Microsoft Defender for Endpoint Reviews

I have used Windows Defender to protect my computer from viruses or harmful websites on either flash drives and other removable devices when I am online which tend to attack my computer and corrupt it causing inefficiencies in my computer working processes. 

I usually check from time to time if the hard disks of my computer has been infected and remove the files that are harmful to my systems. Another purpose of this tool is blocking and filtering sites that are harmful or appear threatening to my system.

Windows Defender has improved my organisation's security in many ways which ensure that my systems are being safeguarded. Since we are mostly online doing our projects and research, we tend to enter into harmful sites that may damage our computers. But Windows Defender does great work in blocking and warning you of those sites. Another advantageous part is that when removable devices are connected to our systems they are scanned for viruses and cleaned immediately. Hence, it ensures no viruses from external devices enter into our systems. It automatically scans and checks for viruses on the hard drive from time to time ensuring good security in our systems.

I have used the solution for more than five years and the solution has greatly influenced my work. It gives good results in protecting my systems and data.

Automatic scanning and cleaning of viruses is the best and most valuable feature helping this tool to thrive. If any viruses are found, they are cleaned automatically.

Another feature is the ability to filter sites and block harmful ones, which makes it to enter sites with full protection. This ensures no harmful Trojans can be sent into our systems through those sites and are always blocked when detected.

Another great feature is the ability to warn the system user, making it easier to know when a virus has been found on our system.

It is easy to use and has a lot functionality to make systems safeguarded in the right manner.

The product should keep updating its software as to counter incoming threats since threats are becoming more advance with time. The product should be strong in all parts.

I would recommend if the product continues to be updated that the way it updates is faster for downloading and updating in our system. The stability is good and should continue to perform well in that way. 

With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras.

I have used the product more than five years. It is a great tool.

The solution is very stable. It has good features that make it efficient in the security aspects of our systems.

The product has performed very well in my computers. I don't have any complains about its functionality.

I have never used any solution apart from Windows Defender when safeguarding my systems.

The solution comes pre-installed in the Windows Operating System so you do not have to install it manually. You are required to connect to the Internet and update the solution to the latest version.

I am just an end user of the solution.

I hired a technical guy to keep the solution up-to-date since it could be more stable and work more efficiently.

I invested in Windows Defender since it has good functionalities. 

The product is free of charge and comes integrated into Windows. 

I chose Windows Defender for system safety, its ease of use, and the continuous update of the product.

Windows is a great tool that I have used. It has helped my organisation in achieving what it does daily and protected our data in a great way.

I would recommend every user who has a computer or laptop to consider using Windows Defender since it is the best tool to safeguard your system from malware and attacks.

We primarily use the solution to save our data from getting lost in the case of network attacks or viruses.

The most valuable feature is that we can use the solution right out of the box without too much configuration.

There's scanning going on that occasionally topples the memory, causing everything to freeze. This should be fixed.

In future releases, it would be helpful if they included something that can control any handset viruses.

We are using the on-premises deployment solution.

I would rate the solution seven out of ten.

Our primary use case of this solution is to defend from viruses. 

The most valuable features are that it's easy to use and the updates are very simple.

I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number. 

I would like to be able to customize my protection on the dashboard. 

It's a good product but it is limited in some cases. I had a bad experience because a few weeks ago I was in Seoul in Korea and with my Dropbox, my children did some things on my computer at home and I got ransomware to Defender and it corrupted my whole Dropbox. The stability can use improvement. 

It's easy to document new people. With the dashboard, I can set up rules to protect myself from any IP address coming from an external network.

We use this solution daily. We don't have plans to increase the usage. 

We have around ten to twelve users. They are only users, not admins. We only require one admin. A guy sometimes comes to set up a desktop and do the configuration.

We have never needed to contact their technical support. 

The cost is per-user. We pay more for an Enterprise license.

I would say this is a good product. It's very intuitive, easy to use, and very good for people who don't have much experience in security.

This a very good product because every time there is an update it corrects any issues. It can help an enterprise go up.

I would rate it a nine out of ten. 

I primarily use it for myself and my businesses as a protection solution.

The most valuable feature is the protection given via the antivirus.

The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices.

The solution is stable.

The solution is easily scalable. I'm always trying to increase the usage to maximize the capabilities of the product offering. As soon as new capabilities appear I will expand usage to include them. In terms of physical expansion to other devices, I already have the solution on all of my devices.

