Microsoft Defender for EndpointFormerly Microsoft Defender ATP
Overview
What is Microsoft Defender for Endpoint?
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation…
A reliable End to end security package.
Perfect Endpoint Security, Exposure Detection and Management Tool.
Microsoft Defender for Endpoint Review
Quick to rollout and get going, but takes some tweaking to optimize.
Microsoft Defender Review
The one stop security shop for the endpoints
Decent Protection for your endpoints
Microsoft Defender for Endpoint, a must for every Windows based IT setup
"Microsoft Defender for Endpoint One of the best tool to manage threat, Vulnerability and Compliance of the endpoints."
Secure workstations with MDE
Defender for Endpoint - First class EDR and more.
A Comprehensive Look at Microsoft Defender for Endpoint. Defending with Style
Defend, Detect, Excel with Microsoft Defender for Endpoint
Microsoft Defender for Endpoint
How Microsoft Defender for Endpoint Differs From Its Competitors
Components
Protection Scope
Components
Protection Scope
Components
Protection Scope
Components
- Attack Surface Reduction helps us proactively block commonly used attack methods by malware (scripts).
- We use Microsoft Defender for Endpoint as a layered approach with other security tools.
Protection Scope
Components
- Vulnerability Management
- Baseline Assessments
- Device Discovery
- Endpoint Security Policies
- Automated Remediation
- Dynamic Device Tagging
- Endpoint DLP
- Web Content Filtering
- Live Response
- Unified integration with Defender for Cloud
- Always remediate PUA
- Device Deception (Preview)
- Download quarantined files
- Evaluatio…
Protection Scope
Components
Protection Scope
Components
1. Centralised deployment of antivirus agent
2. Centralised monitoring of security alerts
3. Vulnerability management
4. Antivirus and anti malware
5. Integration with Microsoft Intune
6. Device …
Components
Endpoint Detection and Response (EDR) : Organizations can investigate security incidents, collect pertinent data, and implement the necessary remediation activities to eliminate and contain threats by using …
Protection Scope
We are protecting over 30 Windows devices for our company, as well as more than 50 Windows and macOS devices for one of our customers. We also use Microsoft Intune to manage over …
Components
2. Advanced Threat Protection
3. Attack Surface Reduction
Protection Scope
Components
Protection Scope
Components
Threat & Vulnerability Management
Intune Integration
Microsoft Defender Antivirus
Microsoft Defender SmartScreen
Attack Surface Reduction
Components
Protection Scope
Components
Protection Scope
Components
Protection Scope
Components
Protection Scope
Components
Protection Scope
Components
Protection Scope
Components
Protection Scope
Components
Protection Scope
Components
- Attack Surface Reduction (ASR).
- Next-generation Protection.
- Microsoft Secure Score for Devices.
- Automated Investigation and Remediation (AIR).
Protection Scope
Components
Protection Scope
Components
Components
Protection Scope
Components
Protection Scope
It manages the endpoint weaknesses …
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Malware Detection (53)8.585%
- Infection Remediation (52)8.282%
- Anti-Exploit Technology (51)8.080%
- Centralized Management (52)7.979%
Reviewer Pros & Cons
Pricing
Academic
$2.50
Standalone
$5.20
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Product Demos
Microsoft Defender for Endpoint Overview
Features
Endpoint Security
Endpoint security software protects enterprise connected devices from malware and cyber attacks.
- 8Anti-Exploit Technology(51) Ratings
In-memory and application layer attack blocking (e.g. ransomeware)
- 8.5Endpoint Detection and Response (EDR)(51) Ratings
Continuous monitoring and response to advanced internet threats by endpoint agents.
- 7.9Centralized Management(52) Ratings
Centralized management supporting multi-factor authentication, customized views, and role-based access control.
- 7.8Hybrid Deployment Support(10) Ratings
Administrators should be able to choose endpoint security on-premise, cloud, or hybrid.
- 8.2Infection Remediation(52) Ratings
Capability to quarantine infected endpoint and terminate malicious processes.
- 8.3Vulnerability Management(50) Ratings
Vulnerability prioritization for fixes.
- 8.5Malware Detection(53) Ratings
Detection and blocking of zero-day file and fileless malware.
Product Details
- About
- Competitors
- Tech Details
- FAQs
What is Microsoft Defender for Endpoint?
Rapidly
stops threats: Protects against sophisticated threats such as
ransomware and nation-state attacks.
Scales security: Puts time back in the hands of defenders to prioritize risks and elevate the organization's security posture.
Evolves the organization's defenses: Goes beyond endpoint silos and mature the organization's security based on a foundation for extended detection and response (XDR) and Zero Trust.
