We performed a comparison between Microsoft Defender for Endpoint and Symantec Endpoint Detection and Response based on our users’ reviews in four categories. After reading the collected data, you can find our conclusion below.
Comparison Results: Microsoft Defender for Endpoint is the industry leader for Endpoint Detection and Response (EDR) solutions. It is very well integrated and can handle almost anything. Users can control everything through a very intuitive central console. The solution works continuously and uses next-generation AI to keep every endpoint safe at all times. Symantec users say it can be a bit buggy and is complex to learn, making it less desirable.
"Fortinet is very user-friendly for customers."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The price is low and quite competitive with others."
"The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use."
"It automatically detects intrusion and malware."
"Defender is a part of Windows; you just need to enable it. There is no need to install anything."
"Defender for Endpoint is a robust solution that works well out-of-the-box."
"We are able to productively integrate with existing on-prem, hybrid, or cloud applications."
"The technical support from Microsoft is very good. We are part of the Microsoft Suite, and from being part of this we have consistent news regarding Microsoft Defender for Endpoint."
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"Microsoft Defender for Endpoint is a robust platform."
"The mobile application is valuable. You are able to see the reports of intrusions and the like on mobile devices. That is one of the coolest aspects."
"The solution is easy to use."
"Symantec is very user-friendly, the interface and functions are very simple for everyone to understand. Additionally, it's a very robust system."
"The scheduled scans and the active protection were the most valuable because it allowed me to have the systems protected in real-time and also be able to schedule scans so that as new definitions would update, machines could be scanned to make sure that everything was in tip-top shape and there was nothing lurking in the background."
"What I like most about Symantec is the intrusion detection module. If you are scanning the environment, it will flag a possible intruder and tell you the IP and where the attack is coming from. Traditional antivirus solutions will never flag that. If you have a traditional SIEM, you might be able to pick that up. Symantec is a holistic endpoint security solution, so when you scan an endpoint, Symantec will let you know that something is happening to it."
"The dashboard view and reporting are valuable. It is stable and easy to integrate, and it provides custom options."
"We are using it on 1,600 computers. All the systems and servers are protected with the Symantec solution. Our environment has an uptime of 99.9% because we never had any attack or issue related to viruses. There is zero downtime."
"It just works. We have a console, and I can see it at a glance. I don't have any problems with it at all."
"The dashboard isn't easy to access and manage."
"The solution is not stable."
"ZTNA can improve latency."
"We find the solution to be a bit expensive."
"The solution should address emerging threats like SQL injection."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Cannot be used on mobile devices with a secure connection."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"In the next release, I would like to see better management reporting."
"Sometimes, there are different skews. In a basic skew, they should have basic log analysis without the need to integrate with any third-party or SIEM solutions, like Sentinel. This would make it so much easier for users who don't have log collection or log analysis."
"The application control feature requires improvement."
"Microsoft Defender for Endpoint does not offer default templates for alerts, requiring us to configure everything ourselves to avoid numerous false positives."
"Right now, there's a portal for Azure, portals for Microsoft Office, and portals for endpoints. It would be good to have only one portal and integrate everything."
"In India at least, it seems to be a bit more expensive than other options."
"The time it takes to restore the application could be improved. It has a lot of dependencies. It's not like the Microsoft security that comes with the OS. Updating through the command prompt, most of the time, it takes some time to download some of these dependencies."
"In terms of the architecture of the management infrastructure, we found that other technologies are more simple. Microsoft Defender could be simpler too."
"In a few cases, when we enable the IPS/IDS feature, there are performance-related issues on the end devices. If we run quite a few features of Symantec, especially the IPS/IDF, it consumes a lot of processing and memory capacity."
"Symantec Endpoint Security can improve management because it is difficult to do. It is not a straightforward tool to use. Additionally, the dashboards and reports could be better. It is difficult to understand what exactly is your current status."
"It should support the next-generation IPS. Currently, it supports only IPS."
"The support from Symantec has been poor in my experience. They did not have the knowledge to help us with the issues we were facing."
"There is no local support for Symantec products in Hong Kong."
"Automation of tasks should be improved on SEPM. It is currently manual, and we should be able to automate installation and deployment from the client side."
"They provide the updates of the client, and those clients need a reboot after the upgrade, which is something we don't like. We don't like to reboot the server after the upgrade because we have live applications. If we do a reboot, it can impact the business as well."
"Symantec's application security module needs some improvement. You need to create a lot of fingerprints for application security. For instance, let's say I have different brands of ATMs in my environment, like Wincor and NCR. I use GRG to deploy an application control to whitelist some applications. I have to get the exact image of the different models of ATMs. When I tested in the past, some machines would not connect to the server without that."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in EPP (Endpoint Protection for Business) with 96 reviews while Symantec Endpoint Security is ranked 6th in EPP (Endpoint Protection for Business) with 38 reviews. Microsoft Defender for Endpoint is rated 8.2, while Symantec Endpoint Security is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "You can access all your security data and telemetry from a single pane of glass". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks, whereas Symantec Endpoint Security is most compared with CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Symantec Endpoint Security Enterprise. See our Microsoft Defender for Endpoint vs. Symantec Endpoint Security report.
See our list of best EPP (Endpoint Protection for Business) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.