We performed a comparison between Microsoft Defender for Endpoint and Trend Micro Apex One based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Trend Micro Apex One has a slight edge in this comparison due to its being the less expensive solution.
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Ability to get forensics details and also memory exfiltration."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet is very user-friendly for customers."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The product's initial setup phase is very easy."
"Microsoft Defender can block some viruses or malware. So, it can protect my files. It can save files on Office 365 OneDrive. I use encryption for some files, then I can recover them from OneDrive."
"Defender is stable. The performance is good."
"It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool."
"It's absolutely free to use."
"The EDR feature is most valuable."
"It shows us the risky sign-ins, and if a user's password has been compromised."
"We are a Microsoft shop, and Defender is a Microsoft solution that provides some security at a reasonable cost."
"Within its class I think, it has a high and decent detection rate."
"The most valuable features are reporting and where we have the ability to report back and provide information when an item is quarantined or not quarantined."
"The AI and machine learning feature is the most valuable because it helps mitigate threats based on an organization's behavioral patterns."
"It's made it easier for us to monitor the security environment in general."
"The web console is quite helpful, as is the visibility view for deployment. Updates do things like Device Control Management, which I can control."
"Some of the valuable features of Trend Micro Apex One are DLP, encryption, and patch management."
"Technical support is quite knowledgeable and helpful."
"The general anti-virus on offer is the solution's most valuable aspect."
"The most valuable feature is Vulnerability Protection."
"The SIEM could be improved."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution should address emerging threats like SQL injection."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Microsoft Defender for Endpoint's licensing is confusing. It has conflicting information on the website. We also faced integration issues with other systems. It makes laptops slower than traditional antivirus systems."
"Defender's cloud integration could be improved."
"The pricing could be a bit better."
"It makes your Surface devices hot. It is resource-intensive. It strains your CPU, not more than other file scanners around, but it also does a lot more. When you are transmitting files or data, it is continuously scanning the traffic and analyzing it bit by bit to see what's going on, and that, of course, is costly in terms of CPU. It is CPU intensive, and if you are on battery, it drains your battery fast. That's the only drawback that it has."
"The initial setup can be a bit complex."
"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"I think Microsoft needs to improve some of the security aspects of Defender. The email part, in particular, needs to be improved in terms of security effectiveness."
"Notifications are always popping up — I hate that."
"Could channel video more efficiently."
"The only thing that I would like to see changed or improved in the next release is when it reports C&C callbacks, to make it easier to trace, to see what's doing that, whether it's a program checking for updates or a malicious program."
"The technical support should be more proactive."
"Some of the updates still require a complete reboot of the system."
"Apex One has some room for improvement on the agent side. I want to get more from the logs and those kinds of things. I want to see whether the agent has the proper updates or any issues with the machine itself."
"The menus can be more user-friendly or easier. For example, if we want to enable access to the USB ports, it should be more user-friendly. It is not easy. We need to navigate through several menus to be able to give access."
"The reporting can be improved. We'd like to have had broader insights as to what was happening on a machine."
"The performance could always be improved."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Trend Micro Apex One is ranked 6th in Endpoint Protection Platform (EPP) with 124 reviews. Microsoft Defender for Endpoint is rated 8.0, while Trend Micro Apex One is rated 8.2. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trend Micro Apex One writes "Good monitoring and server protection with helpful machine learning". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon and SentinelOne Singularity Complete, whereas Trend Micro Apex One is most compared with Trend Micro Deep Security, Cortex XDR by Palo Alto Networks, Trend Micro Smart Protection, CrowdStrike Falcon and SentinelOne Singularity Complete. See our Microsoft Defender for Endpoint vs. Trend Micro Apex One report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.