Microsoft Defender for Endpoint Reviews

We use MWD for detecting malware, viruses and protect from Ransomware.

We don't have third party software for EPS. We have started using Windows defender which is inbuilt one with windows to safeguard our systems from malware. It actually works as an anti-spyware program built to fight unauthorized access and protect our Windows computers from unwanted traffic. 

Its a complete free version which came as in-built with windows and has no impact on our system performance. We don't need an extra software to be installed for security concerns and virus a such. It is very easy to use comparing to other available software's in the market.

I would like to see online updates for patches for this solution. I would also like to see online information about what is trending in the market in terms of spams, viruses, or trojans.

It takes some time to understand how this solution works. A few things are unclear at the beginning, such as whether it actually restricts the virus or spam at the initial stage, or when there is a security update, how will we come to know and how will it get synchronized. It would be really helpful if there is some kind of knowledge base in the form of video, audio, or document that can explain in a user-friendly way the setup, features, risks, and process to mitigate the risks.

Currently, I have installed endpoint security for every individual system. I could not install it like other endpoint solutions where we have a server and a client. It would be really helpful if Microsoft Windows Defender has a server-client based model so that I can save some bandwidth when it downloads or uploads features. It will be helpful if we have a LAN-based or WAN-based controlling system.

I have been using Microsoft Windows Defender for the last six months.

In my experience, Microsoft Windows Defender has never caused any issues as such. It is pretty much stable and has not affected the system resources as per my observation.

The solution is easily scalable. I'm always trying to increase the usage to maximize the capabilities of the product offering. As soon as new capabilities appear I will expand usage to include them. 

We never contacted their technical support. Indeed Microsoft technical support has always been great.

I used to use McAfee & Norton as a different solution in my previous Organization.

Its initial setup is fine. I did not find it too complex. We just installed and enabled it on all the systems.

We implemented in-house. 

I pay for it through the Windows Professional or Standard license. It is a one-time cost for me, and I use the same license.

No

I would really recommend this solution because it is an in-built Microsoft product, and it is at the OS level. We don't require a new layer to install it as a software application. 

I would rate Microsoft Windows Defender a seven out of ten.

We have a dedicated team that handles all security-related aspects of the solution, however, my understanding is that the solution helps guard the endpoints in our organization. 

Along with security, there are certain IT policies in terms of accessibility of different sites, which are there in the organization. With everything put together, there haven't been any instances where I have seen any kind of issues such as malware or other malicious event getting through on my laptop. From that perspective, everything is fine. 

The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN. I never have to worry about anything being out-of-date.

The solution scales well.

I have found the stability to be good.

From a general user perspective, I don't see any further improvements needed. 

The price, in general, could always be a little bit cheaper.

I've used the solution for two years or so. It's not much more than that.

The stability of the product is good. I have not dealt with bugs or glitches. It doesn't crash or freeze. the performance is good. It's reliable. 

The solution scales well. If a company needs to expand it, it can.

We have 1,000 to 2,000 people on the solution currently.

I've never directly dealt with technical support for issues related to Defender. Many years ago I had reached out to Microsoft support for an issue related to Visio, a different product.

The initial setup is straightforward. There are certain automatic patches as well that keep on updating and those automatically install.

I don't recall how long the product took to deploy. When any new laptop or anything is assigned in an organization, all these things are installed prior to coming to us. Therefore, I wasn't actually a part of the installation process. 

We have a few contractors working with the in-house team. There may be around five to ten people. Any maintenance that is needed would be done by them.

The pricing could be lower. That said, I cannot speak to the exact costs involved as I do not directly deal with that aspect of the product. I'm unsure if the company is set up with a monthly or yearly subscription package. 

I'm just a customer and an end-user.

I'd rate the solution at an eight out of ten. I've been very pleased with how it has worked for me over the last two years. 

I would recommend the solution to others, however, I'm just a passive end-users and not as technically involved as those deploying the solution in our company. However, from my perspective, there has never been an issue on my machine with malware and therefore it seems to be doing what it's designed to do.

I lead a delivery team. I have a team of about 20 technology specialists and we do the deployment for Microsoft Defender.

Instead of having a third-party antivirus, then you can have a Microsoft ecosystem for your entire endpoint protection. 

This solution has its own sensors, which is its best feature. It senses the behavior of your endpoints, whether it is logged in from a particular location or external of that location. 

It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10.

Sometimes, there are different skews. In a basic skew, they should have basic log analysis without the need to integrate with any third-party or SIEM solutions, like Sentinel. This would make it so much easier for users who don't have log collection or log analysis.

We have been using it for a year.

This solution is very much stable.

This solution is scalable. It is a cloud solution.

If you have the Microsoft Azure ecosystem, you can collect logs and view them through Sentinel. You can also onboard your devices within Intune. 

You can integrate Microsoft Defender for Endpoint with different Microsoft solutions, e.g., Defender for Cloud, Sentinel, Endpoint Manager for onboarding of Intune, and Defender for Office 365.

We have a large number of customers.

