The pricing, setup cost, and licensing for Microsoft Defender for Endpoint vary based on different factors. The solution is included with a Microsoft E5 license, making it a cost-effective option when bundled with other Microsoft solutions. However, as a standalone solution, it can be costly.
The licensing costs are generally reasonable, and there is an additional cost for Microsoft Premier support. Some users have found that the solution saved them money compared to other products they were using. The price can be higher for specific markets, such as the Indian market.
Microsoft offers flexible licensing options, including monthly or yearly subscriptions. The solution is available at different price points depending on the configuration and licensing program.
Some users have negotiated pricing, while others have obtained subsidized licensing.
Using Microsoft Defender for Endpoint has resulted in a positive return on investment for organizations. By consolidating all necessary components into a single solution, it eliminates the need for additional vendors and extra costs. The exact amount of money saved is difficult to measure, as it depends on the occurrence and impact of potential attacks. Over the years, organizations have witnessed a return on investment in terms of improved protection against threats.
The primary use case of Microsoft Defender for Endpoint is as an enterprise security solution. It serves as an antivirus and EDR, providing integrated security with the operating system. The product is used to secure customers' networks and offers seamless integration with other Microsoft products, facilitating incident investigation and correlation with other security measures.
The solution is deployed to manage firewalls, provide endpoint security, and protect against virus and malware attacks. It is also used for managing compliance and consolidating security aspects into a centralized portal.
Microsoft Defender for Endpoint is deployed on various devices, including Windows 10 endpoints and servers, and is integrated with other Microsoft security products for coordinated detection and response across the environment. It offers visibility and protection for both on-premises and cloud-based environments, including multi-cloud solutions.
The solution is used for vulnerability scanning, threat prevention, and threat detection, and it provides a centralized console dashboard for monitoring and managing security operations. It is also utilized for endpoint detection and response (EDR), extended detection and response (XDR), and for protecting personal and business information.
The most valuable features of Microsoft Defender for Endpoint include:
- Automatic investigation of packages and collection of data and information
- Integration with the operating system and access to software inventories and registries
- Advanced hunting and customized detection capabilities
- Real-time detection and cloud-based delivery of detections
- Good visibility into threats and threat intelligence
- Easy to load and runs quietly in the background
- Ability to bring together all data and provide comprehensive information
- Alerting, policies, and threat-hunting capabilities
- File protection and security score
- Interaction with other Microsoft solutions and integration with Azure and other systems
- Monitoring and blocking of threats, proactive threat detection, and prevention - Centralized dashboard for monitoring and management
- Simplified deployment and scalability
- Integration with SIEM tools and other security products
- Vulnerability management and reporting analytics
- User-friendly interface and ease of use - Performance, stability, and reliability
- Seamless integration with Microsoft ecosystem and other Microsoft solutions
Improvements for Microsoft Defender for Endpoint mentioned in the reviews include:
- The profiling method for creating antivirus profiles for Linux needs to be more user-friendly and improved.
- Additional features related to device control, such as automatic syncing of devices without dependency on other products like Intune or Azure, are desired.
- The application control feature needs improvement, including a better GUI for configuring policies and more documentation.
- The policy configuration process could be more streamlined and integrated within Microsoft Defender for Endpoint.
- The frequent changes in product names, portal designs, and included features can be confusing and frustrating for users.
- The stability of the solution could be improved.
- More advertising and promotion of the features of Microsoft Defender for Endpoint is desired.
- The solution lacks customization options compared to other products, and a single portal for customization would be beneficial.
- Significant expertise is required to maximize visibility into threats, and the solution could provide better visibility and root cause analysis for threats.
- Integration with third-party tools and systems, such as firewalls and other cloud vendors, needs improvement.
- The amount of data logging and storage can be overwhelming and costly, and there is a need for easier management and storage options.
- The solution's capabilities on different operating systems, such as Mac OS and Linux, need to be more balanced and feature-rich.
- There is a need for better management reporting, granularity in security configuration, and improved UI.
