Microsoft Defender for Endpoint

Formerly Microsoft Defender ATP

Microsoft Defender for Endpoint is a Ai security guard which primarily secures the Organization from ransom ware and fast developing online treats. It is one of the most modern type security service which deals with AI level security treats from end to end devices. It also integrates its services with other Microsoft data management services.

Microsoft Defender for Endpoint is a comprehensive endpoint security solution. We use it for protection against exposure because it is our antivirus platform. As our post breach and vulnerability detector it provides us with a hawk eye view of our endpoints of our networks. It's integration with AI makes it even a more enhanced tool for detecting threats in advance. It then recommends and takes rectification actions to prevent the happening of the probable attacks. It is a quite simplistic tool that provides visuals and insights to represent the attacks and loopholes from where they came from. This detailed information helps further investigate incidents and alerts before they occur, preventing any extreme damage on our network endpoints.

We use Microsoft Defender for Endpoint as our antivirus/antimalware platform, as well, as our Endpoint Detection and Response and vulnerability scanning platforms. It provides a lot of visibility to the endpoints on our network and recommendations for how to remediate issues and vulnerabilities that are detected. It also provides visual representations of attacks, with detailed information about where the attack originated from.

We use Microsoft Defender on all Endpoints within the organization. 10,000+

Microsoft Defender is the best solution for end-point protection it also comes with EDR and any organization looking for consolidated solution then Microsoft provides the integrated security.

Microsoft Defender for Endpoint is being used an EDR and vulnerability management tool for our organization as well as for our clients. The use cases for this tool is primarily includes automating responses to incidents, performing weekly vulnerability assessments and managing endpoint security policies across the organization. We also employ it to set up evaluation labs for specific scenarios occasionally.

We are using this protection as part of the M365 subscription to some of our users, I must admit the all in one package with the collaboration tools is something unique that you cannot find in other subscription based, it is doing what it supposed to do, if not better, which is protecting our end points and bring the additional safe feelings to both IT and our users,

This is being used for our end point devices' protection that includes antivirus and malware protection. it is implemented to all of our M365 subscribers ( around 200 of them ) and till date are satisfied with the protection given to our machines

I used it to protect our computers from malware and viruses. Another requirement was centralised management of remote and on-premise computers. Using the centralised console, I was able to remotely install MDE and also verify if the virus definitions have been updated or not. Zero day protections was also a requirement which seems to be fulfilled by Microsoft Defender for Endpoint.

Organization faces a difficulty with security. It supports my organization against contemporary cybersecurity risks and challenges. It aids in overcoming the difficulty of responding to incidents and detecting threats. It integrates seamlessly with Microsoft's infrastructure overall and with workloads. We can better understand threats and prepare for upcoming cyberattacks with the use of proactive threat intelligence and analytics. Our tech support can respond to threats and security issues more quickly thanks to its integration with siem and incident management solutions.

Microsoft Defender for Endpoint offers exceptional threat insight and protection. Its KQL powered Advanced Hunting provides deep analysis. The MITRE Attack Framework integration effectively blocks advanced attacks. Vulnerability Management identifies and addresses weaknesses. The user-friendly interface and seamless integration make it a top choice for robust cybersecurity defense. Highly recommended for comprehensive EDR.

Microsoft Defender for Endpoint is an excellent EDR solution that integrates very well with the XDR products in Sentinel. It is used as an AV and EDR solution for all endpoint devices based on different operating systems. All servers are protected as well by using the Defender for Cloud licensing. The product is part of a multi-layered security solution based on all the Microsoft Defender products and Sentinel. All incidents are handled in the Defender portal.

Protecting the endpoints of our company, which include computers, laptops, and servers, is the main purpose of using Microsoft Defender for Endpoint in our organization. Our organization typically use MDE for Threat Detection. It keeps an eye out for indications of malicious or suspicious conduct on endpoints. It notifies the security team when it detects any threats.

Defender for Endpoint isn't just a static tool; it evolves alongside the rapidly changing threat landscape. Its integration with other Microsoft products, like Azure Defender and Microsoft Defender for 365, creates a unified security experience. Plus, the utilization of AI and ML for advanced threat detection, combined with the power of Kusto Query Language (KQL), has significantly enhanced our investigative capabilities.

