Microsoft Defender for Endpoint as a EDR tool
May 17, 2024
Microsoft Defender for Endpoint as a EDR tool
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Endpoint
Defender for Endpoint is used to compliment other EDR/AV tools. Defender for Endpoint is a great solution for protecting against malware, computer viruses and malicous files, etc. It also detects vulnerabilities which be analyzed in the Defender for Endpoint Microsoft portal. Therefore, the use cases covered includes, protection, detection, performance and performance impacted, ease of deployment and integration.
- Defender for Endpoint is updated automatically on a regular basis.
- It catches a most malicous files which means it's detection works very well malware, viruses and ransomware.
- Defender for Endpoint integration well with other Microsoft products. For example, it integrates well with Microsoft Sentinel SIEM solution.
- Defender for Endpoint data is very useful for threat intelligence and threat hunting.
- Defender for Endpoint does not support some older operating systems versions. Most organizations have legacy applications running on legacy OSs therefore some of these should be supported.
- Onboarding assets is a little different depending on the operating systems that is being used. This takes away for a consistent onboarding process.
- From a management standpoint, some aspects of management is handle in local SCCM while others are on the Microsoft cloud.
- Defender for Endpoint has helped with enhancing security for our organization.
- Defender for Endpoint gives other benefits in that it is used with DLP and protects against data leakage.
- From a cost and implementation prospective, organizations does not have to purchase separate tools for managing DLP and EDR.
- Cloud Solutions
- Scalability
- Integration with Other Systems
My decision to get Microsoft Defender for Endpoint was influenced by performance impact to other processes and applications. Also that cost and RIO benefits from using Microsoft Defender for Endpoint and utilizing other functionalities that are available with Defender. For example, vulnerability detection is available and DLP for data loss prevention.
Defender for Endpoint is a great EDR solution for protecting against malware, computer viruses and malicous files, etc. It also detects vulnerabilities which be analyzed in the Defender for Endpoint Microsoft portal. The integration of Microsoft Defender for Endpoint to Microsoft Defender for Cloud Apps is used for file monitoring and user activity.
Microsoft Defender for Endpoint protecting:
Windows - approx. 10,000
Windows server - approx. 1,200
macOS - 70
Linux server - 400
Windows - approx. 10,000
Windows server - approx. 1,200
macOS - 70
Linux server - 400
- CrowdStrike Falcon and Trellix Endpoint Detection and Response (EDR)
Microsoft Defender for Endpoint stacks up well against it competitors. It detects malicious files faster than other tools like CrowdStrike.
Do you think Microsoft Defender for Endpoint delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Endpoint's feature set?
Yes
Did Microsoft Defender for Endpoint live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Endpoint go as expected?
Yes
Would you buy Microsoft Defender for Endpoint again?
Yes