We performed a comparison between Microsoft Defender for Endpoint and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I get alerts when scripts are detected in the environment."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"NGAV and EDR features are outstanding."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The price is low and quite competitive with others."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The EDR feature is most valuable."
"The most valuable features are that it's easy to use and the updates are very simple."
"The performance of Microsoft Defender for Endpoint has been good."
"We can react to threats faster and stop them from spreading from one machine to another. It protects from suspicious email attachment downloads. It will lock down the SOC and the workstations."
"The biggest benefit to Windows Defender is that it is built-in to the operating system by Microsoft."
"I like that Defender is integrated and doesn't have a third-party payload trying to advertise subscription renewal."
"Defender has very little impact on the end-user and the agent works quite well with a minimal impact on the client and server."
"It is stable and easy to use. Everything is okay, and there are no performance issues."
"When you download the executable file from the internet, it automatically sandboxes to make sure it's not doing anything incorrectly."
"The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
"The interface is very good."
"The protection that it provides from ransomware is valuable. The awareness that it has is also valuable. It didn't have a central console earlier, but now it has a central console, which is pretty good."
"WatchGuard Threat Detection and Response is a reliable solution."
"The most valuable feature is the correlation of logs from different devices."
"I like WatchGuard's network segmentation features. It's easy to configure user policies."
"The tool provides automated responses."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The SIEM could be improved."
"FortiEDR can be improved by providing more detailed reporting."
"The solution should address emerging threats like SQL injection."
"The dashboard isn't easy to access and manage."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The support needs improvement."
"A single dashboard would be a significant improvement."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"The application control feature requires improvement."
"The profiling method currently in use is not very user-friendly and has ample scope for improvement."
"There's scanning going on that occasionally topples the memory, causing everything to freeze. This should be fixed."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"In terms of improvement, they update the platform it seems quite a bit. Every month something is in a new spot or something changed somewhere. There should be less of that."
"This solution is not secure, which is why I have moved to Linux."
"The reporting isn't so good. If they worked to improve this aspect of the solution, it would be much stronger."
"I'd like a few extra features, especially around threat severity assessment."
"The solution is a bit confusing and there are unusual complications with setup."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"The interface is not the best."
"The website must provide more information on the product."
"When it comes to live-monitoring, the user-interface could be improved to make things easier."
"This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while WatchGuard Threat Detection and Response is ranked 26th in Endpoint Detection and Response (EDR) with 12 reviews. Microsoft Defender for Endpoint is rated 8.0, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and Fortinet FortiClient, whereas WatchGuard Threat Detection and Response is most compared with CrowdStrike Falcon, Darktrace, Trend Vision One and SentinelOne Singularity Complete. See our Microsoft Defender for Endpoint vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.