We just raised a $30M Series A: Read our story
MH
Managing Director at FORESEC
Real User
Top 5
Fair price and useful for protection, but should have the ability to recover data from the last normal copy

Pros and Cons

  • "We have just started to implement it. It is useful for protection from malware and ransomware."
  • "Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."

What is our primary use case?

We are using it for protection. We had a request from one of our customers, and we just started to implement it. We don't have any great idea about it. We are in the process of implementing it for the first time.

We are using its latest version. It is on-prem. The problem with going for a cloud version is that most of our customers prefer to work with on-prem solutions. So, we need all the features to be available on-prem as well as on the cloud.

What is most valuable?

We have just started to implement it. It is useful for protection from malware and ransomware. We are not exactly sure about zero-day, but we are trying to see if it will be effective for everyday antivirus purposes.

What needs improvement?

Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes.

For how long have I used the solution?

We just started to use it.

What do I think about the stability of the solution?

We need to test its functionality in heavy environments.

How are customer service and technical support?

Their support could be faster through the phone. The support through chat is very unuseful. It takes a lot of time and effort and but does not help in any way. We provide the first line of support to customers, so it is not a big issue for us.

Which solution did I use previously and why did I switch?

We work on most of the protection products, such as Kaspersky, Malwarebytes. We normally use a lot of them. We had a request from one of our customers, so we started to implement Microsoft Defender for Endpoint.

How was the initial setup?

Its initial setup is straightforward. The solution itself doesn't take more than 15 to 20 minutes, but the configuration duration depends on the environment, such as the number of policies, users, etc. It will vary according to the environment in which you are doing the implementation.

What about the implementation team?

We implement it ourselves. Currently, we have only one customer of this solution.

What's my experience with pricing, setup cost, and licensing?

Its price is fair. It has approximately the same price as the other products such as Kaspersky. It is much cheaper than Malwarebytes.

What other advice do I have?

I would rate Microsoft Defender for Endpoint a seven out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
KM
Owner at a tech services company with 1-10 employees
Real User
Top 20
A cloud delivered endpoint security solution that defends against various threats

Pros and Cons

  • "The primary advantage is that you don't need to install it. It's included in the Windows 10 delivery."
  • "Some integration components for Mac should be added. We use both Windows 10 desktops and Mac desktops, but presently, the Mac component is still lagging a bit behind."

What is our primary use case?

We use this solution and we also implement it for customers. We mainly use it for its anti-malware and threat protection capabilities. If a client comes to us who uses Office 365, then we suggest this solution.

At the moment we have between 10 to 50 customers.

We definitely plan to keep using this solution. We're currently just pushing out all other solutions because they're not integrated and they have additional deployment costs. The only thing which is a bit peculiar is that you need to convince the customer that you're not talking about an antivirus solution. If we do, then they end up comparing things that are incomparable.

What is most valuable?

The primary advantage is that you don't need to install it. It's included in the Windows 10 delivery.

It's part of the Microsoft 365 suite, so it's integrated. We also use it for collaboration with other components within the suite. These two things are the most important for us at the moment.

What needs improvement?

Some integration components for Mac should be added. We use both Windows 10 desktops and Mac desktops, but presently, the Mac component is still lagging a bit behind. However, I think this is a temporary case.

For how long have I used the solution?

I have been using Microsoft Defender for roughly one year.

What do I think about the stability of the solution?

On Mac, it's quite unstable and unusable; however, it's very stable for Windows. We're content with what it does and how it works.

What do I think about the scalability of the solution?

It's on the cloud, so scalability is not an issue.

How are customer service and technical support?

We've had no problems with customer support.

How was the initial setup?

There's no installation to be done on the device itself, so it's quite easy. Configuration takes roughly two to three days.

What about the implementation team?

Our company acts as both a consultant and integrator. 

What's my experience with pricing, setup cost, and licensing?

Licensing options vary. Some customers buy it as an enterprise agreement and pay yearly. Others buy it as a CSP, so they pay per month. It completely depends on the customer's needs.

What other advice do I have?

Overall, on a scale from one to ten, I would give this solution a rating of nine. Some integration components on Mac should be improved. It should be more stable on Mac. If they fixed this, I would give it a rating of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Learn what your peers think about Microsoft Defender for Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,027 professionals have used our research since 2012.
VS
Specialist Consultant in Microsoft Security at a tech services company with 501-1,000 employees
Consultant
The tamper protection keeps hackers from entering a machine, encrypting it, and changing passwords

Pros and Cons

  • "Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine."
  • "It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement."

