Microsoft Defender for Endpoint is an integrated all around Security tool for Windows Devices
August 29, 2023
Microsoft Defender for Endpoint is an integrated all around Security tool for Windows Devices
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is our main line of defense for our devices, users, and servers. It can be centrally configured and is updated automatically via Microsoft Services. It integrates smoothly with the operating system, and utilizes a large amount of resources provided by Microsoft for detection, remediation and investigation, including taking suspect files and expanding them in automatic, online 'bomb' chambers to expand the file and see if there is anything included as a payload.
- OS Integration for detection
- Detection Reporting
- Detection Remediation
- Classification of incidents could be better
- Data is locked behind the expensive sentinel program
- System will fail remediating issues, but not change alert
- Microsoft Defender for Endpoint protects all managed windows devices in our network
- easy to deploy, update and maintain
- integrated with OS, no additional steps required
- Cloud Solutions
- Scalability
- Integration with Other Systems
- Ease of Use
Being a majority Microsoft Services shop currently, the integration and ease of information access via the entire Microsoft Defender for Endpoint family to manage and maintain through a single portal - security.microsoft.com, including Defender for Exchange, O365/Cloud, Servers, Identity and the rest of the family allowed our Security team to decrease response time, and increase the number of managed responses.
Microsoft Defender for Endpoint works on user logins, malware, unwanted software, phishing, and provides remediations or playbooks for the automatic or user initiated response to issues arising from the incidents. In conjunction with MFA/Conditional Access, we have reduced the number of potentially compromised accounts needing investigation by 75%, This has increased our productivity and response times to the breadth of other potential issues that Microsoft Defender for Endpoint detects.
4500 Windows 10 devices, 200 Windows Servers. Integrated with the rest of the the Microsoft Defender for Endpoint eco-system it protects 60000 user accounts, email addresses/exchange accounts, Cloud App access, and general security duties across over 100 distributed sites, and including off network access. The identity portion secures our identities across over 30000 chromebooks and another 2000 ipads for general student use.
At the time, Microsoft Defender for Endpoint was a comparable selection with SentinelOne, but won on one important consideration for Educational Use, cost. Microsoft Defender for Endpoint was including in our Microsoft Enterprise agreement meaning that there was no additional charge for usage on our devices. Microsoft is currently reviewing Endpoint's cost and we may be going back to considering other software for usage.
Do you think Microsoft Defender for Endpoint delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Endpoint's feature set?
Yes
Did Microsoft Defender for Endpoint live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Endpoint go as expected?
Yes
Would you buy Microsoft Defender for Endpoint again?
Yes