are important. How it plays together with the rest of your products is also key.

It's not really visible for the user - which is a benefit. 

We know it's pretty good in terms of detecting threats against our platform and attacks. We have seen that.

There's privileged escalation or lateral movements for attacks.

The solution is stable.

The scalability is good.

The dashboards could be better. There's a suite of different products that play together and enhance security and receive signals from different parts of the product suites. When you are trying to look into that sort of depth on a dashboard, or across various dashboards, it can be difficult to obtain a comprehensive overview as it's so divided.

The initial setup can be a bit complex. 

Beyond that, I'm not involved in the day-to-day operation. There may be others that can offer more insights.

We started using it when we started to migrate to Windows 10 and that was likely four years ago. However, that was the Microsoft basic version. Recently, we also enabled the ATP path.

It's my understanding that the solution is very stable. It's a pretty mature solution.

In terms of scalability, we have not encountered any issues. We have around 7,000 end points.

We don't have too many physical people dealing with the solution. We have some people in operations and then some architects and so on, however, they are not involved on a day-to-day basis.

The initial setup is somewhat complex, however, that's not only due to the product. It's also the environment that it is going to be implemented into. Also, when you have a company with a lot of legacy products and all the setups and so on there may be difficulties in terms of getting everything to work together.

The deployment can take up to a couple of months, however, it's dependant on the environment that it needs to be implemented into. For instance, if other kinds of agents are writing on the computer, you need to make sure that it is not consuming too much CPU capacity and so on. If you have a good system, it would be very quick to install.

We have a deployment plan and we have taken advice from Microsoft Learning from their onboarding Planning information. There isn't anything that is very special, as, when you roll out new software on an endpoint, you must make sure that it's not disturbing the day-to-day operation. You start with a small group of test users and then do it in bigger and bigger waves and always be ready to go back. It's good to have that preparedness so that you can roll back and you can investigate what's gone wrong and so on, however that's not special to a different endpoint. That's a normal deployment strategy.

It has been possible to reduce the use of other agents. Beyond that, we have not made any financial calculations in relation to ROI. We have been using McAfee, for example, among others, and it's been possible to scale down. Microsoft is more integrated, more comprehensive, and Defender is part of the Microsoft operating system.

We are customers and end-users.

This Microsoft security platform is very much a SAS platform. It's playing together with all the other security products from Microsoft and the company is using the Azure platform to collect the information and to work on the main refine security findings. It's working very well together with the Microsoft Cloud solution for security.

It's my understanding that they call it the security graph. It's quite important that they are communicating together. Windows Defender, ATP is delivering a lot of telemetry to that form and correlating it with telemetries.

The reason why we have implemented DHCP part is due to the fact that we bought a Microsoft E5 license with a lot of security enhancements.

I've only seen it in the implementation and design phase, however, it's pretty good. That said, it's also within the environment of a large company where the processes can be a bit difficult.

I'd advise users to integrate it into their security operations center so that they can have the full benefit of the product.

I'd rate the solution at an eight out of ten.