Microsoft Defender for Endpoint Review
September 12, 2023
Microsoft Defender for Endpoint Review
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Endpoint
We deploy Microsoft Defender for Endpoint to every workstation that is capable of supporting it in order to help with malware detection and ransomware detection, amongst any other Defender for Endpoint alerts it can detect.
Pros
- We've had very great success with Defender for Endpoint stopping malware. So any new threat or any new emerging threats, it has quickly detected them and stopped them in their tracks. And if it's not able to stop them, it has alerted us so we can go in and manually take intervention. It has done well against particular malware payloads being stopped from being downloaded on the machine as well. I might be crossing a boundary with a different Microsoft product here, but detection of malicious links received through emails and colleagues trying to access websites that they shouldn't be accessing. So it's been particularly good at that stuff.
Cons
- Off the top of my head, I can't think of anything that I can scrutinize. Actually, there was one event that we had to contact Microsoft on to help fix a malicious JavaScript file. So we've had some malicious JavaScript files come into our environment and be undetected by Microsoft Defender for Endpoint. That was one of those instances where we had to take manual intervention and we were not alerted by Microsoft Defender for Endpoint and we did engage Microsoft Support and add a signature definition for it, which helped for that particular instance. However, we've had another JavaScript instance since then that was not detected. So I would say better detection at malicious JavaScript files would be room for improvement.
- Very positive. It has been a very large success after our deployment. It also allows us to get more insight into our workstations and servers, providing system information that otherwise we would have to go grab manually. Instead we have it in a centralized location. It's been a very good impact to our organization.
- Other
The organization as a whole moved over to Microsoft as a primary supplier and the push to go to E five for the security was very highly recommended and it really wasn't much of a discussion. We needed the E five for the protection and so we did it.
Hopefully all of them, but at least I would say 30,000 to 40,000 devices, if not more. So primarily Windows Server and workstations for Windows as well as some Linux platforms such as Red Hat Enterprise Linux. Given that they're capable, we do have some legacy operating systems that are not supported, but we're trying our best to utilize Defender however we can for them.
So we do use Carbon Black Cloud, so endpoint detection response in a few situations where a defender cannot be deployed. It does its job well. I would say Defender probably does it better.
Do you think Microsoft Defender for Endpoint delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Endpoint's feature set?
Yes
Did Microsoft Defender for Endpoint live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Endpoint go as expected?
Yes
Would you buy Microsoft Defender for Endpoint again?
Yes
Comments
Please log in to join the conversation