Since we have adopted Microsoft Defender for Endpoint, managing Cyber Security got way less complex, way more simplified, and easy to manage. Not only this, but we also have peace of mind knowing that it works and does what it says it can do. Not only for us but also for our client base we look after.

The defender is deployed on all the end-user devices and servers except for a few legacy servers, and it is very easy to deploy and has good offline and online detection ratings. The agent is very easy to handle, and updates are easy to push with minimal effort and has a wide range of detections for Windows, Linux, and Mac OS. It gives very fast and optimal scanning results with minimal CPU utilization.

As a system administrator it was important for me to utilize all available resources I have to protect the organization and its data. When we updated our licensing for our MS 365 implementation we opted to use Microsoft Defender for Endpoints to additional protection for our devices with proactive, instead of reactive, strategies made possible with MS Defender for Endpoint.

We use Microsoft Defender Endpoint to check incoming E-mail and PDF, ZIP and xlsx files for viruses. Incoming E-mail without or with attachments or downloaded files can contains viruses, malware or other dangerous components.We receive daily many E-mail, some with attachments, and our customers upload many files to our servers. This should not cause any security problems

We use it for endpoint protection on Microsoft VMs. It addresses the problem to provide centralized management, visibility of all the endpoints. Also helps to protect against zero-day vulnerabilities. It provides Threat Protection, Endpoint Detection and Response (EDR), Advanced Analytics, Security Configuration Management, Integration with Microsoft 365 Security, Automated Response and Threat Intelligence.

Microsoft Defender for Endpoint gives us unique opportunity to more tightly integrate into the OS . Cloud Based Light-weight agent, powered by behavioral sensors. We were looking Intelligence Security Graph to integrate detection with other Microsoft products, to track back the response the attack. Microsoft threat hunting service is integrate with Microsoft Defender for Endpoint product. Microsoft also provide a separate per user service where customers can directly interact with threat hunting experts.

In the past we used another endpoint protection, we use also Office 365. With Defender for Endpoint, we have now a unique tool and subscription for every laptop and person, the system seems secure and reliable, lightweight, and of course fully compatible with our environment of Windows PCs. It works very fine.

Microsoft Defender for Endpoint was deployed (and it is still running) to support a project including online training platforms via mobile devices. Microsoft Defender for Endpoint was selected to manage the security of all devices conected to this online learning ecossystem. Security became a big priority, when it was decided that this channel would be used to provide confidential information about new products.

Defender for Endpoint is used as the mainline endpoint security product for a number of our MSP clients. Implementing a product that was integrated with the core O365 product suite used by so many of our clients was a no brainer. It also served as a key trigger to get clients to upgrade to Business Premium licensing, unlocked a range of other security benefits.

We are using this as our endpoint AV. We migrated from Trellix to Defender very recently. This was not a pressing point for us except our org was moving from G-Suite and Microsoft a very good deal for the Collaboration and Security Infrastructure. We have only used the product for EDR and for ATP. The overall performance of our endpoints are good till now. There were slowness reported in the older versions of Defender but with M365, we did not notice any significant slowness of system performance. One major plus is the security dashboard which gives you a very good view of the reports for CISOs.

Defender for Endpoint provides a platform that allows our analysts to quickly and accurately answer important questions during investigations.Most importantly, by simulating these capabilities in the API, we can more efficiently provide high-quality detection and response based on the Defender for Endpoint platform. Microsoft Defender ATP mainly has built-in Threat & Vulnerability Management (TVM), which is a risk-based approach to discover, prioritize and repair vulnerabilities and incorrect configurations of each endpoint to prevent current and future threats and vulnerabilities! TVM can effectively identify, assess and repair endpoint defects, and at the same time score the enterprise's vulnerability level. Therefore, it is very important for IT personnel to implement computer security and health plans and reduce risks to the company's organization.

We use this product enterprise-wide on all of our workstations and servers. It aids in securing the endpoints and users as well as providing easy auditing and reporting on the back end of it all. It allows us to scan at will and/or schedule scans. It also provides real time protection. When an issue is detected the alert system is immediate. Overall, a very solid option for us.