Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
We evaluated several other reports XDR, CrowdStrike, Sentinel One and Cybereason. And at the end on now we purchase the Cybereason mostly for a matter of cost because it's cheaper and we are a relatively small company.
It has more functionality overall and then again, reporting is much better. The ability to prioritize and define our own criticalities, so I think that's a lot better.
Tenable Security Center was a fantastic exposure detection tool but there was always a lag and servers would hang alot when being scanned causing resource traffic. Microsoft Defender for Endpoint on the other hand does not use up most resources soo there is usually noo lag …
Bitdefender was a great platform, but didn't provide as much network insight that Microsoft Defender for Endpoint does. It did not work well as an Endpoint Detection and Response platform. Tenable Security Center was great for vulnerability scanning of the devices on our …
We have reviewed/used ESET and find Defender much better for Endpoints. We have also used McAfee on Servers and have since migrated to Defender on Servers.
I found CrowdStrike to be confusing and complex when it comes to managing assets and incidents around endpoints. While it provides quality intelligence, it lacks a more admin-friendly way of presenting that information. Hence, as I have mentioned in the previous points as well, …
in an overall protection sentinelone is providing better protection for us, but as it comes with subscription's limitation, we have to be really careful in managing the licenses, the MS Defender for endpoint is providing us a decent protection which we are not complaining …
I feel that Microsoft Defender for Endpoint is much better in protecting our Windows based devices as it is developed by Microsoft itself. However, it comes with a little price hike.
For me personally, I can not really compare the two against each other, as they are both really good. For us as a business specializing in MS products, it is a logical choice to have followed.
It excels in detecting unusual behavior on endpoints, offering valuable insights into potential attack paths, and it operates with remarkable speed and responsiveness.
We choose Microsoft Defender for Endpoint as an additional solution to fill gaps and also to keep more of our solutions under one pane of glass (Microsoft 365).
Associate Director - Practice Lead, Network and Systems Engineering
Chose Microsoft Defender for Endpoint
Enterprise Endpoint Protection: Microsoft Defender for Endpoint is well suited for large organizations with numerous endpoints, such as desktops, laptops, and servers, as it provides centralized management and monitoring of security across the entire network. Microsoft …
CrowdStrike Falcon EDR is one the Best solution available in Market ,However, I think they are lack in Threat visibility and Vulnerability assessment& Management for application versions & configurations .
We have evaluated other products, such as Sophos, Trend Micro, and others. The advantage of Microsoft Defender for Endpoint is having a single subscription with Office 365 full packet, antivirus, and one drive with backup all in one subscription. Very easy to manage.
We found products with similar capabilities considering our needs. The opoortunity to test was crucial, and also the fact that Microsoft Defender for Endpoint is a Microsoft tool, since we are running a Microsoft environment for this project. There are a few differences among …
Microsoft Defender gels very well with the rest of the M365 suite of products. The security Dashboard gives one view for Email Security and Endpoint Security. The security events can be generated while getting integrated with SIEM solution or can use its own SIEM offering.