Microsoft Defender for Endpoint Features
Endpoint Security Features
- Supported: Anti-Exploit Technology
- Supported: Endpoint Detection and Response (EDR)
- Supported: Centralized Management
- Supported: Infection Remediation
- Supported: Vulnerability Management
- Supported: Malware Detection
Microsoft Defender for Endpoint Screenshots
Microsoft Defender for Endpoint Video
Microsoft Defender for Endpoint Competitors
Microsoft Defender for Endpoint Technical Details
Deployment Types | On-premise |
---|---|
Operating Systems | Windows |
Mobile Application | No |
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(175)Attribute Ratings
Reviews
(1-3 of 3)Microsoft Defender for Endpoint Review
- Cloud Console
- Cloud based updates
- Live protection
- AV/Malware protection
- Vulnerability Management
- End Point Detection and Response (EDR)
- Onboarding devices
- Device configuration can be challenging
- In order to use this product to its full capabilities, Intune will be required
Vulnerability management is a nice feature. It allows for vulnerabilities to be factored in for an overall exposure score.
Secure Score .
We utilize EDR as well. It makes easier for our Incident Response team to built a timeline. We're using Defender more when it comes to IR.
- EDR
- Vulnerability Management
- AV/Malware protection
- Anti-Exploit Technology
- 90%9.0
- Endpoint Detection and Response (EDR)
- 90%9.0
- Centralized Management
- 90%9.0
- Hybrid Deployment Support
- 90%9.0
- Infection Remediation
- 90%9.0
- Vulnerability Management
- 90%9.0
- Malware Detection
- 90%9.0
- Savings over previous vendor
- ease of administration
- increased SOC SLA
Microsoft Defender holds up to the sales pitch and more
- Great dashboard for the techs on the end of support
- Provides good notifications for the user
- Does a great job quarantining questionable emails that may have suspicious links.
- Stop changing the product name - creates confusion at times
- Able to identify potential issues with files and attachments
- Provides details on the back end so tech staff can determine if it is a real threat, especially if someone decides to share the suspicious file
- Notifications are very clear
- Anti-Exploit Technology
- 90%9.0
- Endpoint Detection and Response (EDR)
- 100%10.0
- Centralized Management
- 100%10.0
- Hybrid Deployment Support
- N/AN/A
- Infection Remediation
- 90%9.0
- Vulnerability Management
- 100%10.0
- Malware Detection
- 100%10.0
- The product has remediated risks
- Raised confidence within upper management after dealing with a breach prior to moving to Defender
- The amount of false positives are very low so it becomes credible
Does not become a resource hog
Holistic approach to Cybersecurity
- Compatible with macOS, iOS, Android, Windows Server, Windows 10 and Linux
- It runs natively on Windows it is not a bolted on solution. Once you have the correct license it is easy enough to light up the application to protect the endpoint
- Integrated with Microsoft Intune
- It is designed to detect and remediate adversary tactics from the MITRE knowledge base.
- Microsoft analyzes billions of signals daily to detect attacks against O365 tenants these same signals are fed into ML to further fine-tune MDE. How many other solutions out there will have access to this vast amount of data to analyze to train their ML?
- Automated detection and remediation of threats with a graphical timeline view of how the treat got into the device and was stopped
- It has its own vulnerability scanner to feed data into the dashboard so you can see daily which endpoints need to be patch first based on its value
- It comes with an advanced hunting tool using the kusto query language to search your tenant for threats
- It can keep 180 days of log data
- From one bundled license I can protect Exchange online email, Sharepoint, Microsoft Teams, One Drive, Azure identities, AD, endpoints
- Web filtering on the macOS it not available yet
- They recently made it easier to on-board macOS endpoints using Microsoft Intune by deploying it as an app. It used to take a lot of more configuration profiles to set up. For older macOS Sierra using the older extensions it will still require the multiple steps to on-board to MDE
- They need to integrate Microsoft Cloud app into the new dashboard of MDE
- Reduce the memory overhead of the mdatp agent running on Linux
- Holistic cybersecurity tool
- Compatibility with all of my OS
- It is like having my own SOC for my small organization
- Anti-Exploit Technology
- 100%10.0
- Endpoint Detection and Response (EDR)
- 100%10.0
- Centralized Management
- 100%10.0
- Hybrid Deployment Support
- 100%10.0
- Infection Remediation
- 100%10.0
- Vulnerability Management
- 100%10.0
- Malware Detection
- 100%10.0
- You will have to move up to Microsoft 365 E5
- You can get rid of other 3rd party security tools and just use the Microsoft ecosystem
- Product Features
- Product Reputation