Microsoft Defender for Endpoint Review
February 07, 2024
Microsoft Defender for Endpoint Review
Score 7 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Endpoint
We use Microsoft Defender for Endpoint as our antivirus/antimalware platform, as well, as our Endpoint Detection and Response and vulnerability scanning platforms. It provides a lot of visibility to the endpoints on our network and recommendations for how to remediate issues and vulnerabilities that are detected. It also provides visual representations of attacks, with detailed information about where the attack originated from.
- Detects attacks as they happen.
- Detects potential attacks.
- Detects abnormal user behavior.
- Does not allow for remediation from the management console.
- The ticket system doesn't alert the person assigned to the ticket.
- You have to submit requests for whitelisting applications.
- Scanning exclusions are tricky to find.
- Adding devices, especially Apple devices, is very cumbersome.
- Centralized management is nice.
- The visibility into the endpoints is helpful.
- It integrates well with other Microsoft security platforms.
- Cloud Solutions
- Scalability
- Integration with Other Systems
Before we chose to move forward with Microsoft Defender for Endpoint, we had three different platforms that were performing the tasks of vulnerability scanning, antivirus/antimalware and SIEM. Now, with Microsoft Defender for Endpoint, we've been able to integrate these into one platform and seamlessly integrate with other Microsoft security applications for even greater insight.
We are using everything related to the endpoint and to network devices. We have installed Microsoft Defender for Endpoint on our desktops and laptops. We have also implemented the network vulnerability scanning functionality that scans our network appliances and alerts us of any vulnerabilities.
We currently have the Microsoft Defender for Endpoint agent installed on about 1600 endpoint devices on our network. These include Windows and Apple laptops and desktops. We are also scanning Cisco routers and switches. We are looking for a way to roll out the installation on mobile devices, in the future.
Bitdefender was a great platform, but didn't provide as much network insight that Microsoft Defender for Endpoint does. It did not work well as an Endpoint Detection and Response platform. Tenable Security Center was great for vulnerability scanning of the devices on our network, but was a resource hog and the server would lock up a lot. It would also cause certain servers to lockup when they were being scanned. Microsoft Defender for Endpoint does not consume as many resources and does not lockup the devices when they are being scanned. It also provides a lot of useful insight into the devices on our network.
Do you think Microsoft Defender for Endpoint delivers good value for the price?
Not sure
Are you happy with Microsoft Defender for Endpoint's feature set?
Yes
Did Microsoft Defender for Endpoint live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Microsoft Defender for Endpoint go as expected?
Yes
Would you buy Microsoft Defender for Endpoint again?
Yes