Microsoft Defender for Endpoint

Score8.8 out of 10

285 Reviews and Ratings

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.

Categories & Use Cases

Endpoint Security

Media

1 / 5

Screenshot of blocked activities

Malware Detection
Detection and blocking of zero-day file and fileless malware.
Category average: 9.1
Endpoint Detection and Response (EDR)
Continuous monitoring and response to advanced internet threats by endpoint agents.
Category average: 9.2
Anti-Exploit Technology
In-memory and application layer attack blocking (e.g. ransomeware)
Category average: 8.9

Centralized Management
Centralized management supporting multi-factor authentication, customized views, and role-based access control.
Category average: 8.7
Vulnerability Management
Vulnerability prioritization for fixes.
Category average: 8.6
Hybrid Deployment Support
Administrators should be able to choose endpoint security on-premise, cloud, or hybrid.
Category average: 8

#1 most frequent

Professional, Scientific, and Technical Services

24.7%

770 installations of 3,115

“First thing I use in this product for no more than the employee devices, right?”
— Cybersecurity Senior Engineer, Maureen Data Systems (MDS) (201-500 employees)

#2 most frequent

Manufacturing

12.0%

373 installations of 3,115

#3 most frequent

Finance and Insurance

11.9%

372 installations of 3,115

“It has positive impacts because of the integration with all our Microsoft projects.”
— Security Admin, Chevron Federal Credit Union (201-500 employees)

Cathy Spence

Cecil at Argus Insight (51-200 employees employees)

Use Cases and Deployment Scope

Scope of use case is the title, link file, RNK, and file. Malware

Pros

I get a good rest. Static file Detections of malware are updated quite often and are also quite effective. And overall has more.

Cons

So far, it has not been detecting the link. File. Malware for changes that we are facing where you buy separately from simple anti, let the link file malware problem.

Return on Investment

It's malware detection, so it didn't apply any objectively; it didn't really apply any bit objectively is anti-slideshare.

Usability

Patrick Lendi

IT Manager in Information Technology at Kaba Delivery (51-200 employees employees)

Use Cases and Deployment Scope

We use the Microsoft Defender for Endpoint to protect data at the endpoints. Helps to keep employees laptop, desktops, phones and other devices secure and protect against cyber threats. Offers a strong encryption scheme that helps to protect data organizational data from getting in wrong hands in-case of lost of a device.

Pros

Protects devices from cyber attacks ( Malware and Spyware)
Responding to threats in real-time.
Automates cyber threat protection and response.
Seamless integration with Microsoft ecosystem.
Offers reliable security monitoring.

Cons

Learning curve for advanced features.
False positive in occasional instances.

Return on Investment

Enhances security at the endpoints.
Helps to boast productivity by elimination of interruptions.
Enhances compliance and disaster recovery.

Usability

Other Software Used

Barracuda Backup, Microsoft 365

John Lee

IT Director in Information Technology at Fleurco Products Inc. (51-200 employees employees)

Use Cases and Deployment Scope

[...] is a manufacturing company headquartered in Montreal. We have offices across Canada and the United States. Microsoft Defender for Endpoint is deployed across our entire organization. Having a cloud based solution with a single pane of glass to manage all our assets is of the highest importance to us. Being able to receive immediate alerts when suspicious activity occurs has been extremely helpful in keeping our risks at a minimum. Microsoft Defender for Endpoint management is also smart enough to not send several alerts when an attack could be hitting multiple targets within a certain time frame or it's the same attack multiple times.

Pros

Consolidate alerts so you are not overwhelmed
Integrates with Microsoft products
Already licensed if you're using Office Premium or higher enterprise licenses

Cons

Management Interface needs work
Digging through analysis is not always informative
Constant clicking around to find all the relevant information

Return on Investment

Microsoft Defender for Endpoint has alerted our team when users clicked on phishing links in emails and we were able to prevent any harm
When a website frequently visited was compromised, Microsoft Defender for Endpoint quickly quarantined the file that was auto-downloaded.
The alerts for the website download were all consolidated to one incident making it easier to manage.

Usability

Return on Investment

We have Microsoft Defender for Endpoint installed across our entire organization with offices in Canada and the United States. All our workstations are Microsoft Windows based. Our servers are all Microsoft Windows Server and we have a few on-premise servers at our headquarters as well as several hosted on Microsoft Azure.

Alternatives Considered

BlackBerry Protect (CylancePROTECT) and BlackBerry Optics (CylanceOPTICS)

Other Software Used

Sage 300, WatchGuard AuthPoint

Verified User

Engineer in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

We use it to monitor alerts and incidents, respond to them, gather data, and threat hunt.

Pros

Particularly well. It gives a clear picture when alerts come in. We’re able to dig deep into the process or file that’s generating the alert, so that’s very helpful.

Cons

Room for improvement: better whitelisting capabilities. That’s the number one thing I would love to have.

Return on Investment

Mostly poisitive.

Return on Investment

2000, we're supporting Windows.

Verified User

Executive in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

What I can divulge now is that we went from a 60,000 to a 100,000 employee environment, and as part of the acquisition of the new company, we were very worried about insider threats and what disgruntled employees could do. Therefore, it was something that we had to really up the ante in terms of its deployment to oversee internal and the enterprise security posture of the firm.

Pros

I think from a scalability perspective, it’s incredible. It fits very well with our Azure stack, and we’re constantly adopting more and more different Microsoft products. But I think the key thing is ease of use. Its scalability, and it’s just that, enterprise-wise and in terms of control, we can actually centralize it as well.

Cons

I think we’re quite satisfied with it at the moment in terms of its deployment. I can’t think of any enhancements. We’ll run an assessment soon, but no, nothing at the moment.

Return on Investment

Return on investment, we’re still yet to evaluate. I could honestly say it makes the board of directors sleep at night because it is a great tool, and the way we’ve explained it from a monetary perspective—it’s too early to say at the moment.

Usability

Return on Investment

So Windows, definitely, and Solaris installations, which is Linux as well. How many? We’re talking about maybe 60,000.

Symantec Endpoint Security

Sophos Intercept X

CrowdStrike Falcon

Microsoft Defender for Endpoint

What is Microsoft Defender for Endpoint?

Categories & Use Cases

Media