We performed a comparison between Microsoft Defender for Endpoint and ThreatLocker Protect based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"The solution was relatively easy to deploy."
"The setup is pretty simple."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"This is stable and scalable."
"The price is low and quite competitive with others."
"Endpoint's most valuable feature is deep analysis."
"The investigation aspect is the most useful. It's user friendly and has a good user interface."
"What I found most valuable in Microsoft Defender for Endpoint is that it's out-of-the-box, which brings more value to the customer. The technical support for the product is also one of the best parts, because it's good, in terms of the product knowledge of the technical engineers."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"It shows us the risky sign-ins, and if a user's password has been compromised."
"Microsoft's technical support is fantastic."
"The virus scanning capability is excellent, and it feeds all the logs into the Microsoft 365 Defender portal, making them easy to search for."
"It's very easy to scale because it comes built-in with Windows 10, and you just need to enable it. This can be done on scale using group policies or through Endpoint Manager on cloud or Intune."
"Application control, ring-fencing, and storage control are the most important features, followed closely by elevation."
"While it can be frustrating at times, we appreciate the low-level security provided by the application whitelist."
"The interface is clean and well-organized, making it simple to navigate and find what we need."
"We use ThreatLocker's Allowlisting to whitelist specific applications and prevent unauthorized software from running."
"Every single feature has been invaluable."
"ThreatLocker Allowlisting has all of these features integrated into one console, making it effective."
"The sandbox functionality is fantastic."
"The biggest improvement has been knowing that something unauthorized isn't going to get installed on anyone’s machines."
"The solution is not stable."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The SIEM could be improved."
"The solution should address emerging threats like SQL injection."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"This solution needs to move beyond relying on virus definitions alone and protect the system using behavioral analysis of the processes that are running."
"In the next release, I would like to see better management reporting."
"The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices."
"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."
"The profiling method currently in use is not very user-friendly and has ample scope for improvement."
"I would like MDE to have the ability to isolate a certain amount of time on the timeline."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"The integration and effectiveness of email security could be better. It's already built-in to the solution and checks emails, scans the links they contain etc."
"More visibility in the built-ins would be nice."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"The reporting could be improved."
"If you have a thousand computers with ThreatLocker agents on them, when you approve or create a new policy saying that Adobe Reader that matches this hashtag and meets certain criteria is allowed to be installed, it applies at the top level or the organization level. It applies to every computer in the company. When you make that new policy and push it out and it goes out and updates all of the clients. Unfortunately, at this time, it does not look like they stagger the push-out."
"ThreatLocker could offer more flexible training, like online or offline classes after hours. The fact that they even provide weekly training makes it seem silly to suggest, but some people can't do it during the day, so they want to train after work. They could also start a podcast about issues they see frequently and what requires attention. A podcast would be helpful to keep us all apprised about what's going on and/or offline training for those people who can't train during the week."
"The snapshots used in the ThreatLocker University portal are outdated snippets and have not been updated in conjunction with the portal itself."
"We identified several areas that we would like to see improved."
"Something we have come up against a couple of times is that we have two clients that are software developers. They create software that doesn't have digital signatures and that's not easy to categorize or whitelist with ThreatLocker. We have to go in and make custom rules to allow them to do their work and to be protected from malicious threats."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while ThreatLocker Protect is ranked 26th in Endpoint Protection Platform (EPP) with 13 reviews. Microsoft Defender for Endpoint is rated 8.0, while ThreatLocker Protect is rated 9.2. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of ThreatLocker Protect writes "Integration is simple, deployment is straightforward, and extensive well-written documentation is available online". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and Fortinet FortiClient, whereas ThreatLocker Protect is most compared with SentinelOne Singularity Complete, CrowdStrike Falcon, Huntress, GravityZone Business Security and Fortinet FortiClient. See our Microsoft Defender for Endpoint vs. ThreatLocker Protect report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Advanced Threat Protection (ATP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