What is our primary use case?

We use it for antivirus. You can use it for malware and Zero Trust. Some people use it for fact-checking too. I can also use it with Intune, which is good. 

We deploy Microsoft Defender on all kinds of devices, including Microsoft, iOS, and Mac.

What is most valuable?

Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine.

I like the tamper protection. For example, if I buy a notebook with Windows 10 and put Microsoft Defender on it, then I can activate the tamper protection. This keeps people from entering the machine, encrypting it, and changing passwords.

Microsoft Defender is fully integrated with Azure Sentinel. In addition, GPO can be connected with Microsoft Defender and Azure AD.

What needs improvement?

It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement. 

With Windows 10, version 18.0.3, I couldn't see the documentation to open the ports. If you don't open the ports, then the machine can't communicate with the console.

What do I think about the stability of the solution?

I like its stability a lot.

What do I think about the scalability of the solution?

You push out all the devices that you want. There is no limitation beyond money and licenses.

Which solution did I use previously and why did I switch?

In the past, I have used McAfee and Kaspersky. 

I only work with Microsoft products right now. It integrates well with other products. I also work with Microsoft Defender for Identity.

How was the initial setup?

The deployment process is not difficult because Microsoft Defender comes with Windows 10. You just right click, then it connects you with Azure. 

There are other processes that can be connected, e.g., Microsoft Download Center.

What about the implementation team?

I implement Microsoft Defender for Endpoint. It takes me one or two days to design Microsoft Defender for Endpoint. It is easy to do this, and the more you implement, the easier it gets over time.

Sometimes, when I change the configuration, I have to wait six to eight hours.

What's my experience with pricing, setup cost, and licensing?

It is so expensive. It isn't cheaper than McAfee or other solutions.

Which other solutions did I evaluate?

I prefer Microsoft Defender for Endpoint instead of McAfee, Kaspersky, and other products.

What other advice do I have?

I would rate this solution as 10 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
OmidKoushki
Solution Architect at KIAN company
Real User
Top 5Leaderboard
Simple to use, flexible, easy to update, but the central management console needs improvement

Pros and Cons

  • "This product is flexible, and it is very easy to get updates from the Microsoft website."
  • "The central management console should be improved because it provides limited options to configure Windows Defender."

What is our primary use case?

This product is our antivirus for Windows 10 machines, Windows Server 2016, and in our Azure environment. In addition to this, we have a project for an oil company that is implemented in Azure, and we had to migrate the majority of their systems to that platform. Once the migration was complete, we configured Windows Defender as its antivirus.

What is most valuable?

It is very simple to use and easy to scan systems.

This product is flexible, and it is very easy to get updates from the Microsoft website.

We are using the firewall features.

What needs improvement?

The central management console should be improved because it provides limited options to configure Windows Defender. It should provide a lot of options and features, in the same way, that Symantec does, or the Kaspersky Central Management Console does. Essentially, we should have a central management console on Azure that can be used to manage Windows Defender on all of our machines.

What do I think about the stability of the solution?

This is a very stable solution and we plan to continue using it.

What do I think about the scalability of the solution?

The company that I implemented this for has approximately 2,000 staff and 1,000 virtual machines on Azure. 

How are customer service and technical support?

I have not been in contact with Microsoft support. Rather, I have learned by using the materials that are provided online.

Which solution did I use previously and why did I switch?

We were originally using a product from Symantec before we switched to using Windows Defender. After that, we adopted the Microsoft solution for Azure.

How was the initial setup?

I have configured Windows Defender for different locations by using Group Policy Settings and each time, it took between five and ten minutes, based on the guidelines.

What about the implementation team?

I configured it personally by downloading and reading materials that I found on the Microsoft website.

What's my experience with pricing, setup cost, and licensing?

This is an expensive product and licensing for all Microsoft products is a big issue. However, Volume Licensing and Educational Licensing are good options to decrease the cost.

What other advice do I have?