- Integration with other Microsoft security technologies and consolidation of dashboards would be beneficial.
- The solution should provide more customizable reporting options and prioritize security incidents.
- Improvements in automation, user interface, and simplification of the management infrastructure are desired.
- The solution should provide more comprehensive web filtering capabilities.
- The ability to isolate a certain amount of time on the timeline and improve the user experience for investigations is needed.
- The learning curve for using the solution can be steep, and more training resources and refinement of wizards are needed.
- There should be better support for on-premises security and monitoring, especially for Active Directory.
- The solution should have better integration with different platforms and systems, including third-party tools and SIEM solutions.
- The solution's resource usage, CPU strain, and battery consumption need improvement.
- The licensing model could be more transparent and flexible, especially for multi-tenant environments.
- The solution should provide better support for non-Windows products and improve email security integration.
- The solution should offer better GUI customization, automation, and a simplified SIEM for easier management.
- Reporting, patch management, and exception management capabilities need improvement.
- The solution should provide better support for Mac OS and enhance web filtering capabilities.
- The solution's deployment and setup process could be more straightforward and simplified.
- Security effectiveness, reporting speed, and user-friendliness could be improved.
- The solution should be more secure, provide better security features, and prioritize security enhancements.
- Integration with third-party systems and platforms should be improved, and more user-friendly dashboards and features are desired.
- The solution should be more scalable, have a single pane of glass for management, and reduce dependencies on other Microsoft services.
- The solution should improve detection capabilities, reporting, and support for third-party platforms.
- More frequent updates, better reporting, and improved user experience are needed.
- The solution should provide a more holistic approach, collaboration capabilities, and better management reporting.
- The user interface and customization options could be optimized, and the solution should offer more telemetry and automation capabilities.
- The solution should improve security aspects, email security, and the ability to handle non-signature-based attacks.
- The solution should provide more integration, faster reporting, and better management features.
- The solution should be more secure, provide better visibility, and reduce complexity in deployment and management.
- The solution should improve security features, reporting, and customization options.
- The solution should provide better integration, reporting, and management capabilities.
- The solution should improve reporting speed, and management interface, and provide a better UI.
- The solution should improve security and reporting, and prioritize high-risk vulnerabilities.
The initial setup for Microsoft Defender for Endpoint varies depending on the client's environment. For some, it is straightforward and can be done in a few hours. In these cases, the deployment is done through scripts, GPO packages, or MDM solutions.
For larger organizations with complex networks and systems, the setup can be more complex and time-consuming. It may require the expertise of multiple consultants and take several months to complete.
The solution of Microsoft Defender for Endpoint has received positive feedback regarding its scalability. Users have mentioned that it can scale effectively regardless of the size of the environment. It is capable of being used in small and large environments without any issues. The solution can accommodate a growing number of users.
The solution is cloud-based, making it highly scalable and capable of handling large numbers of users and devices.
Customer service and support of Microsoft Defender for Endpoint is mixed. Some customers have praised the technical support team, mentioning their knowledge and ability to escalate issues to higher levels of support. Promptness in transferring tickets to capable representatives and providing seamless resolutions have been appreciated.
However, there have also been instances of delays and tickets being routed to the wrong team, resulting in slower support. The level of support seems to vary depending on the support contract, with the premier support contract being more efficient.
The stability of Microsoft Defender for Endpoint is highly praised by users. They consistently mention that the solution is stable and reliable, with no bugs or glitches. Users have not experienced crashes or freezing, and the performance has been good. Some users mention occasional internet connection issues, however, overall, they find the solution to be stable. It is also noted that Microsoft has been proactive in addressing stability issues and providing patches when necessary.
The pricing, setup cost, and licensing for Microsoft Defender for Endpoint vary based on different factors. The solution is included with a Microsoft E5 license, making it a cost-effective option when bundled with other Microsoft solutions. However, as a standalone solution, it can be costly.
The licensing costs are generally reasonable, and there is an additional cost for Microsoft Premier support. Some users have found that the solution saved them money compared to other products they were using. The price can be higher for specific markets, such as the Indian market.
