Microsoft Defender for Endpoint Reviews

We use it for antivirus. You can use it for malware and Zero Trust. Some people use it for fact-checking too. I can also use it with Intune, which is good. 

We deploy Microsoft Defender on all kinds of devices, including Microsoft, iOS, and Mac.

Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine.

I like the tamper protection. For example, if I buy a notebook with Windows 10 and put Microsoft Defender on it, then I can activate the tamper protection. This keeps people from entering the machine, encrypting it, and changing passwords.

Microsoft Defender is fully integrated with Azure Sentinel. In addition, GPO can be connected with Microsoft Defender and Azure AD.

It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement. 

With Windows 10, version 18.0.3, I couldn't see the documentation to open the ports. If you don't open the ports, then the machine can't communicate with the console.

I like its stability a lot.

You push out all the devices that you want. There is no limitation beyond money and licenses.

In the past, I have used McAfee and Kaspersky. 

I only work with Microsoft products right now. It integrates well with other products. I also work with Microsoft Defender for Identity.

The deployment process is not difficult because Microsoft Defender comes with Windows 10. You just right click, then it connects you with Azure. 

There are other processes that can be connected, e.g., Microsoft Download Center.

I implement Microsoft Defender for Endpoint. It takes me one or two days to design Microsoft Defender for Endpoint. It is easy to do this, and the more you implement, the easier it gets over time.

Sometimes, when I change the configuration, I have to wait six to eight hours.

It is so expensive. It isn't cheaper than McAfee or other solutions.

I prefer Microsoft Defender for Endpoint instead of McAfee, Kaspersky, and other products.

I would rate this solution as 10 out of 10.

We use Microsoft Defender Antivirus to scan for malicious payloads that may come in files, emails, a USB drive, or another type of external drive. It helps us to identify any malicious load that could compromise the security of any of our systems.

We are in a decentralized environment. We have multiple offices but they are not connected physically. The offices are directly managed from the internet.

We have a mixed environment with Linux and Windows machines.

We operate in the educational sector.

We have not fully considered how this product affects our overall security posture, although this is because we have not yet explored all of the features. Once we have all of our offices connected, it is something that we will be looking into. At this point, it does not affect all of our machines. On a scale from one to five, I would rate our security posture a four.

The most valuable feature is ransomware protection, which can detect malicious activity from IPs or a malicious payload in DLLs, or other things that can corrupt the system.

The performance is good. Usually, end-users complain that whenever background or real-time scanning is done, the effects are felt as there is a slowdown in the system. This is not the case with Microsoft Defender.

The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads.

If there is a Word file then it is able to scan it, but if there is a malicious payload within its signature then it will not be detected. Deep packet scanning must be used to improve the overall product.

We have been using Microsoft Defender Antivirus since we upgraded to Windows 10 from Windows 8.

This is a stable product. We have been using the standard version for a long time and it hasn't negatively affected our environment. Generally speaking, it is reliable.

Microsoft is actively working on this product and I think that it is becoming more scalable, day by day. For example, prior to Windows 10, there was no ransomware support. Now, it comes with Windows 20S2 and Windows 20H1.

With our decentralized environment, I don't know the exact number of users or devices that we have. However, I can say that there are more than 500 devices being protected by this solution.

Most of the machines in our environment are in areas that don't have internet access. This is because they are stationed in remote areas of the country. This means that we need to use USB drives to update the machines manually. Given the number of devices and that the management is done manually at this time, it is pretty painful for our IT people.

We have not purchased support for this product, although, for most products, we usually do have it. To this point, it hasn't been required.

When we were running older operating systems including Windows XP and Windows Vista, we had a Symantec Endpoint solution. We had that for a long time but we opted out. After that, we used McAfee and other antivirus products. However, since Windows 10 was released, and with Microsoft Defender included by default, we felt that it was the solution for us.

As I recall, we stopped using McAfee and Symantec once we moved to Windows 8.

This product came pre-installed with Windows 10 on the machines that we procured from the vendor. It is straightforward and easy to configure, as well. Once Windows is installed, setting up the antivirus and scheduling scans just involves clicking the Next button several times. It is pretty easy for anyone and if the user is non-technical, we guide them through the process.

It takes a maximum of 10 to 15 minutes to install and configure on a PC. Whenever a new configuration is required, you need to configure it on each individual machine that you have. This is why we are investigating a centralization solution. It will help us out in applying things on a global level. For example, we can apply settings based on what is in Active Directory or other policies.

One person, in-house, is all that is required to set it up.

There is not much maintenance required, as our environment is pretty standard. Also, all of the updates come from the Microsoft update center and they are automatically installed on the machines.

It is difficult to determine ROI at this point. Once all of our PCs are joined together, we will have a better idea.

As we operate in the educational sector, we are eligible for an educational discount.

We are currently looking into other solutions that will give us centralized control over Microsoft Defender. However, we are still strictly in the research phase.

Once we decide on a product and a solution is proposed, it is a long process that involves budgetary considerations. Once a PoC is completed, the budget constraints are considered, and this is part of a very long chain of processes that take place before final adoption.

Since we started using this product, we have not had any breaches. When we were using the products by McAfee and Symantec, there were issues with viruses and malicious payloads. Now, it is better because we haven't had any major issues with the systems.

My advice for anybody who is implementing this product is to let the IT staff manage it, and not allow end-users to configure it or modify their own settings.

I would rate this solution an eight out of ten.

We primarily use this product to get antivirus protection in a cost-effective way.

This product tends to detect a lot more issues than the other antivirus solutions. This is because it's essentially tuned to Microsoft. It has some inbuilt intelligence, so they tend to understand the Microsoft environment and we don't need to do as much exclusion. With other antivirus products, we need to exclude certain files from being scanned.

