Microsoft Defender for Endpoint and Microsoft Intune serve different purposes. The first protects endpoints from cyber threats like viruses, malware, ransomware, and phishing attacks, and the second is a management console that helps you control and configure your devices.
To summarize, both are Microsoft products and offer seamless integration with other Microsoft tools. Microsoft Defender for Endpoint helps secure your devices from cyber threats and Microsoft Intune helps manage and configure various devices within your organization.
"The installation is straightforward."
"Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows."
"Microsoft Defender can block some viruses or malware. So, it can protect my files. It can save files on Office 365 OneDrive. I use encryption for some files, then I can recover them from OneDrive."
"The most important feature is the way it monitors the threats and blocks them. About 10 days ago, we were implementing SOC for a particular client. The SOC was not yet implemented, but they had Microsoft Defender. That organization was hit by some ransomware, but the hacker could not succeed. Because of the EDR, the hacker could not install the hacking tools. They were trying to do that, but Microsoft Defender completely blocked that. The hacker could log into the system, but they could not install anything."
"The most valuable feature is ransomware protection, which can detect malicious activity from IPs or a malicious payload in DLLs, or other things that can corrupt the system."
"We are a Microsoft shop, and Defender is a Microsoft solution that provides some security at a reasonable cost."
"The threat hunting service is very useful for a security professional."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"This product works very well for companies already using the full Microsoft suite."
"One of the best features is Windows Autopilot because if you change any of your devices, whatever security policies and compliance policies that applied can be easily migrated to the new devices. Windows Autopilot gives you that flexibility."
"We have found the solution is capable of scaling."
"Conditional access has helped us tailor and enforce our security policies in the mobile space."
"One of the main features of the solution is it allows the management of many devices in different ways."
"I like the group policy management feature, which performs application monitoring and device enrollment."
"The ability to (somewhat) manage full Windows 10 computers including EXE-based or MSI-based application deployments using Azure Active Directory as Identity."
"There has been a noticeable increase in productivity for both my organization and clients."
"Its detection is not as quick. There should also be more frequent updates."
"There's scanning going on that occasionally topples the memory, causing everything to freeze. This should be fixed."
"The price, in general, could always be a little bit cheaper."
"The time to generate certain alerts on our dashboard can take between 45 minutes to an hour, and I am unsure of the factors that influence this duration."
"In terms of improvement, they update the platform it seems quite a bit. Every month something is in a new spot or something changed somewhere. There should be less of that."
"Microsoft Defender for Endpoint can use more advertising to promote their features."
"A single dashboard would be a significant improvement."
"It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years."
"Onboarding of endpoint devices is not straightforward. The onboarding process was a little heavier than I thought it would be. That's the key improvement area. Obviously, the more control you have over the devices, the better it is."
"I expect Microsoft Intune to have more features in the cloud because there are two major functionalities that we need to be added. This is software metering and license management. These functionalities, for now, must be on-premise. For this purpose, we have set up a SQL Server and I hope that in near future this option will be in the cloud in Microsoft Intune."
"The reporting could be improved, as it's pretty poor compared to other products of this type."
"I would like to see easier pushdowns. Currently, we have to package our own software and then push it. Intune can make that way easier and integrate applications, such as Zoom and Adobe Acrobat, that are used by a lot of enterprise or corporate organizations."
"They need to integrate more with security options."
"The most important thing is reporting. They should improve their reporting. They should give a free hand to users. In SCCM, I can create my own reports. For example, in SCCM, I can create an inventory report for my PC or for all PCs, but in Intune, we don't have an option to create any report. Microsoft claims that Intune is a successor of SCCM, but SCCM is more powerful than Intune. So, they should develop Intune more and make it equivalent to SCCM. Then, their product will be great in the market."
"In future releases, I would like to see better integration with Apple products."
"Once it's configured it is unobtrusive, but it does take some hands-on to configure and deploy it properly."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 6th in Microsoft Security Suite with 182 reviews while Microsoft Intune is ranked 3rd in Microsoft Security Suite with 164 reviews. Microsoft Defender for Endpoint is rated 8.0, while Microsoft Intune is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Check Point Harmony Endpoint, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, SOTI MobiControl and Cisco Meraki Systems Manager (MDM+EMM). See our Microsoft Defender for Endpoint vs. Microsoft Intune report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
In recent years Microsoft has really upped its game with Defender and Intune. As core cyber-security for an SME, keeping just to Microsoft is now a real option. The challenge is understanding the gaps / cyber security service weaknesses (if they exist) in comparison with other vendors such as ESET, Malwarebytes, Trend Micro, etc.
Azure AD Services, Defender for Endpoint, and Intune are all Microsoft products, but it is important to understand how each product works as they may not be compatible and there may be some limitations.
Devices managed through Intune may not have all of the Defender for Endpoint features. Some advanced features such as automated investigation and remediation may only be available for devices that are enrolled in Defender for Endpoint standalone.
In addition, Azure AD and Intune have different requirements for device enrollment and management. Intune requires devices to be enrolled and managed through an MDM solution, while Azure AD provides basic device management capabilities but may not support all of the features available in Intune.
Lastly, there may be limitations to how user identities and access are managed between Azure AD and Intune. Some features that are available in Azure AD, such as conditional access policies, may not suit Intune, and additional configuration may be required to ensure that user identities and access are properly managed across both services.
If anyone out there has other experiences, please let me know!
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.
1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.
2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.
3. You can still use autopilot using both of these approaches.
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.
There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...
But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations.
Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...