Microsoft offers flexible licensing options, including monthly or yearly subscriptions. The solution is available at different price points depending on the configuration and licensing program.
Some users have negotiated pricing, while others have obtained subsidized licensing.
Using Microsoft Defender for Endpoint has resulted in a positive return on investment for organizations. By consolidating all necessary components into a single solution, it eliminates the need for additional vendors and extra costs. The exact amount of money saved is difficult to measure, as it depends on the occurrence and impact of potential attacks. Over the years, organizations have witnessed a return on investment in terms of improved protection against threats.
The primary use case of Microsoft Defender for Endpoint is as an enterprise security solution. It serves as an antivirus and EDR, providing integrated security with the operating system. The product is used to secure customers' networks and offers seamless integration with other Microsoft products, facilitating incident investigation and correlation with other security measures.
The solution is deployed to manage firewalls, provide endpoint security, and protect against virus and malware attacks. It is also used for managing compliance and consolidating security aspects into a centralized portal.
Microsoft Defender for Endpoint is deployed on various devices, including Windows 10 endpoints and servers, and is integrated with other Microsoft security products for coordinated detection and response across the environment. It offers visibility and protection for both on-premises and cloud-based environments, including multi-cloud solutions.
The solution is used for vulnerability scanning, threat prevention, and threat detection, and it provides a centralized console dashboard for monitoring and managing security operations. It is also utilized for endpoint detection and response (EDR), extended detection and response (XDR), and for protecting personal and business information.
The most valuable features of Microsoft Defender for Endpoint include:
- Automatic investigation of packages and collection of data and information
- Integration with the operating system and access to software inventories and registries
- Advanced hunting and customized detection capabilities
- Real-time detection and cloud-based delivery of detections
- Good visibility into threats and threat intelligence
- Easy to load and runs quietly in the background
- Ability to bring together all data and provide comprehensive information
- Alerting, policies, and threat-hunting capabilities
- File protection and security score
- Interaction with other Microsoft solutions and integration with Azure and other systems
- Monitoring and blocking of threats, proactive threat detection, and prevention - Centralized dashboard for monitoring and management
- Simplified deployment and scalability
- Integration with SIEM tools and other security products
- Vulnerability management and reporting analytics
- User-friendly interface and ease of use - Performance, stability, and reliability
- Seamless integration with Microsoft ecosystem and other Microsoft solutions
Improvements for Microsoft Defender for Endpoint mentioned in the reviews include:
- The profiling method for creating antivirus profiles for Linux needs to be more user-friendly and improved.
- Additional features related to device control, such as automatic syncing of devices without dependency on other products like Intune or Azure, are desired.
- The application control feature needs improvement, including a better GUI for configuring policies and more documentation.
- The policy configuration process could be more streamlined and integrated within Microsoft Defender for Endpoint.
- The frequent changes in product names, portal designs, and included features can be confusing and frustrating for users.
- The stability of the solution could be improved.
- More advertising and promotion of the features of Microsoft Defender for Endpoint is desired.
- The solution lacks customization options compared to other products, and a single portal for customization would be beneficial.
- Significant expertise is required to maximize visibility into threats, and the solution could provide better visibility and root cause analysis for threats.
- Integration with third-party tools and systems, such as firewalls and other cloud vendors, needs improvement.
- The amount of data logging and storage can be overwhelming and costly, and there is a need for easier management and storage options.
- The solution's capabilities on different operating systems, such as Mac OS and Linux, need to be more balanced and feature-rich.
- There is a need for better management reporting, granularity in security configuration, and improved UI.
- Integration with other Microsoft security technologies and consolidation of dashboards would be beneficial.
- The solution should provide more customizable reporting options and prioritize security incidents.
- Improvements in automation, user interface, and simplification of the management infrastructure are desired.
- The solution should provide more comprehensive web filtering capabilities.
- The ability to isolate a certain amount of time on the timeline and improve the user experience for investigations is needed.
- The learning curve for using the solution can be steep, and more training resources and refinement of wizards are needed.