The malware detection feature is very good.

At times, the other antivirus products are now doing AI, in terms of understanding the behavior of the system and determining when there's an anomaly. This is something that Defender can improve on.

I have been working with Microsoft Defender Antivirus for between two and three years.

This is a stable solution that has matured over the years.

We have approximately 7,000 machines and we have not needed to scale beyond our original implementation.

Microsoft's technical support is fantastic.

We subscribe to the Microsoft Premier Support Package and they tend to respond to our queries very fast. When our engineers contact them, they respond in a very short time.

We currently use Cylance, in addition to Microsoft Defender. I'm not sure what the impact is of using two solutions, whether it is a good thing, or not. We do plan on narrowing this down to one solution in the future.

This product was included with Windows 10, so we did not have to deploy it separately.

Once this product is set up, this solution requires very little maintenance.

We already use Microsoft solutions and I found it cheaper to purchase the bundle, which includes Defender. By including the antivirus in the bundle, it makes it a little cheaper for us. If you purchase it outside of the bundle, it is a little bit expensive.

When you want the central administration functionality, it tends to be more expensive. The normal, standalone model is not expensive, but the enterprise model that includes the bundle with email and some web protection, is a bit more expensive.

When we initially implemented Windows Defender, we were pessimistic about whether it would be good enough. However, it is a pretty mature product now.

My advice for anybody who is considering this product is that it's good, and it gets results early.

I would rate this solution an eight out of ten. 

We use the most up-to-date version. 

Our primary use case is for basic EDRs for simple interfaces.

In terms of improvement, they update the platform it seems quite a bit. Every month something is in a new spot or something changed somewhere. There should be less of that.

I have been using Microsoft Defender for Endpoint for a couple of months. 

It seems stable.

It's pretty easy to scale.

A handful of people with each in charge of different areas are involved in the maintenance of the solution. It's people in system admin.

I have dealt with tech support a couple of times. They're usually pretty responsive. The first person might not know what the deal is, but they usually are able to get us to the right person, get a resolution for us, and answer our questions pretty quickly.

We used CrowdStrike but we switched to Microsoft because of the price. It's cheaper. There were other major differences. 

The initial setup was pretty complex in the way the various tools integrate. Trying to figure out permissions and getting access to certain things is complex. 

Global admin uses the tool, but then you have to get additional roles for the data loss stuff.

Make sure you read the documentation and understand what else is required before you get started.

I would rate it a seven out of ten. 

I don't think that another tool is doing anything better, or this one doesn't. It's just about using it and seeing where to find the stuff.

We use this solution for business security protection.

One of the main features is the solution is very light on resources and we do not have any problems with it.

There is room to improve the security of the solution.

We have plans to add an email security solution because this solution does not provide us with what we want.

I have been using this solution for approximately three years.

The solution is stable.

I have found the scalability of the solution good.

We were previously using the Avast security solution.

The installation is very easy, it takes only one day.

We did the implementation ourselves. We have approximately 10 engineers able to do the deployments and maintenance. 

There is not a license required for this particular solution.

I would recommend this solution to others.

I rate Microsoft Defender Antivirus an eight out of ten.

We were using the basic endpoint from Sophos without Intercept X and the EDR model, and currently, we are in the selection process of a new platform that has EDR embedded. We are using Microsoft Defender Antivirus for the time being till we get the new platform.

It is easy to use because it is already pre-installed in Windows 10. We don't have to do anything to configure it. You can also configure the firewall by using a group policy so that it can be easily adopted in an environment.

Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model.

I have been using this solution for six months.

Currently, we have about 2,000 users.

I didn't use support for this solution.

It was already pre-installed in Windows 10.

It is free. It is included in Windows 10.

We are using Microsoft Defender only for the time being. We will switch to another endpoint platform that can offer us more advanced features, centralized management, and EDR. We have not chosen the solution at the moment, but we might go for Bitdefender. It is one of the products that we have evaluated, and it can be suitable for our environment. It has some use cases that are really in the same line as our requirements.

I would recommend this solution only for small home environments. It is not for enterprise environments unless you buy the commercial version.

I would rate Microsoft Defender Antivirus a seven out of ten.

The primary use of this solution is for the detection of malware and to stop phishing. 

One of the valuable features of the solution is the small updates that keep my machine relatively clean from any infections. Additionally, it has good integration with other Microsoft products.  

I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product. 

I have used the solution for approximately two years. 

I find the solution to be stable. 

I find the solution to be quite easily extended into other environments. It is scalable, I have it on three devices. 

I have previously used the McAfee Stinger product. 

The installation of the solution is easy. I completed it myself and it took approximately 20 minutes. 

The solution comes as a part of Windows 10 and it is covered under its license. 

I will continue to use and would recommend the solution to others. 

I rate Microsoft Defender Antivirus an eight out of ten. 

There are endpoints that are not in our organization's network but are connected directly to the web. We use Microsoft Defender for the antivirus.

We are not dealing with this solution daily, just when there is an issue from time to time.

The interface could be improved.

I have been using Microsoft Defender for Endpoint for a couple of years.

It's a stable solution.

We are only running it on a few workstations. The scalability is okay.

It's run on 10 out of 3,000 workstations and we plan to continue using it.

We have no more than 10 users in our organization.

We are also using Symantec. 

We have a few endpoints where we use Microsoft Defender because we cannot use the Symantec Sets.

The initial setup was straightforward. It was easy to install and t only took a couple of minutes.

There is no team for maintenance. If there is an issue, the security team helps to resolve it.

We completed the deployment and implementation ourselves.

We don't have an issue with the price. 

We have a bundle where the price includes all Microsoft products.

This is an area that I am not dealing with. I don't have all of the information.

It's pretty good.

I would rate this solution a nine out of ten.