Premium support is okay. Professional support is not as good because it is free. You must wait because you are not paying.

The initial setup was straightforward. There was nothing rocket science to it. It didn't take much time as we just enrolled the device and assigned the licenses, then it was done.

You just prepare it, doing a license evaluation licensing and some network configuration, then you can onboard your device.

We do the implementation ourselves. We find it easy to deploy. We help customers adopt the solution and get better ROI.

They have to pay for the Defender license. There are different licenses and skews, such as Plan 1, Plan 2, or the trial.

You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection. 

Anyone on Windows 10 Enterprise should choose this solution.

It really depends on the volume. You need one senior architect who can just define the entire thing: the device, network configuration, etc. You will also need some Level 1 engineers who need to keep on monitoring the devices and do onboarding. If they are using the latest version of Windows 10, then you can do the onboarding via Intune, Endpoint, etc. 

My rating for this solution is an eight out of 10.

It's an XDR (Extended Detection and Response) system.

It's an enterprise solution that provides a centralized console and it supports all the platforms that we use, including Windows, Linux, Mac, iOS, and Android. Microsoft Defender is embedded in Windows and is a basic anti-virus, but Defender for Endpoint is an enterprise-grade XDR system.

Microsoft should improve support for third-party platforms, because not all functionality is available for all of them. It's a good product, but they should just extend the functionality for all platforms.

I have been using Microsoft Defender for Endpoint for about three months.

It's quite stable. Sometimes it can overload the CPU of endpoints, but Microsoft provides ways to solve this problem.

Microsoft Defender for Endpoint is scalable. It's the ground-level service for other Microsoft security services. Microsoft provides a full range of security services and you have the ability to extend it anytime and in a simple way. You can scale the range of security services by just buying the license and implementing some extra service.

We have close to 200 users in our organization, but we plan to deploy this product to the whole company, with a total of nearly 800 people.

We have not had to contact Microsoft's technical support because we get support from our partner.

When it comes to the initial setup, Microsoft is very strong in that area and it is very simple. That's why we use it in our company. Some products are hard to deploy. Another solution was declined because it was not possible to roll it out in a bigger company.

We don't have a dedicated person to maintain the solution. Two people share the role. One is a Layer-1 specialist who maintains a daily routine, and the other is a Layer-2 engineer.

We started to install this product for ourselves, but Microsoft proposed some different kinds of programs in which an integrator helps key customers deploy services and products. We accepted the proposition and we are happy we did so because the partner was very professional with very deep experience with the product.

Microsoft has different plans for buying this product. The price depends on the configuration of the full set of products that you buy and on the licensing program in your contract. Microsoft provides a flexible licensing program and you can choose what you want.

The pros of Microsoft Defender for Endpoint are that it's simple to deploy and has all the required functionality. The drawback is that it lacks some functionality for other platforms, such as Linux.

I would recommend implementing this solution together with a certified partner. That will help to avoid a lot of mistakes and save you money, because licensing is a big part of the project.

We use it for endpoint security.

When looking at the ecosystem as a whole, security-wise, Microsoft provides a complete solution with the E5 Security suite. Microsoft has a big advantage because Defender knows how to interact with the CASB and all the other security components that you have. Overall, that makes the management of the environment much easier. It's easier to understand what's going on, to become aware of risks, and to take action.

• Defender has very little impact on the end-user.
• The agent works quite well with a minimal impact on the client and server.
• It's very easy to deploy it.

We did a trial of Microsoft Defender for Endpoint for about three months, and now we are in the process of rolling it out.

We have about 4,300 users of Defender and it took two days to have it fully deployed. With Cortex it took some time. With Cortex, we had some 500 clients that we had to investigate because for some reason they did not get the agent immediately and we had to do some tweaking to get it to all the end-users.

We used consultants for the deployment of both Cortex and Defender.

We gave Palo Alto Cortex XDR a try and we are now in the process of removing it and going to Microsoft Defender for Endpoint. I have experience with both of them.

Cortex has quite good management capabilities that give IT organizations quite a good picture of attempted cyber attacks. It has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex.

The onboarding process with Defender is much easier. In two days we were able to deploy it to our whole organization. Cortex is much more cumbersome. But the onboarding process is not the issue. A more important difference is that once you have security risks that you would like to mitigate, Cortex more easily gives you information regarding the threats. Microsoft gives you exactly the same information, but you have to know how to dig a bit more and do some manual steps that, with Cortex, are more straightforward.

The main issue that we had with Cortex, and the reason we decided to roll back and go to Defender, is that Cortex has a horrible impact on the performance of the system. For an enterprise-level organization, it kills the system. Users were complaining that when moving between emails in Outlook it would take a lot of time, creating a lot of delays and timeouts. Web browsing and every action on their computers took much more time than usual with Cortex.

I would rate Defender a nine out of 10, while Cortex XDR is a five out of 10.

We are using it as the antivirus as well as the malware protection.

We have not had any attacks, in terms of viruses, worms, or ransomware, in the last three years.

The impact of the solution has been minimal. Employees can work with any interruptions.

