We compared Microsoft Defender for Endpoint and Deep Instinct Prevention Platform based on users' reviews in six categories. We reviewed all of the data and you can find the conclusion below.
Features: Microsoft Defender for Endpoint excels in file protection, encryption, and ransomware defense. It integrates seamlessly with other Microsoft security products. Users appreciate its user-friendly interface and scalability. Users were impressed by Deep Instinct’s AI-driven approach and ability to detect and prevent zero-day malware. They also appreciate its proactive defense mechanisms.
Room for Improvement: Users say Microsoft Defender for Endpoint should improve its central console and auto-recovery feature. Users also requested better reporting capabilities and integration with third-party platforms. Deep Instinct Prevention Platform could improve its documentation, forensic capabilities, and logging system. Users say Deep Instinct’s AI model could be more transparent, and the solution could be better adapted to multi-tenant use cases.
Service and Support: Microsoft customer service garnered mixed feedback. Some praised the fast response times and expertise of the support engineers, while others were dissatisfied with slow replies and a lack of coordination among the support teams. Users praised Deep Instinct's customer service and support for their swift response and overall helpfulness.
Ease of Deployment: Microsoft Defender for Endpoint's setup is straightforward, especially when it’s preloaded on Windows 10. While it can be more complex for larger organizations, it is generally considered simple, particularly for smaller companies or those familiar with Microsoft environments. Deep Instinct Prevention Platform is somewhat complex to set up, requiring multiple steps and some training. The total deployment time may take months.
Pricing: Reviewers say Microsoft Defender for Endpoint is fairly priced, noting that it is typically included for free with Windows or Microsoft Office 365 subscriptions. However, some users believe that Microsoft's pricing could be more affordable, and others noted that their licensing models can be complex. Deep Instinct Prevention Platform is cheaper than many competing solutions, and support is included with the basic license.
ROI: Microsoft Defender for Endpoint delivers cost savings, enhanced efficiency, and heightened threat management. Deep Instinct Prevention Platform’s noteworthy benefits include time savings, reduced false positives, and effective prevention against unknown threats.
Comparison Results: Microsoft Defender for Endpoint offers sophisticated protection against ransomware, easy deployment, and smooth integration with Microsoft solutions. However, Microsoft’s customer support has received middling reviews, and users would like better compatibility with third-party solutions. Deep Instinct Prevention Platform offers a unique perspective on cybersecurity, with a focus on behavioral analysis and deep learning-based prevention. It also requires enhancements in its interface, administration, and logging system.
"This is stable and scalable."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Ability to get forensics details and also memory exfiltration."
"The product detects and blocks threats and is more proactive than firewalls."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Stability-wise, I rate the solution a ten out of ten."
"The most valuable features are the static/dynamic analyses. Deep Instinct's predictive model has very high accuracy and provides threat information for unknown malware, such as malware classification, static analysis information, and sandbox information."
"I really like the behavioral analysis feature, because it looks at all the different things, like arbitrary shellcode and reflective DLL. It looks at a lot of things that threat actors use as threat vectors to get into the environment."
"It has a very low false-positive ratio. That is important because it means we're not wasting time... We're able to run that entire 20,000-endpoint base with just a handful of engineers."
"I like the dashboard. It looks very simple."
"Deep Instinct’s prevention-first approach to stopping unknown ransomware and malware is the reason why we purchased the product. The pre-execution versus post-execution is a big piece for us where it is able to stop something before it even hits the box or desktop. That was one of the big reasons why we went with Deep Instinct."
"Deep Instinct was a strategic complement to our Open XDR platform."
"When we were looking at Carbon Black and Sophos, the prevention pieces weren't as strong when compared to DI, which is why we decided to go with DI... I would rather have a product that does the prevention up front and saves me the effort of having to wipe someone's workstation."
"Technical support has been great."
"Defender for Endpoint is a robust solution that works well out-of-the-box."
"One of the features which differentiates it from other EDR providers is the Automated Investigation and Response, which reduces the workload of SOC analysts or engineers. They don't have to manually investigate each and every alert on the endpoint, since it does so automatically. And you can automate the investigation part."
"The solution is highly scalable."
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"The most important feature is the way it monitors the threats and blocks them. About 10 days ago, we were implementing SOC for a particular client. The SOC was not yet implemented, but they had Microsoft Defender. That organization was hit by some ransomware, but the hacker could not succeed. Because of the EDR, the hacker could not install the hacking tools. They were trying to do that, but Microsoft Defender completely blocked that. The hacker could log into the system, but they could not install anything."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"We can run the virus scan across our entire environment."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Cannot be used on mobile devices with a secure connection."
"The solution is not stable."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The dashboard isn't easy to access and manage."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I am looking forward to them adding Linux in Q1 or Q2 of 2019, as this is often requested by my partners and customers. Currently, Deep Instinct only has Windows, Mac, Android, and iOS."
"If the tool was able to provide fine-tuning capabilities from the product's end depending on the environment of its user, then it would be a good improvement in the solution."
"If they can bring some additional, complementary solutions, like network scanning and the like, that will help. If they had some sort of a firewall which could help detect DDoS attacks and other things, it would be an improvement"
"If the client is working remotely and doesn't have a VPN then the deployment is difficult to do."
"Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products. Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern."
"The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed. It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization."
"I would like a little more training for the admins."
"It would be nice if there were options where, if I have to do SIEM integration, I could do so from the UI: Just pick and choose what SIEM solutions the customers use and have options to have out-of-the-box connection facility."
"I am not sure if I will be using this product in the future because of the price."
"Lacks some additional integration."
"Integrating this with third-party systems has some complexity involved."
"The solution can be more user-friendly."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"Microsoft Defender for Endpoint's licensing is confusing. It has conflicting information on the website. We also faced integration issues with other systems. It makes laptops slower than traditional antivirus systems."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"It can be more secure."
More Deep Instinct Prevention Platform Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Deep Instinct Prevention Platform is ranked 25th in Endpoint Protection Platform (EPP) with 18 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Deep Instinct Prevention Platform is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Deep Instinct Prevention Platform writes "Bolsters prevention with great detection and response capabilities". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Deep Instinct Prevention Platform is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, CylancePROTECT, Cortex XDR by Palo Alto Networks and Intercept X Endpoint, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune. See our Deep Instinct Prevention Platform vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Anti-Malware Tools vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.