IT Central Station is now PeerSpot: Here's why

What needs improvement with Microsoft Defender Antivirus?

Julia Frohwein - PeerSpot reviewer
Senior Director of Delivery at PeerSpot (formerly IT Central Station)

Please share with the community what you think needs improvement with Microsoft Defender Antivirus.

What are its weaknesses? What would you like to see changed in a future version?

PeerSpot user
2727 Answers

reviewer1532022 - PeerSpot reviewer
Top 20Real User

There could be an increase in security for the solution.

Carlo Du Plessis - PeerSpot reviewer
Top 5LeaderboardReal User

I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product.

reviewer1516353 - PeerSpot reviewer
Top 20Real User

The solution does not have deep protection. Sometimes you find that you have some virus attacks. Most times we're on the internet. As you search so many websites, chances are high you visit sites that are fraudulent. There could be cases like phishing, where software could be embedded in some websites or some other viruses could come into your PC under Windows Defender. The security is basically limited. It's not so strong, in my understanding. It could be more robust. The solution could use improvement on the interface. Most different Defender software comes with a different graphical user interface and some tend to be a bit complex. They should work to make the interface more user-friendly for basic users. For myself, as an IT person, it's fine, however, for a layperson, the interface might be a bit confusing. It would be nice if they would collect user ratings and feedback. It would help them find ways to better add features and add-ons in the future. The dashboards always have room for improvement.

OmidKoushki - PeerSpot reviewer
Top 5LeaderboardReal User

The central management console should be improved because it provides limited options to configure Windows Defender. It should provide a lot of options and features, in the same way, that Symantec does, or the Kaspersky Central Management Console does. Essentially, we should have a central management console on Azure that can be used to manage Windows Defender on all of our machines.

Charles Levy - PeerSpot reviewer
Top 5Real User

We encountered some issues when we were trying to enable automatic updates from our group policy.

Lalit Vazirani - PeerSpot reviewer
Top 20Real User

One area of improvement for this solution is to have a faster turnaround time on updating definition files. Since there are usually various ransomware variants, this solution may not pick it up in time like other commercial antivirus solutions. However, we have not encountered an issue like this yet with definition updates. With regards to the interface, a challenge I found was that there was not enough documentation on how to tune it. I had to read multiple sources on the internet to learn how to configure the tool appropriately. In the next release, I would like to see the solution have a backup feature were my data could be saved to a Microsoft OneDrive account or an equivalent cloud platform so that, in the event of a ransomware or malware attack, I can easily retrieve my data.

reviewer1473762 - PeerSpot reviewer
Top 5Real User

As I've only used the product for three months, I haven't really had time to explore the entire solution. However, I haven't found anything that is lacking just yet. Currently, we're actually behind on the current feature offerings and need to explore the system quite a bit more. It fits our needs so far. The pricing could be a bit better.

reviewer1464093 - PeerSpot reviewer
Top 20Real User

It can be more secure.

reviewer1432815 - PeerSpot reviewer
Top 5Real User

Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name.

Chris Georgiou - PeerSpot reviewer
Real User

I would like to have additional features such as DNS lookup, which would help for detecting malicious sites. This is a key part that I would like to have, and other products already have it implemented.

reviewer1442253 - PeerSpot reviewer
Real User

I would like to see improvements made to how it secures activities on web pages. Web security in general should be improved.

reviewer1238874 - PeerSpot reviewer
Top 5Reseller

It could be easier when it comes to managing exceptions. In the future, I would like to see better integration with web browsers.

Mani MS - PeerSpot reviewer
Top 20Real User

I would like to see online updates for patches for this solution. I would also like to see online information about what is trending in the market in terms of spams, viruses, or trojans. It takes some time to understand how this solution works. A few things are unclear at the beginning, such as whether it actually restricts the virus or spam at the initial stage, or when there is a security update, how will we come to know and how will it get synchronized. It would be really helpful if there is some kind of knowledge base in the form of video, audio, or document that can explain in a user-friendly way the setup, features, risks, and process to mitigate the risks. Currently, I have installed endpoint security for every individual system. I could not install it like other endpoint solutions where we have a server and a client. It would be really helpful if Microsoft Windows Defender has a server-client based model so that I can save some bandwidth when it downloads or uploads features. It will be helpful if we have a LAN-based or WAN-based controlling system.

reviewer1280631 - PeerSpot reviewer
Top 20Real User

I do not find that there is very much about it that needs to be improved. Everything can be cheaper I am sure. So, it could be less expansive.

reviewer1327686 - PeerSpot reviewer
Top 20Real User

I would like to have a dashboard that shows an overview of the results for the enterprise.

reviewer1305759 - PeerSpot reviewer
Top 20Real User

The anti-ransomware features need to be improved upon.