I've never needed to contact technical support.

I did previously use a different solution, but it was more convenient to work with Defender. I wanted to use the same provider. I'm using the Microsoft operating system and Microsoft applications. It seemed to be a logical step. 

Defender is integrated into the operating system. It's integrated with everything. You don't have to spend time analyzing what you have to do to be sure that the integration is okay between the security tool and all the other apps. This, from my point of view, is the main advantage.

Initially, a few years ago, the setup was not so easy. Now, with Windows 10, it's automatic. It's already within the system, so now we don't have to worry. Initially, before Windows 10, we had to install it. It was not so complicated, but a bit more complicated than now where you don't have to do anything at all. Originally, the deployment took about 10-15 minutes. You only need one person for deployment and maintenance. With the 2000 version, maintenance is almost nonexistent. You just follow up and approve the updates. It's a fraction of the time.

I implemented the solution myself.

You have a standard licensing fee. As far as I know, there are no other costs above and beyond this.

We are using the public cloud deployment model of the solution.

I would recommend the solution. I would rate it ten out of ten.

I find the layer protection and real-time protection very useful because when I launch a program, I always have a notification and an alarm. Sometimes I am on a program on Windows Defender and sometimes on Kaspersky and it shows up on whatever I am using. I like the real-time protection features. Windows Defender will detect if there's a threat like a Trojan or something like that but Kaspersky lets it run normally.

This solution is not perfect. Sometimes it detects something and it's not a threat. The good news is that you can restore something and analyze it better and you can restore the file and copy it or disable the defender and run it again.

The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened.

The solution is stable but sometimes when you do a security update when it starts, you see the hinge process in Task Manager. It also sometimes corrupts the PC. You need to either start it or recalibrate. If the installation happened without it starting, like patching without starting, it's better.

With Windows Defender, it will want to do these updates so that when you install an update it has to be done with a Windows update and then you can start. If you can manage it easily in a natural phase like updating security, ejecting and installing, it's better. Like checking a box.

I'm not sure about scalability. I think if you have an enterprise license and more features in an enterprise package it will be good. We have about 200 users.

I haven't personally used technical support.

The initial setup was easy. It's easy to install and maintain.

The majority of the updates are really good. 

I would rate this solution eight out of 10.

Our primary use for the solution is threat detection and response.

It's basically for security implementation, response planning capabilities and other security functions. Obviously, auditing, HR, requirements, legals, auditing, banking, and financial services all require a lot of the data that are generated and reported out of the platform.

The features that are most valuable for us are cloud analytics from the APT (Advanced Threat Protection) engine or quarantine, deletion, and removal. Basically, they work by web engine. Simply, it is proactive in resolving potential issues.

There are certain features that do have room for improvement. I think with the analytics engine they're looking at it from the desktop and the server perspective. I think the desktop engine should also include the script analytics — what executed, what's the power shelf or UI commands, or some form of Splunk regex. I know we don't have that functionality with a run-time analytics platform, but it's a JS (JavaScript) based one. So it would be good if they had a regex to JS converter.

The biggest problem is they need to take things out of preview. I know that they're developing on the platform service with the analytics engine, but so many services still rate it as a preview after 12 to 18 months, which is stopping adoption with businesses knowing that that solution could be filled and redirected at any time. So that delay is limiting technology to be able to be updated because they don't have to release all production support.

In the last 12 months, we've moved up to the Gartner Magic Quadrant report as a leading form of threat analysis. Obviously, the more clients that migrate to Cloud Services the more analytics platforms are picking it up. There are auto-resolutions and it's getting more cross-correlations between tendency. So we're getting a lot more APT (Applied Predictive Technologies) and IOC (Indicators of Compromise) data through which you can get a better response, better response times, automatic remediation tasks, reduce the amount of the alerts and false positives — that sort of thing. It's all really useful. It's scaling out on its own.

We get direct support. They're literally across the road from us. We've got multiple Microsoft engineers assigned to our contract as well, so we deal directly with their engineering teams.

The setup was simple and straightforward.

Here we SCOM (System Center Operations Manager) SCCM (System Center Configuration Manager) deployment for pushing out the agent's, done the deployment for the AIP (Azure Information Protection) scanners and load that unified data locally.

