Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
ServiceNow IT Service Management
Score 8.2 out of 10
N/A
Built on the ServiceNow Now Platform, the IT Service Management bundle provides an agent workspace with knowledge management, and modules supporting issue tracking and problem resolution, change, release and configuration management.
N/A
Pricing
Microsoft Defender for Endpoint
ServiceNow IT Service Management
Editions & Modules
Academic
$2.50
per user/per month
Standalone
$5.20
per user/per month
ITSM Standard
Custom Quote
ITSM Pro
Custom Quote
ITSM Enterprise
Custom Quote
Offerings
Pricing Offerings
Microsoft Defender for Endpoint
ServiceNow IT Service Management
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
ITSM Pro and ITSM Enterprise also are available with optional "Plus" add-ons. These include AI Agents, an AI Agent Studio, and other features that augment the capabilities of the platform using AI Virtual Agents to automate tasks.
Microsoft Defender for Endpoint is easy to deployed across the entire organization. Having a cloud based solution with a single pane of glass to manage all assets is a real no-brainer. Being able to receive immediate alerts when suspicious activity occurs is extremely helpful in keeping risks at a minimum. Microsoft Defender for Endpoint management is also smart enough to not send several alerts when an attack could be hitting multiple targets within a certain time frame or when it's the same attack multiple times. However, be prepared to click through multiple pages all over the site to figure out what happened when an attack occurs.
It is well suited for medium to large companies that require a tool to allow users to create IT requests, have a self-service portal, track the completion of such requests and have access to KPIs to understand the satisaction level of the requestors. It is not the best tool if you want to have a heavy personalized IT Service Management tool to cater to all your needs or when you want to have an easy way to search for past tickets using specific keywords.
One, it's crazy lightweight, so compared to some of the competitors that we also have used with our security services, it's really lightweight and so I don't have a lot of overhead on the system that it's running on.
Finding requests that I opened and have since been completed by the assigned group/individual is very difficult to accomplish unless I've written down the request numbers somewhere.
Requests that I opened and are subsequently closed, often continue to appear in the list of "My Open Requests" giving the appearance that they were not completed when in fact they were.
It may exist, but if it does I haven't found it yet, which makes it less than intuitive, but I would like to see the ability to recall a request in ServiceNow.
I believe our firewall rule change request for is a custom form, but it has a serious drawback. If I submit such a request and need to make a correction to it before it is approved, there isn't anyway for me to do so. The request has to first be rejected with the creation of a sub-task in order to edit it before it is resubmitted for approval.
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
To be completely honest setting up a new ticketing system can be a pain in the ass. Once you have it setup and customized the way you want it, you don't want to switch unless you're unhappy with the product. Unless future releases and updates really muck the system up, I wouldn't change.
It offers multiple security features and integrates well with Microsoft ecosystems. A workflow for threat detection, investigation, automated remediation, and a centralized dashboard is an added advantage. This application is mainly designed for experienced users; new users may feel challenged.
It has helped us a lot, and after some training and getting to know the product, we are quite comfortable with it and feel much more capable of understanding what's going on in our IT environment. The only reason it doesn't get a perfect score from me is that there is a learning curve for both end users and IT admins using ServiceNow. Once you customize the UI and remove unnecessary fields. You are left with a very clean product that does what it needs to and does it well.
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
I would give it this rating because we have had no major issues with the support for ServiceNow after we implemented it at our organization. They seem to respond promptly and efficiently if we ever do need to open a support case with them about an issue we are having.
To type in what should be a text box, you have to click an empty cell, a tiny text box pop up opens with a check box and an X. You the. Type in the text box and have to click the check mark. If you have a bunch of fields to fill out, doing this is very annoying. Absolutely know thought went in to this. I'm sure somebody in marketing thought it was a good idea. It wasn't.
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
Without exception, every client I have worked with has been very happy with their resulting product. While this is partly due to my work, I must point out that the platform is the winning decision, not the implementer.
Defender is far easier to deploy and manage than Sophos and tends to work without as many issues. The threat assessment portal provides an in-depth view of the organization's security posture, whereas Sophos only shows the patching status of the PCs. We did need Intune to get many of the control features (disabling USB drives) that Sophos offered out of the box.
We used to use Jira to handle service tickets but it's way too robust for something this straightforward. Due to the nature of Jira, you needed to already have a lot of documentation and knowledge about who should be assigned the ticket, so the lift of creating a ticket was time consuming.
We don't currently have a CMDB, so we are leveraging ServiceNow to build one using their ITSM and ITOM tools. This is a huge gap for us as a company and it will be a big win once this is in place.
The core help desk functions are comparable to most other tools on the market, but SN does a great job of integrating that data with other modules like Problem, Change and Event Management to provide a truly integrated solution.
The tool is expensive, so you will need to try to do as much as you can with the platform. We currently use other systems for HAM and SAM but will be including these in our ServiceNow instance in the future to help maximize our ROI.