The folders and files protection are its most valuable features. These have been valuable because of the increase in ransomware attacks. With these two features, I can ensure that no changes have been made to our system or endpoint folders and files without the user being aware.

I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement.

I have been using it for three years.

It is quite stable. We have not had any cases, i.e., viruses, that would require a reboot, etc. We have never had a situation where we needed to reinstall the tools as a result of the Defender application or a feature being corrupt.

Four IT support technicians are responsible for administrating Microsoft Defender in our organization. They make sure that upgrades and updates are done in a good timeframe.

Its scalability is good enough. As long as you deploy the OS, you will keep on deploying Microsoft Defender automatically. This is a good option.

We have about 375 endpoints.

I have never used their support.

Before Microsoft Defender, we were using Bitdefender. Before Bitdefender, we were using McAfee Symantec.

We switched to Microsoft Defender because there was a change of ownership for the company in 2017.

We went for Microsoft Defender once we were informed that it would be part of our Office 365 package. So, we combined the licensing for the OS with Office 365. Yeah. We thought it was a good bargain.

The initial setup was straightforward.

The deployment takes a maximum of half an hour.

We have seen ROI. Most of the other competing alternatives will cost up to around $30 per user device. We average 400 devices. Therefore, the amount that we save each year is 400 times $30.

We have been using the free version.

Microsoft Defender is good enough as long as you ensure the environment is well-patched and secure, then even the free option will be sufficient to take care of the entire ground.

We are not looking to increase usage at the moment because of the underlying economic situation.

I would rate this solution as nine out of 10.

We are a system integrator and I specialize in practically everything that is security-related. This is a product that we sell as part of Office 365, and rarely as a standalone solution.

Usually, if we have a customer with Office 365 and they need this type of solution then we increase the subscription to a point where it is included.

From the user's point of view, this is classic anti-virus software. From a management point of view, this product gives better control over endpoint devices because some processes can be stopped remotely. If you have a person that is watching over the system then they have a higher level of control over endpoints.

This is a cloud-based product so it is always updated by the end-user.

They have to improve the email scanning where email is coming from somewhere other than our private network. The scanning is slow when it is working with incoming emails. Often, I can see the email but the scanning process is not finished and I cannot open the attachment. In general, the scanning has to be faster.

This solution looks stable. Provided that Windows 10 is updated, everything is okay.

I have not been in contact with technical support in regards to this product. However, technical support for Microsoft products is always of bad quality. In my experience, if you cannot find the solution yourself then you will have a huge problem because it is not an easy task to have them understand and support you.

You can lose a lot of time explaining the problem before you receive something that works.

My advice to is look for a good support library and try to find the solution yourself. This means that you don't need to contact support.

We have worked with many different security solutions. For example, we are selling a Security Operations Center as a service. We implement EDR, Privileged Access Management, Identity Management, anti-fraud solutions, web application firewalls, database security, and more. We are working with practically everything in cybersecurity.

We are working with between 10 and 15 different vendors. Sometimes, this is too many, but it is useful to have information about each product, its quality, and how it compares to others. Two products that we are working with now are Cisco AMP and Carbon Black.

There is a free version of Windows Defender, although the paid version has EDR functionality. We sell this product as part of Office 365 and it is not expensive.

I have never touched this product. I'm just selling it, and I don't recommend it to anybody as a standalone solution.

I would rate this solution a five out of ten.

Our primary use case of this solution is endpoint protection. In general, we use it to protect our devices, rather than using third-party software. 

This solution is deployed on-prem. 

The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use. 

Microsoft Defender could be improved with features more like the McAfee ePO. It would be better if I had a console to get all the information for my endpoints. Maybe this is too much for it, but it would be better if it could handle those non-signature-based malicious codes or viruses. In the future, more and more non-signature-based activities or viruses will appear, which you can see in the market with software like CrowdStrike or other products that target non-signature-based attacks. 

There are two groups: one is signature, which means that people know it, and the other is non-signature, which means that these are abnormal activities unknown to people. If Defender could also handle those non-signature-based attacks or abnormal activities, it would be better. 

I have been using Microsoft Defender for one or two years. 

This solution is quite stable. In our opinion, it's similar to those signature-based antivirus software, and almost at the same level. 

There are about five or six users of Microsoft Defender in my organization, because we are not very big. Other people and other teams like to have different end device software. 

We have a support contract with Microsoft, so we have a ticket system where we can pass questions to them. These things are handled by the help desk people, though, not me. 

It's not difficult to install Microsoft Defender. I don't remember how much time it took, but the process is easy. 

We pay a yearly license for Microsoft Defender. We also have a support contract with them. 

I wish that Microsoft Defender had a feature like McAfee's ePO, where I could have a console to get all the information for my endpoints. I also evaluated CrowdStrike because it can target non-signature-based attacks.  

I rate Microsoft Defender an eight out of ten. I would recommend it to others, but it depends on whether they have their own policy for deploying antivirus products. It's good for some users who have some preferences—who need to follow their security policy or who have some budgeting issues.