Ganusha Alwis - PeerSpot reviewer
Real User

There is no behavior analytics for devices and endpoints. There is no behavior-based protection. It does not allow us to pull data from ransomware and zero-day attacks.

John-Maina - PeerSpot reviewer
LeaderboardReal User

The product should keep updating its software as to counter incoming threats since threats are becoming more advance with time. The product should be strong in all parts. I would recommend if the product continues to be updated that the way it updates is faster for downloading and updating in our system. The stability is good and should continue to perform well in that way. With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras.

reviewer826284 - PeerSpot reviewer
Real User

There's scanning going on that occasionally topples the memory, causing everything to freeze. This should be fixed. In future releases, it would be helpful if they included something that can control any handset viruses.

Jean-Jacques Niava - PeerSpot reviewer
Real User

I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number. I would like to be able to customize my protection on the dashboard.

Gabriel Petcu - PeerSpot reviewer
Real User

The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices.

MicroAdmin677 - PeerSpot reviewer
Real User

I think the console can be better. The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified. I think the solution is complicated. This one is one of the concerns that I like to talk about because some end-users do not know how to navigate through the console and how to work with them. I think this is not such a big deal, but I know that there will be other things that may be important to us like, how we can centrally manage users and reports are really important for us. For example, in Kaspersky, we had a problem where we couldn't detect the attacks that we had in some of our zones in our data center. I think if Microsoft Windows Defender can report these things, it's going to be great.

InfosecAn677 - PeerSpot reviewer
Real User

There are certain features that do have room for improvement. I think with the analytics engine they're looking at it from the desktop and the server perspective. I think the desktop engine should also include the script analytics — what executed, what's the power shelf or UI commands, or some form of Splunk regex. I know we don't have that functionality with a run-time analytics platform, but it's a JS (JavaScript) based one. So it would be good if they had a regex to JS converter. The biggest problem is they need to take things out of preview. I know that they're developing on the platform service with the analytics engine, but so many services still rate it as a preview after 12 to 18 months, which is stopping adoption with businesses knowing that that solution could be filled and redirected at any time. So that delay is limiting technology to be able to be updated because they don't have to release all production support.

Abdou Soudaki - PeerSpot reviewer
Real User

This solution is not perfect. Sometimes it detects something and it's not a threat. The good news is that you can restore something and analyze it better and you can restore the file and copy it or disable the defender and run it again. The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened.

Defendwind677 - PeerSpot reviewer
Real User

There were a few detections that are not picked up, and then Microsoft picks up on that and they update it. That's just a normal thing you go through based on every antivirus solution. You're always going to have viruses and signatures that are coming out. So, I wouldn't say it's the perfect solution because if you're looking at next-generation behavioral based things, for example, if you're going to use ATP, that's when you can get more methods out of it. With Defender, if you pay more you can get the ATP component, which is sold separately by Microsoft. We do have some challenges in the reporting aspect of it. There's a lot of manual effort involved to configure what we need. There are also a few issues with policies.

Ibikunle Imam - PeerSpot reviewer
Real User

Microsoft Windows Defender doesn't have a game mode. Other antivirus software (like BitDefender) have something known as a game mode. If you want to play a game, just enable the game mode to allow certain traffic without needing to configure it. Windows Defender doesn't have that. There's no Windows Server edition for Windows Defender as part of the distribution.

ITsece56457 - PeerSpot reviewer
Real User

I'm sure the premium product has extra features, like listing questionable websites. Defender is just an antivirus product. It would be nice to have a paid upgrade that would provide additional screening of the day-to-day activities.

Buyer's Guide
Microsoft Defender for Endpoint
July 2022
Learn what your peers think about Microsoft Defender for Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
620,987 professionals have used our research since 2012.