Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)

Live Protection works well, it almost renders scheduled scans pointless.
Vulnerability management is a nice feature. It allows for vulnerabilities to be factored in for an overall exposure score.
Secure Score .
We utilize EDR as well. It makes easier for our Incident Response team to built a timeline. We're using Defender more when it comes to IR.

[Microsoft Defender is a] great product for standard office users. It does not become a resource hog, yet does the job well.

Small or large organizations will benefit from using MDE. They need to provide a way to buy MDE as a standalone add-on product not only make it a bundled feature in Microsoft 365 E5. I wish it had the ability to deploy updates to 3rd party apps when the vulnerability scanner discovers a vulnerability. Currently, I have to use a 3rd party tool to address this gap.

The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session.

Microsoft Defender Advanced Threat Protection is the perfect solution for a company that is completely invested in a Microsoft environment. We have Windows 10 machines joining our Azure Active Directory. We use Exchange Online for emails, and it feels like Defender ATP gives you visibility into each and every corner of our environment. It's super lightweight and fairly easy to deploy (though we had some isolated difficulties), and end users seem to not notice it, which is, in my opinion, a very positive thing.

Where it may not be great is in mixed-OS environments. It requires a bit of determination to get ATP installed on OSX or Linux. While these platforms do get fewer viruses in general, it's good to have the layer of visibility and security for web and browser based threats.

Every time I've had a question or a problem, I was able to get it addressed quickly. Microsoft has a huge database for ATP support, and it has contained 90% of what I have looked for. It was a lifesaver during initial setup.

In my opinion, It is well suited for small start-ups and entrepreneurs who have just started doing business. But when the amount of client data that you hold increases, you should not completely rely on Windows Defender. Another paid antivirus will definitely be recommended. But, I think they have really stepped up their game recently in terms of updating the software and virus definitions.

I gave it a 7 out of 10 as I feel that there is still a lot of room for improvement. I remember how back in the day the software was looked down upon because of it being an unreliable and inefficient antivirus. But, Microsoft has really put in the hard work and made it worthy for it to be comparable to all the other security services out there.

MS ATP is great for any organization that wants to protect itself from AV, malware, spyware, and ransomware threats. I can't imagine any organization doing without an AV protection provider. Small deployment can get expensive compared to the competition.

MS ATP has great integration into the MS Product line but some 3rd party application throws false-positive results. For smaller deployments, MS ATP can be expensive compared to 3rd party providers. But overall the performance and detection have been great with MS ATP.

It would be well suited in an environment where most all your endpoints are Windows-based computers, as Windows Defender is already built into the operating system, so there is no client to have to worry about installing. It also will make the management of endpoints easier on the server side, if most all machines are Windows-based.

It might be less of ideal solution if a company/organization were looking for something more robust, or had a lot more features/configuration settings. It also might be less ideal for a company/organization that was looking for a product that didn't have a high detection rate of false positives

Overall support is really good for this product. Since it's a Microsoft product, you will get good support from a number of different resources, including knowledgebase articles on the web, support from Microsoft technicians, and documentation (which tends to very thorough). Also, there is a vast user support community for this product, so user support forums would also be another valuable channel to get help if needed. I don't envision too many people will have issues/problems with the product, as it tends to run good overall.

Windows Defender is highly recommended for company employee's computers because it will be able to detect most viruses and protect files well without slowing down the computer. I recommend using it with Windows 10 as it is already natively in the system and works very well on it, and is always updating on Windows updates.