Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.
Microsoft Defender for Endpoint stands out for its comprehensive and integrated approach to endpoint security. It excels in automatic investigations, seamlessly gathers data, and integrates closely with the operating system, enhancing visibility into software inventories and registries. Its advanced hunting capabilities, alongside real-time and cloud-based threat detection, ensure robust protection. The platform operates efficiently in the background, offering an intuitive user experience and easy management through a centralized dashboard. Its ability to integrate with Azure, SIEM tools, and other Microsoft solutions, coupled with features like vulnerability management and threat intelligence, makes it a powerful tool for proactive threat detection, prevention, and overall cybersecurity management.
Feedback on Microsoft Defender for Endpoint highlights the need for a more intuitive Linux antivirus profiling, independent device control features, and enhanced application control interfaces. Users desire streamlined policy configuration, better stability, and more visibility into features, alongside improved customization and integration with third-party tools. The solution's frequent updates and design changes, along with its demand for expertise and resource-intensive nature, also draw criticism. Suggestions include more user-friendly documentation, simplified management, and improved support across all operating systems. Overall, there's a call for enhanced security capabilities, better usability, and more efficient data management.
Using Microsoft Defender for Endpoint has resulted in a positive return on investment for organizations. By consolidating all necessary components into a single solution, it eliminates the need for additional vendors and extra costs. The exact amount of money saved is difficult to measure, as it depends on the occurrence and impact of potential attacks. Over the years, organizations have witnessed a return on investment in terms of improved protection against threats.
Microsoft Defender for Endpoint offers a cost-effective security solution. There's typically no separate setup cost, as it's integrated into Microsoft 365 subscriptions. Pricing is based on subscription tiers, ranging from small businesses to large enterprises. Costs vary but are generally competitive, providing value across different organizational scales.
The primary use case of Microsoft Defender for Endpoint is as an enterprise security solution. It serves as an antivirus and EDR, providing integrated security with the operating system. The product is used to secure customers' networks and offers seamless integration with other Microsoft products, facilitating incident investigation and correlation with other security measures.
The solution is deployed to manage firewalls, provide endpoint security, and protect against virus and malware attacks. It is also used for managing compliance and consolidating security aspects into a centralized portal.
Microsoft Defender for Endpoint is deployed on various devices, including Windows 10 endpoints and servers, and is integrated with other Microsoft security products for coordinated detection and response across the environment. It offers visibility and protection for both on-premises and cloud-based environments, including multi-cloud solutions.
The solution is used for vulnerability scanning, threat prevention, and threat detection, and it provides a centralized console dashboard for monitoring and managing security operations. It is also utilized for endpoint detection and response (EDR), extended detection and response (XDR), and for protecting personal and business information.
Customer service and support of Microsoft Defender for Endpoint is mixed. Some customers have praised the technical support team, mentioning their knowledge and ability to escalate issues to higher levels of support. Promptness in transferring tickets to capable representatives and providing seamless resolutions have been appreciated.
However, there have also been instances of delays and tickets being routed to the wrong team, resulting in slower support. The level of support seems to vary depending on the support contract, with the premier support contract being more efficient.
The initial setup for Microsoft Defender for Endpoint varies depending on the client's environment. For some, it is straightforward and can be done in a few hours. In these cases, the deployment is done through scripts, GPO packages, or MDM solutions.
For larger organizations with complex networks and systems, the setup can be more complex and time-consuming. It may require the expertise of multiple consultants and take several months to complete.
The solution of Microsoft Defender for Endpoint has received positive feedback regarding its scalability. Users have mentioned that it can scale effectively regardless of the size of the environment. It is capable of being used in small and large environments without any issues. The solution can accommodate a growing number of users.
The solution is cloud-based, making it highly scalable and capable of handling large numbers of users and devices.
The stability of Microsoft Defender for Endpoint is highly praised by users. They consistently mention that the solution is stable and reliable, with no bugs or glitches. Users have not experienced crashes or freezing, and the performance has been good. Some users mention occasional internet connection issues, however, overall, they find the solution to be stable. It is also noted that Microsoft has been proactive in addressing stability issues and providing patches when necessary.
With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.
Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.
Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.
Microsoft Defender for Endpoint was previously known as Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus.
Petrofrac, Metro CSG, Christus Health