- There should be better support for on-premises security and monitoring, especially for Active Directory.
- The solution should have better integration with different platforms and systems, including third-party tools and SIEM solutions.
- The solution's resource usage, CPU strain, and battery consumption need improvement.
- The licensing model could be more transparent and flexible, especially for multi-tenant environments.
- The solution should provide better support for non-Windows products and improve email security integration.
- The solution should offer better GUI customization, automation, and a simplified SIEM for easier management.
- Reporting, patch management, and exception management capabilities need improvement.
- The solution should provide better support for Mac OS and enhance web filtering capabilities.
- The solution's deployment and setup process could be more straightforward and simplified.
- Security effectiveness, reporting speed, and user-friendliness could be improved.
- The solution should be more secure, provide better security features, and prioritize security enhancements.
- Integration with third-party systems and platforms should be improved, and more user-friendly dashboards and features are desired.
- The solution should be more scalable, have a single pane of glass for management, and reduce dependencies on other Microsoft services.
- The solution should improve detection capabilities, reporting, and support for third-party platforms.
- More frequent updates, better reporting, and improved user experience are needed.
- The solution should provide a more holistic approach, collaboration capabilities, and better management reporting.
- The user interface and customization options could be optimized, and the solution should offer more telemetry and automation capabilities.
- The solution should improve security aspects, email security, and the ability to handle non-signature-based attacks.
- The solution should provide more integration, faster reporting, and better management features.
- The solution should be more secure, provide better visibility, and reduce complexity in deployment and management.
- The solution should improve security features, reporting, and customization options.
- The solution should provide better integration, reporting, and management capabilities.
- The solution should improve reporting speed, and management interface, and provide a better UI.
- The solution should improve security and reporting, and prioritize high-risk vulnerabilities.
The initial setup for Microsoft Defender for Endpoint varies depending on the client's environment. For some, it is straightforward and can be done in a few hours. In these cases, the deployment is done through scripts, GPO packages, or MDM solutions.
For larger organizations with complex networks and systems, the setup can be more complex and time-consuming. It may require the expertise of multiple consultants and take several months to complete.
The solution of Microsoft Defender for Endpoint has received positive feedback regarding its scalability. Users have mentioned that it can scale effectively regardless of the size of the environment. It is capable of being used in small and large environments without any issues. The solution can accommodate a growing number of users.
The solution is cloud-based, making it highly scalable and capable of handling large numbers of users and devices.
Customer service and support of Microsoft Defender for Endpoint is mixed. Some customers have praised the technical support team, mentioning their knowledge and ability to escalate issues to higher levels of support. Promptness in transferring tickets to capable representatives and providing seamless resolutions have been appreciated.
However, there have also been instances of delays and tickets being routed to the wrong team, resulting in slower support. The level of support seems to vary depending on the support contract, with the premier support contract being more efficient.
The stability of Microsoft Defender for Endpoint is highly praised by users. They consistently mention that the solution is stable and reliable, with no bugs or glitches. Users have not experienced crashes or freezing, and the performance has been good. Some users mention occasional internet connection issues, however, overall, they find the solution to be stable. It is also noted that Microsoft has been proactive in addressing stability issues and providing patches when necessary.
Microsoft Defender for Endpoint was previously known as Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus.
Microsoft Defender for Endpoint is the #1 ranked solution in endpoint security software, #1 ranked solution in top ATP (Advanced Threat Protection) tools, #1 ranked solution in top Anti-Malware Tools, #1 ranked solution in EDR tools, and #4 ranked solution in top Microsoft Security Suite tools. PeerSpot users give Microsoft Defender for Endpoint an average rating of 8.2 out of 10. Microsoft Defender for Endpoint is most commonly compared to Intercept X Endpoint: Microsoft Defender for Endpoint vs Intercept X Endpoint. Microsoft Defender for Endpoint is popular among the large enterprise segment, accounting for 47% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a educational organization, accounting for 20% of all views.Petrofrac, Metro CSG, Christus Health