KnowBe4 PhishER vs. Microsoft Defender for Endpoint

I have been able to create customized simulated phishing campaigns that are really testing our users ability to "spot the fake." That coupled with the training campaigns that are included make it much more likely that our users will be better prepared to protect our organization by being able to recognize common industry threats, and brings awareness to less common threats that are out there. I love that they have a shared folder full of relevant, recent real-world scams that we can choose from to train our user base.

Incentivized

Usually we had lots two platforms tasked with scanning exposures, anti-malware and provision for information and threat management. But with Microsoft Defender for Endpoint we have an all inclusive platform that even integrate with other Microsoft security apps such as Microsoft Defender for Cloud for enhanced threat insights and visibility.

Incentivized

• Analysis and classification of phishing emails using machine learning
• Response to reporting users with personalised emails template
• Automatic response and actions using integration with Microsoft
• Good dashboard with reporting and KPI
• Integration with others product to improve scan and analysis
• It improves users' security awareness and behavior as receiving an immediate response with the analysis result improves the ability to recognize a phishing email

Incentivized

• It provides a unified security experience when combined with other Microsoft products such as Microsoft Defender for 365 and Azure Defender.
• It has an excellent dashboard and centralized view that make it easy to see and control everything from one location.
• It's an EDR tool designed to help you understand incidents and alerts better.
• Real-time detection of attacks and prompt endpoint device responses. It effortlessly interacts with additional Microsoft security products.

Incentivized

• Enhancing the automated response capabilities, such as directly initiating remediation processes or integrating with other cybersecurity tools, could further streamline the threat management process.
• Implementing a feedback system where users can be informed about the outcome of their reported emails might encourage more proactive engagement.
• the reporting tool is not as streamlined on mobile devices as it is on desktops. Enhancing mobile functionality would be beneficial

Incentivized

• Does not allow for remediation from the management console.
• The ticket system doesn't alert the person assigned to the ticket.
• You have to submit requests for whitelisting applications.
• Scanning exclusions are tricky to find.
• Adding devices, especially Apple devices, is very cumbersome.

Incentivized

Phish ER has reduced the time my team and I spend on reported emails by over 80%. With the volume of emails reported and a small team this is a must have.

The configuration is a bit complicated, but easy once you get the hang of it. Once configured, it is easy to manage our malicious emails that are reported by our staff.

Incentivized

Support has been easy to get along with and easy to understand.

Incentivized

The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session

Incentivized

Work with support or rep for some basic steps, the rest is pretty straight foward.

Incentivized

KnowBe4 PhishER has a lot of features that other companied does not have. Its AI capability, integration with VirusTotal, PhishRIP and PhishFlip features make it totally different from other solutions. Its Phish Alert Button directly installed on users Outlook without affecting them and the reporting technique is very simple, just clicking on the Phish Alert Button and the email will be directly reported to the KnowBe4 PhishER dashboard. KnowBe4 PhishER dashboard is a very good example of centralized dashboard where you can find all things related to that reported email.

Incentivized

in an overall protection sentinelone is providing better protection for us, but as it comes with subscription's limitation, we have to be really careful in managing the licenses, the MS Defender for endpoint is providing us a decent protection which we are not complaining about, why we chose them ? as mentioned, this is coming with our subscription

Incentivized

• It has greatly increased phishing / security awareness by our staff by having a designated button & process for reporting phishing emails
• It provides greater protection through the ability to delete emails from multiple recipients even if not all of them reported the email
• It saves time for me to have to evaluate whether or not an email reported is a real threat through the ML/AI/VirusTotal scores

Incentivized

• By providing robust threat protection, Defender for Endpoint can prevent downtime caused by security issues. Employees can work without interruptions, leading to increased productivity.
• By significantly decreasing the frequency of security incidents like malware infections and data breaches, Microsoft Defender for Endpoint can protect your network. The cost of incident response, cleanup, and potential regulatory fines are reduced as a result of the decrease in events.
• The implementation and configuration of Microsoft Defender for Endpoint may require an initial investment in licensing, training, and deployment, which can temporarily affect ROI.
• The cost of licensing can be substantial, especially for larger organizations. This cost needs to be factored into the ROI calculation.

Incentivized