Defender for Endpoint Review
August 12, 2024
Defender for Endpoint Review
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Endpoint
There seems to be a lot of benefit in the product in comparison to some of our other tools that we use. I don't want to talk about what we use specifically though, but we tend right now to fall back on it a lot. So when we want to find bad, usually we resort to using that tool. So far, some of the things that we like about it are how easy it is to use. It seems like kind of a one-stop shop where you can pivot through all the data points. Very simplified. It seems like a lot of the detection capabilities are a lot better and they're easier to implement. So that's kind of where we're at right now, but we don't have a standard process that we use so far with the tool.
Pros
- Alert analysis is pretty easy. It has everything, like I said, one stop shop, all the ways to pivot through the data set and define all the correlated events. Moving to different related events that are associated with the original alerts that you found, creating a timeline and storyline of what happened. Just the graphical user interface is just easy to use. It's intuitive and it's just very easy to navigate.
Cons
- Now this could be my ignorance, but I will say that in terms of other tools that I've used, there tends to be a very similar interface. This one, although it is intuitive through the pivot process to all the different data points that are associated with the security alerts, it's its own thing. Maybe that's my opinion. Maybe it's a degree of ignorance, but it seems like I'm kind of having to learn a different way of how information is set up for better or for worse, but it is different.
- I don't deal with that side of the house, but I would say that in terms of just having a good product, one that we can rely on, kind of used for everything - it fits the bill. I would imagine that that would end up probably being a pretty good value.
- Ease of Use
The quality of the alert analysis functions that it just makes it easier for the typical analyst to understand and to actually get the job done. It kind of takes a lot of the struggle out of it. That's the main reason I think we have a retention issue. It really helps aid with retention or mitigate the issues of retention.
I mostly have just gone into the alert analysis functions and then pivoted through the data sets in relation to the original security alerts that we have from our other systems that we have set up. We use it kind of as a backup, but that's mostly the only thing that I've done with it in terms of all the other individual capabilities, I can't really speak to that.
I don't even know, to be honest, the total, but yeah.
I am a big fan of Tanium actually, so I think it is good. Tanium seemed like it was maybe a little bit easier, but maybe the capability was lacking. Maybe that's the reason why it seems like Defender for Endpoint might be a little harder to understand. There might just be more capability. I think that's my ignorance in that realm, but I'd say they're pretty similar. I'm biased to Tanium, but I hope that maybe eventually I'll be biased to a defender as well. So we'll see. I think that just depends on how much you use a product and ultimately when you really get into the details, the nitty gritty and all your incidents, how it plays out. And I don't think we've gotten far enough to see that though.
Do you think Microsoft Defender for Endpoint delivers good value for the price?
Not sure
Are you happy with Microsoft Defender for Endpoint's feature set?
Yes
Did Microsoft Defender for Endpoint live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Endpoint go as expected?
Yes
Would you buy Microsoft Defender for Endpoint again?
Yes
Microsoft Defender for Endpoint Feature Ratings
Comments
Please log in to join the conversation