Microsoft Defender for Endpoint

Formerly Microsoft Defender ATP

It is easier to use and has good reports and it's performance is efficient.

We are already familiar with Microsoft security service like de fender xdr and denfender 365 and it was much easy to learn and deploy this added enhanced security layer to our company.

It's ease of implementation especially in the initial setting up process and the awesome customer support we got from the technical team really made it stand out from others.

Before we chose to move forward with Microsoft Defender for Endpoint, we had three different platforms that were performing the tasks of vulnerability scanning, antivirus/antimalware and SIEM. Now, with Microsoft Defender for Endpoint, we've been able to integrate these into one platform and seamlessly integrate with other Microsoft security applications for even greater insight.

Our biggest influence was selecting a product that works well with our current product portfolio and the ease of implementation. It has also been fairly easy to manage after getting past some of the initial setup tasks. Overall, this has been a lot easier to setup and use than any other endpoint protection software.

It comes with complimentary with Microsoft O/s - with that, it secures your endpoint.

The depth and quality of logs provided by Microsoft Defender for Endpoint (especially for Windows endpoints) is exceptional and arguably the best in market. Due to this we have been getting very detailed activity timeline in incidents and an accurate software inventory in vulnerability management. While the onboarding process is a little complex, but it completely makes up for the fact that there are a wide array of actions that can be taken directly form the portal on the onboarded devices.

This is part of the M365 offerings that we bought, so it comes by default, as this can be an additional protection layers for us with no additional cost, it is something that we will consider in the future from economic stand point

As it is being offered as SaaS, there is no cost for deployment and it offers a great scalability for our organization

Our IT environment is basically based on Microsoft products. Hence, it was beneficial to use Microsoft Defender for Endpoint as the product for endpoint protection. It can easily get integrated with Microsoft Intune which was a big plus for us. Furthermore, being cloud based helped us in covering the remote devices also.

Many security features, such as advanced threat detection, real-time response, vulnerability management, and compliance capabilities, are available with Microsoft Defender for Endpoint. It might be appealing to businesses looking for a complete endpoint security solution. My organizations already using Microsoft products, the familiarity of the interface and tools can make the transition to Microsoft Defender for Endpoint smoother. IT teams and end-users may find it easier to adapt to a solution that aligns with their existing knowledge.

Easy to use. More features.

Microsoft Defender for Endpoint is a service that scales very well, be it in size or in different locations. The integration part is the biggest driver for choosing Defender for Endpoint, especially since the M365 platform is in use.

Primarily, it's a cloud-native solution, leveraging the inherent Microsoft Defender within the Windows operating system. The process of connecting a device to the MDE portal is straightforward and uncomplicated. Additionally, unlike on-premises EDR solutions, it doesn't require a separate server to host the entire solution.

The seamless integration of Microsoft Defender for Endpoint with other Microsoft security products, such as Azure Defender and Microsoft Defender for 365, was a primary consideration. This integration created a unified security experience, enabling us to manage our security operations efficiently and cohesively. The ease of use also played a role in choosing it.

We are a Microsoft House, and trusting the product makes it easier to adopt and implement.

Defender for Endpoint's capabilities in endpoint detection and response deliver exceptionally advanced, almost real-time attack detection, enabling swift and effective action. Security analysts can promptly prioritize alerts, gain a thorough understanding of the breach's extent, and take immediate actions to mitigate threats. Upon identifying a threat, the system generates alerts for analysts to assess. Alerts sharing common attack techniques or linked to the same attacker are amalgamated into a single entity known as an "incident." This amalgamation of alerts simplifies and streamlines the investigative and remediation process for analysts as they collaborate to tackle these threats.

We are a Microsoft house so it was not a hard decision. But, because we are so ingrained with Microsoft 365 it just made sense when we started talking about what we could do to improve our overall security stance and protect the organization as a whole.

We decided to use Microsoft Defender because the simplicity to install, upgrade and use. In addition the reliability of the virus scan.

Reduction in Security Incidents: By effectively detecting and mitigating security threats, Microsoft Defender for Endpoint can lead to a reduction in security incidents, which can translate into cost savings associated with incident response, recovery, and potential legal consequences. Preventing Data Breaches: Avoiding data breaches can result in significant financial savings, as the costs of data breach notification, forensic investigations, regulatory fines, and damage to an organization's reputation can be substantial.Improved Productivity: Enhanced security can lead to increased employee productivity by reducing the downtime and disruptions caused by malware infections or other security incidents.

Microsoft Defender for Endpoint provide IT hygiene , Gives visibility into enabled products on endpoints & also provide strong remote remediation .

Microsoft Defender for Endpoint assist the customer in Full endpoint event collection & collects log for further analysis for ATP & Sandbox. According Gartner magic Quadrant for EPP Microsoft Defender for Endpoint score high in ability to execute & forward learning organizations.

Seems like a repetition, but for me, the very plus of this solution and what influenced me to change and adopt this solution was the "one subscription for all the service I need." All the integration, the simplicity, one point of contact, and of course, some money less than other solutions.

Two main factors:

1. it is a Microsoft solution (it was an important factor considering other solutions that were part of the project).
2. We made a pilot to better understand how it would be to deploy and manage the solution, and it did run very well. It gave us confidence to choose this solution.

Cusotmers are already on Office 365 and are bombarded with Microsoft marketing, so it is an easy sell to use the integrated toolset.

Device Threat Analysis and Score: Microsoft Defender antivirus software collects underlying system data used for threat analysis and the device's Microsoft Security Score. This will provide your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture.