AWS Config vs. Microsoft Defender for Endpoint

It's really good if your infrastructure services is all in AWS, that means everything could be audited and monitored using AWS config. You also can create alarms to notify you or your team about any changes on your AWS resources which is very useful to prevent abuse if you have a fairly large team. It's also very useful whenever some third party wants to audit your AWS resources, if you have a fairly comprehensive AWS config configured, the auditing process will be easy since they only need to look at your AWS config setup.

Incentivized

Usually we had lots two platforms tasked with scanning exposures, anti-malware and provision for information and threat management. But with Microsoft Defender for Endpoint we have an all inclusive platform that even integrate with other Microsoft security apps such as Microsoft Defender for Cloud for enhanced threat insights and visibility.

Incentivized

• The ability to track changes in AWS is paramount, AWS config allows you to do this
• Allows the auditing of an AWS account
• Can view history of an account that has AWS config enabled

Incentivized

• It provides a unified security experience when combined with other Microsoft products such as Microsoft Defender for 365 and Azure Defender.
• It has an excellent dashboard and centralized view that make it easy to see and control everything from one location.
• It's an EDR tool designed to help you understand incidents and alerts better.
• Real-time detection of attacks and prompt endpoint device responses. It effortlessly interacts with additional Microsoft security products.

Incentivized

• It's only AWS, no third party.
• Not the most intuitive interface, but with a little getting used to it is OK.

Incentivized

• Does not allow for remediation from the management console.
• The ticket system doesn't alert the person assigned to the ticket.
• You have to submit requests for whitelisting applications.
• Scanning exclusions are tricky to find.
• Adding devices, especially Apple devices, is very cumbersome.

Incentivized

Would rate lower for other workloads but for AWS workloads its simple to set up, cost effective and customisable. Primary use case is compliance from a governance perspective.

Incentivized

The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session

Incentivized

I do not know or have used any other product in AWS cloud space that matches what AWS Config provides. We have some custom built monitoring and governance, however that is there because AWS Config does not provide it currently.

Incentivized

in an overall protection sentinelone is providing better protection for us, but as it comes with subscription's limitation, we have to be really careful in managing the licenses, the MS Defender for endpoint is providing us a decent protection which we are not complaining about, why we chose them ? as mentioned, this is coming with our subscription

Incentivized

• Enforcing audit requirements
• Easy to set up alerting when there are rule breaches
• Auto remediation reduces the manual policing of such breaches

Incentivized

• By providing robust threat protection, Defender for Endpoint can prevent downtime caused by security issues. Employees can work without interruptions, leading to increased productivity.
• By significantly decreasing the frequency of security incidents like malware infections and data breaches, Microsoft Defender for Endpoint can protect your network. The cost of incident response, cleanup, and potential regulatory fines are reduced as a result of the decrease in events.
• The implementation and configuration of Microsoft Defender for Endpoint may require an initial investment in licensing, training, and deployment, which can temporarily affect ROI.
• The cost of licensing can be substantial, especially for larger organizations. This cost needs to be factored into the ROI calculation.

Incentivized