We performed a comparison between Microsoft Defender for Endpoint and Trend Micro Deep Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Microsoft Defender for Endpoint comes out on top in this comparison. It is flexible and performs well. In addition, it is less expensive than Trend Micro Deep Security and has an impressive ROI.
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The product's initial setup phase is very easy."
"The price is low and quite competitive with others."
"NGAV and EDR features are outstanding."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"Automatic scanning and cleaning of viruses is the best and most valuable feature helping this tool to thrive. If any viruses are found, they are cleaned automatically."
"DFE organizational security posture has been a positive experience. We're a Microsoft house. It works. Once it's deployed and once it's configured, it works and our clients tend to be happy with it. I haven't really experienced anyone who has been so unsatisfied with the platform that they wanted to go a couple of different directions, that has never happened to me."
"The threat hunting service is very useful for a security professional."
"I like the process visibility. This ability to visualize how something was executed is valuable, and the fact that Defender ATP is also linked to the threat intelligence that they have is also valuable. So, even if you have something that doesn't have a conventional signature, the fact that you get this strange execution means that you can detect things that are normally not visible."
"In my opinion, the most valuable aspects are the reporting analytics and integration with Sentinel. Defender does an excellent job of correlating the different entities that comprise threat analysis, analytics data, and log analytics. It helps to piece together investigations into any exploit or malicious activity within a specific tenant. AI and analytics tools are probably the most valuable components."
"User-friendly, offering safety and security."
"The solution's threat protection is mostly AI and machine-learning based. That is the most important feature of the product. It also offers centralized management so I can remotely manage devices."
"Automated virtual patching is a good feature."
"We like the Smart protection and the Virtual patching."
"In addition to providing our clients a view of what's happening in their data centers, it also does virtual patching in the data center. It enhances the security in the data center big time."
"Signatures are frequently updated."
"It has a perfect SaaS which integrates with AWS, offering flexibility to deploy quickly and easily in the cloud."
"Trend Micro Deep Security is a complete solution and all the threat management has been taken care of."
"The customer service/technical support for this solution is very fast."
"It can scale well."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The dashboard isn't easy to access and manage."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Detections could be improved."
"Intelligence aspects need improvement"
"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."
"The biggest issue I had with Microsoft Defender for Endpoint was the antivirus and ransomware. I wanted central visibility over all the machines that we operate."
"Its interface can be improved a little bit. We would like to have some sort of centralization. It should have something like a central server that is managing all the other clients. There are solutions from Kaspersky or ESET NOD32 that are really doing this kind of thing currently. We would like to see something similar from Microsoft."
"In the next release, I would like to see better management reporting."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"Additional security would be beneficial."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"Defender is free for one year. Once that year is over, we will switch to Kaspersky."
"Enhancements in agent performance are needed, specifically in reducing server utilization during scanning."
"We'd like to have more application control."
"The licensing structure could improve."
"Sometimes the patching is a bit slow."
"It would be helpful if they could send emails notifying their users about the recommended upgraded versions to address the newly discovered vulnerabilities."
"The initial setup needs improvement, as it was a bit challenging."
"The implementation can be inflexible and not easy, as it requires knowledge of things like virtualization and administration on Windows."
"The tool should integrate SIM functionality. It should also improve customer support."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Trend Micro Deep Security is ranked 1st in Virtualization Security with 81 reviews. Microsoft Defender for Endpoint is rated 8.0, while Trend Micro Deep Security is rated 8.6. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trend Micro Deep Security writes "High availability, effective VPM, and responsive support". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Intune, whereas Trend Micro Deep Security is most compared with Trend Vision One Endpoint Security, CrowdStrike Falcon, Symantec Endpoint Security, Trellix Endpoint Security and VMware Carbon Black Endpoint.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.