Likelihood to Recommend Usually we had lots two platforms tasked with scanning exposures, anti-malware and provision for information and threat management. But with Microsoft Defender for Endpoint we have an all inclusive platform that even integrate with other Microsoft security apps such as Microsoft Defender for Cloud for enhanced threat insights and visibility.
Read full review I've been using this product since it began as an open source product, I really like it and for the money, I think it's probably the best choice for most companies who need a product like this. Over the years I've seen the interface change quite a bit and sometimes I think it's a bit unclear how to do certain things and the different packages can be confusing, these are the only reasons I'm giving it a 9 instead of a 10.
Read full review Pros It provides a unified security experience when combined with other Microsoft products such as Microsoft Defender for 365 and Azure Defender. It has an excellent dashboard and centralized view that make it easy to see and control everything from one location. It's an EDR tool designed to help you understand incidents and alerts better. Real-time detection of attacks and prompt endpoint device responses. It effortlessly interacts with additional Microsoft security products. Read full review Setup of the internal scanner was fairly simple and straight forward. An update came out for the internal scanner that allows you to add an Internal Certificate Authority for lookup. Has automated reporting to keep executives and compliance departments informed. Internal scanner can be configured to auto-update itself. "Recast Rules" allows your organization to redefine a vulnerabilities' classification, if it is not applicable or your disagree. External PCI scans allow you to remediate before submitting to Tenable.io for review. Tenable.io staff was very patient and helpful. They provided some limited guidance with remediation. Internal and External scans can be automated. schedule for the automated scans is very granular. Read full review Cons Does not allow for remediation from the management console. The ticket system doesn't alert the person assigned to the ticket. You have to submit requests for whitelisting applications. Scanning exclusions are tricky to find. Adding devices, especially Apple devices, is very cumbersome. Read full review Expensive - You do pay a slight premium for the best product in the space. Asset management is difficult to work with if you have a lot of asset turnover, the license can be ''held'' for 3-6 months after the asset is gone from your environment. Read full review Likelihood to Renew We like to renew tenable each year we have had it so far.
Read full review Support Rating The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Read full review Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.)
Read full review Alternatives Considered in an overall protection sentinelone is providing better protection for us, but as it comes with subscription's limitation, we have to be really careful in managing the licenses, the MS Defender for endpoint is providing us a decent protection which we are not complaining about, why we chose them ? as mentioned, this is coming with our subscription
Read full review Tenable.io has a comparable set of features, with excellent support and a competitive price. After less than desirable experiences with another company, we moved to Tenable and haven't looked back since.
Read full review Return on Investment By providing robust threat protection, Defender for Endpoint can prevent downtime caused by security issues. Employees can work without interruptions, leading to increased productivity. By significantly decreasing the frequency of security incidents like malware infections and data breaches, Microsoft Defender for Endpoint can protect your network. The cost of incident response, cleanup, and potential regulatory fines are reduced as a result of the decrease in events. The implementation and configuration of Microsoft Defender for Endpoint may require an initial investment in licensing, training, and deployment, which can temporarily affect ROI. The cost of licensing can be substantial, especially for larger organizations. This cost needs to be factored into the ROI calculation. Read full review Since this is a requirement for our PCI compliance and the cost is relatively low, the ROI isn't really something we need to think too much about, Tenable's pricing is fair and affordable. Read full review ScreenShots Microsoft Defender for Endpoint Screenshots