Defender for Endpoint - First class EDR and more.
October 26, 2023
Defender for Endpoint - First class EDR and more.
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is an excellent EDR solution that integrates very well with the XDR products in Sentinel. It is used as an AV and EDR solution for all endpoint devices based on different operating systems. All servers are protected as well by using the Defender for Cloud licensing. The product is part of a multi-layered security solution based on all the Microsoft Defender products and Sentinel. All incidents are handled in the Defender portal.
- One of the strong points is that AI is tightly integrated into the platform, which leads to excellent detection.
- Vulnerability management is very useful for assessing tracking, and mitigating threats across all protected devices.
- KQL integration is very good.
- Licensing between Defender for Endpoint and Servers is complicated.
- Deployment has improved but is not really streamlined. There is no single installer available and no single way of deploying settings.
- The Defender portal is rich in information but can be complicated to use.
- Less license costs because of integration.
- Better detection of threats and vulnerabilities.
- Deployment was not always very smooth and took some time to become reliable.
- Scalability
- Integration with Other Systems
Microsoft Defender for Endpoint is a service that scales very well, be it in size or in different locations. The integration part is the biggest driver for choosing Defender for Endpoint, especially since the M365 platform is in use.
EDR, Auto investigation & remediation Threat & Vulnerability Management Attack Service Reduction rules Secure Score for Devices Network Discovery. Basically, all features for clients are managed with Intune as MDM; Servers are managed with Azure Policy and GPO. Linux machines have custom scripting for deployment.
Around 60 clients (Windows/Mac), 20 server workloads (Windows and 5 Linux systems.
Do you think Microsoft Defender for Endpoint delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Endpoint's feature set?
Yes
Did Microsoft Defender for Endpoint live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Endpoint go as expected?
No
Would you buy Microsoft Defender for Endpoint again?
Yes