We consulted with Microsoft, but we're a full IT workhouse so we have qualified engineers that were coming off a three-year capability program to deliver all of those services.

As far as the amount of staff we use to support the solution, we have a lot of managed providers and different international SOC (Security Operations Center) teams and different agencies that manage a lot of the services. I would say that globally we would have probably about close to a hundred engineers working on the solutions full-time with cloud app development and Kubernetis and things like that.

We compared extensively between multiple services, everything from Azure, cloud service providers, identity providers, platform SaaS providers — we did all that before we sort of consolidated on certain technologies in different areas.

We're utilizing a lot of the services. There will be some future state planning goals, but we're taking a risk-averse assessment on the product. We're more controlled about how things like our customer member data protections, cryptography and those types of things are working. So we're doing still doing a little bit of assessment. I know it's got the ASD clearance rating and certain services, but that's based off the tenancy agreements.

I'd say the product rates about an eight out of ten as it currently stands.

You have to implement the product — there's no choice. You can't use the exchange online protection or the advanced analytics or obscure identity IP protection without the APT being installed on the endpoint. Otherwise you're not getting into threat intelligence or the actions. You're not going to get the full response plan or activities that occurred. You cannot deploy without APT being installed on the desktops and have a full, defined solution for unified labeling. That has to be deployed and tested for unstructured data for at least six months with the AIP (Azure Information Protection) scan that's deployed with APT.

The solution is really fast. I have never experienced any viruses since I've been using it.

I think the console can be better.

The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified.

I think the solution is complicated. This one is one of the concerns that I like to talk about because some end-users do not know how to navigate through the console and how to work with them. I think this is not such a big deal, but I know that there will be other things that may be important to us like, how we can centrally manage users and reports are really important for us. For example, in Kaspersky, we had a problem where we couldn't detect the attacks that we had in some of our zones in our data center. I think if Microsoft Windows Defender can report these things, it's going to be great.

It's really stable. I've used a lot of products, like ESET and Kaspersky. None of them are comparable with this one. This one is much better.

To scale the solution, I think you need more licenses but I'm not sure. We have 100 to 1,000 users. We just use it for some end users, not for all the users. The users are mainly end-users and a few admins. We plan to increase users annually.

We used other solutions, like ESET and Kaspersky. We had to change at first due to user complaints, especially about Kaspersky, because it used a lot of the resources. So we switched to ESET but after some time we just switched to Windows Defender. 

The initial setup was really easy, a no brainer.

I installed the solution on my own.

I would recommend the solution because I can confidently tell everyone that this product is working very well and it's stable. You are always sure that they are able to deal with a virus or something else that may interrupt your work.

I would rate this solution nine out of 10.

We use this as our antivirus solution.

Within its class I think, it has a high and decent detection rate.

There were a few detections that are not picked up, and then Microsoft picks up on that and they update it. That's just a normal thing you go through based on every antivirus solution. You're always going to have viruses and signatures that are coming out.

So, I wouldn't say it's the perfect solution because if you're looking at next-generation behavioral based things, for example, if you're going to use ATP, that's when you can get more methods out of it. With Defender, if you pay more you can get the ATP component, which is sold separately by Microsoft.

We do have some challenges in the reporting aspect of it. 

There's a lot of manual effort involved to configure what we need.

There are also a few issues with policies.

Defender by itself is not a solution. Defender is basically a functionality.

We have some issues with reporting, but I think it's just the way we've integrated right now, again not using ATP. So, we just use STC MS management. Then it's limited in terms of reporting.

From an operator's perspective, I think there are some policy detection issues where you've got a detection for a signature but how it translates into the FCCM dashboard where it doesn't really categorize that particular model. It picks something up as bad but it's just unknown.

So, I think that's a known issue with this particular thing. Because it doesn't know what it is classified as it doesn't really do anything. For it to do something, the policy has to recognize the category of that number. It could be a trojan horse or whatever it is, but it doesn't really do that. It could be what they call an autonomous detection where the system categorizes it as not recognized and hence it blocks it, but it's not going to let you delete it instantly. Usually, you can say if it's detected you want to block it, that's the first step. The second step is to be able to delete the file or quarantine the file. But it doesn't recognize that, so it doesn't know what it needs to do. Instead, it just blocks it. It only blocks it because it doesn't recognize it as being Malware.

I would rate this product a six out of ten.