Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
As we are using 90% of Windows devices and laptops in our organisation we figured out that Microsoft Defender for Endpoint is a better solution for us as compared to above solutions mentioned. It is very easy and convenient to use this solution with Windows devices. The …
I feel that Microsoft Defender for Endpoint is much better in protecting our Windows based devices as it is developed by Microsoft itself. However, it comes with a little price hike.
At the time, Microsoft Defender for Endpoint was a comparable selection with SentinelOne, but won on one important consideration for Educational Use, cost. Microsoft Defender for Endpoint was including in our Microsoft Enterprise agreement meaning that there was no additional …
In my opinion, Microsoft Defender for Endpoint is inferior to the competition. Combined with Huntress it is good (they are designed to integrate), but in my opinion, no need to use the paid version of Microsoft Defender for Endpoint when combining with Huntress, so not really …
We ended up going with Microsoft Defender for Endpoint as it came with the biggest breadth of offerings compared to the other solutions we reviewed. With a lot of the other potential solutions we felt like we would of needed to augment them to get the value we would get out of …
I would say not to name specific company names, because I'm a partner with one of them and that's the account that I work with. But I use some competing solutions that I would say are pretty heavy from an overhead perspective with the agent that has to be installed in the …
We evaluated several other reports XDR, CrowdStrike, Sentinel One and Cybereason. And at the end on now we purchase the Cybereason mostly for a matter of cost because it's cheaper and we are a relatively small company.
It has more functionality overall and then again, reporting is much better. The ability to prioritize and define our own criticalities, so I think that's a lot better.
Tenable Security Center was a fantastic exposure detection tool but there was always a lag and servers would hang alot when being scanned causing resource traffic. Microsoft Defender for Endpoint on the other hand does not use up most resources soo there is usually noo lag …
Bitdefender was a great platform, but didn't provide as much network insight that Microsoft Defender for Endpoint does. It did not work well as an Endpoint Detection and Response platform. Tenable Security Center was great for vulnerability scanning of the devices on our …
We have reviewed/used ESET and find Defender much better for Endpoints. We have also used McAfee on Servers and have since migrated to Defender on Servers.
I found CrowdStrike to be confusing and complex when it comes to managing assets and incidents around endpoints. While it provides quality intelligence, it lacks a more admin-friendly way of presenting that information. Hence, as I have mentioned in the previous points as well, …
in an overall protection sentinelone is providing better protection for us, but as it comes with subscription's limitation, we have to be really careful in managing the licenses, the MS Defender for endpoint is providing us a decent protection which we are not complaining …
For me personally, I can not really compare the two against each other, as they are both really good. For us as a business specializing in MS products, it is a logical choice to have followed.
It excels in detecting unusual behavior on endpoints, offering valuable insights into potential attack paths, and it operates with remarkable speed and responsiveness.
We choose Microsoft Defender for Endpoint as an additional solution to fill gaps and also to keep more of our solutions under one pane of glass (Microsoft 365).
I would say, where it's well suited as certainly any device where you know that either you're potentially running a Kickstarter device as your own personal unit, but maybe you want to try to connect it to some resource like, "Hey, you know what? This is a small community device. Maybe I'll try connecting my email on the go." You're protected from that perspective with the vendor, even if it's something that might be a bit suspicious from a hardware perspective. There's also the case where any device that you know are running Defender for endpoint that you're good to go. You don't really have to worry about all the other solutions out there because Defender has recovered.
It integrates perfectly with Azure Sentinel. I mean, that's great. We can have a single pane of class with other platforms, like Defender for Cloud, Defender for endpoints, and Defender for servers, which is awesome as well. The ease of deployment is because Microsoft made sure around a year ago that every single workstation with Microsoft Windows came with Defender for Endpoints embedded.
While it's a very good product for auditing, it has a very hard time to distinguish what is malicious and is an attack, what is not. Very rarely we get indication of a real malicious attack. We got lots of hours for off the shelf malware that it cleans up automatically. So basically we never get to look at it, which is a positive thing, but threats are detected by the third party endpoint, so it will not be enough by itself.
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Tenable Security Center was a fantastic exposure detection tool but there was always a lag and servers would hang alot when being scanned causing resource traffic. Microsoft Defender for Endpoint on the other hand does not use up most resources soo there is usually noo lag during scanning and it also provide more detailed insights on the network. Also Microsoft Defender for Endpoint integration power has helped us up our security game by delivering a smooth secure network.
Positive : Microsoft Defender for Endpoint offers sophisticated threat detection and response capabilities, putting it into use helps increase security. Reduced security incidents, data breaches, and related expenses may arise from this.
Positive : A more secure environment means less time and effort spent by IT and security teams on remediation and incident response.
False Positives: Like any security solution, false positives can occur, leading to unnecessary investigations and potential disruptions to business operations. This may require additional resources to manage.