We performed a comparison between Microsoft Defender for Endpoint and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet is very user-friendly for customers."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Ability to get forensics details and also memory exfiltration."
"Impressive detection capabilities"
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It is stable and scalable."
"What I like most is the protection against phishing emails and anti-spam."
"Defender should be fine for home use. It has all the basic functionality you need. I can't speak to how well it works as an enterprise solution because I'm not in the space."
"It's one of the best antiviruses on the market."
"Technical support is good."
"The performance of Microsoft Defender for Endpoint has been a valuable feature."
"For threat-hunting, I'll put some threats in a test scenario. I've downloaded known viruses that are out in the public for testing. They're not really a virus but they've got a signature. Defender for Endpoint will automatically find those, quarantine them for me, and alert me to what it did. It gives me "automated eyes.""
"We can react to threats faster and stop them from spreading from one machine to another. It protects from suspicious email attachment downloads. It will lock down the SOC and the workstations."
"I like Defender's reporting and logging features. The email alerts are also helpful. It's hard sometimes to sift through the email, especially if you're an IT firm managing hundreds if not thousands of endpoints, but we find email reporting useful. For example, last Tuesday, we learned of new vulnerabilities that were discovered as a result of the previous patches. The endpoints without those patches triggered alerts in Defender."
"When you download the executable file from the internet, it automatically sandboxes to make sure it's not doing anything incorrectly."
"The analytics are important because if there is an abnormality then it provides that information to us."
"The most valuable feature is the correlation of logs from different devices."
"The protection that it provides from ransomware is valuable. The awareness that it has is also valuable. It didn't have a central console earlier, but now it has a central console, which is pretty good."
"The most valuable feature, in my opinion, is the dimension logging platform and the network traffic filtering."
"The solution is very easy to use."
"The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
"The tool provides automated responses."
"I haven't seen the use of AI in the solution."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The dashboard isn't easy to access and manage."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"FortiEDR can be improved by providing more detailed reporting."
"The solution is not stable."
"Cannot be used on mobile devices with a secure connection."
"Making the portal mobile friendly would be helpful when I am out of office."
"The application control feature requires improvement."
"The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices."
"It would be helpful if they included XDR features, on top of the EDR functionality."
"We would like to see more tools for managing on-premises security... Sometimes, we have the tools, like Defender, to manage security in the cloud, but because we are so focused on the cloud, we forget the fact that we need to be sure about the security of the on-premises environment, specifically Active Directory."
"If you have multi-cloud like Google and AWS, the native solutions are better for those particular cases."
"Lacks some additional integration."
"Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed."
"They should come up with pre-built inner workflows."
"The website must provide more information on the product."
"When it comes to live-monitoring, the user-interface could be improved to make things easier."
"The interface is not the best."
"The reporting isn't so good. If they worked to improve this aspect of the solution, it would be much stronger."
"The solution is a bit confusing and there are unusual complications with setup."
"The administrative UI/UX could be significantly improved."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"WatchGuard should offer more visibility into user activity. For example, we should have more details when WatchGuard denies a user access to a port."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while WatchGuard Threat Detection and Response is ranked 27th in Endpoint Detection and Response (EDR) with 12 reviews. Microsoft Defender for Endpoint is rated 8.0, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and Fortinet FortiClient, whereas WatchGuard Threat Detection and Response is most compared with CrowdStrike Falcon, Darktrace, Trend Vision One and SentinelOne Singularity Complete. See our Microsoft Defender for Endpoint vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.