We compared Tanium and Microsoft Defender for Endpoint based on our user's reviews in several parameters.
Overall, Tanium is praised for its comprehensive visibility into endpoints, security measures, efficient endpoint management, and powerful analytics capabilities. Users appreciate the top-notch customer service but mention high pricing, complex licensing, and system performance improvements needed. Microsoft Defender for Endpoint stands out for its threat protection, real-time monitoring, and user-friendly interface. Customers also commend customer service and competitive pricing, with positive ROI noted. Areas for enhancement include faster response times and improved documentation for both products.
Features: Tanium's valuable features include comprehensive visibility, effective security measures, efficient endpoint management, and powerful analytics capabilities. On the other hand, Microsoft Defender for Endpoint offers comprehensive threat protection, real-time monitoring and detection, efficient system management and reporting, user-friendly interface, seamless integration with other Microsoft products, and effective incident response capabilities.
Pricing and ROI: The setup cost for Tanium is higher compared to other similar products in the market, requiring additional resources and time. On the other hand, Microsoft Defender for Endpoint has a more positive experience, with a straightforward setup process that doesn't require much effort., Based on user feedback, Tanium has shown positive ROI with improved efficiency, cost savings, enhanced security, and centralized IT management, while Microsoft Defender for Endpoint excels in threat protection, ease of use, and real-time insights.
Room for Improvement: There is room for improvement in both Tanium and Microsoft Defender for Endpoint. Tanium users have requested better system performance, improved documentation and training resources, and more customization options. Microsoft Defender for Endpoint users have provided feedback on areas that could be enhanced.
Deployment and customer support: Based on user reviews, there is variation in the duration required to establish a new tech solution for both Tanium and Microsoft Defender for Endpoint. Some users of Tanium reported spending 3 months on deployment and an additional week on setup, while others needed a week for both. As for Microsoft Defender for Endpoint, some users mentioned the same timeframes for deployment and setup., Users highly praise the customer service of Tanium, citing helpful and responsive assistance from knowledgeable and professional support staff. Customers commend Tanium for their efficient and effective customer service. On the other hand, customers express satisfaction with the customer service of Microsoft Defender for Endpoint, appreciating the support team's ability to address concerns and provide effective solutions. The quality of customer service provided by Microsoft Defender for Endpoint is highly regarded.
The summary above is based on 96 interviews we conducted recently with Tanium and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Ability to get forensics details and also memory exfiltration."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"We are able to productively integrate with existing on-prem, hybrid, or cloud applications."
"The most valuable feature of Microsoft Defender for Endpoint is that it is embedded into the Windows system. Additionally, the performance is good and simple to maintain."
"The most valuable features are that it's easy to use and the updates are very simple."
"The attack surface reduction rules are the most valuable. We're able to have unattended remediation actions when the solution works side by side with a local antivirus like Microsoft Defender or Kaspersky. The attack surface reduction rules help us to proactively block and stop threats."
"The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."
"It is stable and easy to use. Everything is okay, and there are no performance issues."
"What I found most valuable in Microsoft Defender for Endpoint is that it's out-of-the-box, which brings more value to the customer. The technical support for the product is also one of the best parts, because it's good, in terms of the product knowledge of the technical engineers."
"It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"The product is granular and can build complex roles compared to other EDR vendors."
"I would say Tanium is the best tool for vulnerability management."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"The interrogation piece was the most valuable feature because it was very detailed."
"I like the tool's incident response and security patching."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The only minor concern is occasional interference with desired programs."
"We find the solution to be a bit expensive."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We need better support to learn about the product. Documentation is available, but we need some kind of training program so that we can get a better understanding of the product."
"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"In the next release, I would like to see better management reporting."
"It's not quite a mature solution just yet. It needs more time to grow and develop."
"Microsoft Defender for Endpoint is effective for validating work, but not ideal for investigations."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"It makes your Surface devices hot. It is resource-intensive. It strains your CPU, not more than other file scanners around, but it also does a lot more. When you are transmitting files or data, it is continuously scanning the traffic and analyzing it bit by bit to see what's going on, and that, of course, is costly in terms of CPU. It is CPU intensive, and if you are on battery, it drains your battery fast. That's the only drawback that it has."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"The solution needs to improve the reporting and tracking capabilities."
"The solution lacks mobility."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
"Tanium’s scalability could be improved."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while Tanium is ranked 26th in Endpoint Detection and Response (EDR) with 15 reviews. Microsoft Defender for Endpoint is rated 8.0, while Tanium is rated 7.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Tanium writes "Useful tool for vulnerability management and deploying applications, needing improvement in its OS upgrade". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Tanium is most compared with CrowdStrike Falcon, Microsoft Configuration Manager, Qualys VMDR, ServiceNow Discovery and BigFix. See our Microsoft Defender for Endpoint vs. Tanium report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.