In general, Windows Defender is a good feature for the Windows Operating System.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
NK
Senior IT Manager at a pharma/biotech company with 501-1,000 employees
Real User
Top 5Leaderboard
Good protection against phishing attacks and spam, but seamless integration with EDR is needed

Pros and Cons

  • "What I like most is the protection against phishing emails and anti-spam."
  • "If they integrate with the EDR then it will benefit this solution."

What is our primary use case?

We are using Microsoft Defender ATP to prevent anti-phishing, malware transportation, and unwanted spam emails.

What is most valuable?

What I like most is the protection against phishing emails and anti-spam.

What needs improvement?

The integration of the defense features is something that they are working on but it still needs improvement.

In the next release, I would like to have additional features integrated with DNS security and DNS resolution. It will add to the solution and work more like a firewall.

If they integrate with the EDR then it will benefit this solution. 

I would like ATP to be integrated with the EDR as one single license.

For how long have I used the solution?

I have been working with Microsoft Defender ATP for three years.

What do I think about the stability of the solution?

It is stable, but it depends on how you configure the existing ATP and what existing features you need to enable it.

Based on the features that are enabled, it will work perfectly. 60% to 80% will depend on the configuration that is done for the ATP trade products.

What do I think about the scalability of the solution?

Microsoft Defender ATP is scalable at any point of time.

How are customer service and technical support?

The technical support was good. 

I would rate technical support a four out of five.

How was the initial setup?

The initial setup was not easy but not complex. It was somewhere in between.

There were many things that needed to be integrated with the existing solution, which took some time. It took us a week to deploy this solution.

What's my experience with pricing, setup cost, and licensing?

When compared with other vendors, the pricing is very high.

There are several other features that can be integrated with Microsoft Defender ATP such as EDR. But, it doesn't already come integrated with ATP. It's available at an additional cost.

If you want the EDR feature, you would have to purchase an E-file license. The cost is three times higher to have more productivity with the dashboard.

What other advice do I have?

It's a good solution. I would recommend Microsoft Defender ATP to anyone who is interested in using it.

I would rate Microsoft Defender ATP a seven out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Lalit Vazirani
Director at Darknext
Real User
Top 20
A stable, easy-to-setup ransomware and malware protection solution with live detection capabilities and comes included in Windows 10

Pros and Cons

  • "The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."
  • "With regards to the interface, a challenge I found was that there was not enough documentation on how to tune it. I had to read multiple sources on the internet to learn how to configure the tool appropriately."

What is our primary use case?

Our primary use case of this solution is to protect our endpoints from malware.

A lot of our work involves exchanging files with clients, both via the internet, by email and by USB. Therefore, we are susceptible to malware and ransomware attacks. We are using this solution to protect against these attacks.

What is most valuable?

The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it. 

We set our protection to the tightest possible settings, which prevents non-approved applications from making any changes to our computers'.

What needs improvement?

One area of improvement for this solution is to have a faster turnaround time on updating definition files. Since there are usually various ransomware variants, this solution may not pick it up in time like other commercial antivirus solutions. However, we have not encountered an issue like this yet with definition updates.

With regards to the interface, a challenge I found was that there was not enough documentation on how to tune it. I had to read multiple sources on the internet to learn how to configure the tool appropriately.

In the next release, I would like to see the solution have a backup feature were my data could be saved to a Microsoft OneDrive account or an equivalent cloud platform so that, in the event of a ransomware or malware attack, I can easily retrieve my data.

For how long have I used the solution?

I have been using the solution for about a year.

What do I think about the stability of the solution?

The solution is stable.

Which solution did I use previously and why did I switch?

In the past, I have used other solutions from Symantec, McAfee, and RSA.

How was the initial setup?

The initial setup is very straightforward. It is just the configuration that takes more time as many features are not very intuitive. As a result, you have to read through what a specific feature does and whether you want to implement it.

What's my experience with pricing, setup cost, and licensing?

The solution is an open source version and comes free with a paid version of Windows 10.


What other advice do I have?

I would highly recommend Microsoft Defender Antivirus for an individual looking to protect their endpoints.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PT
Head Of Information Technology at a financial services firm with 1,001-5,000 employees
Real User
Top 5
Integrates very well with all Windows workstations, works very well, and has good stability and scalability

Pros and Cons

  • "It integrates very well with all Windows workstations or other Microsoft Endpoint products. It also works quite well. So far, I have not had any issue that hasn't been sorted out. It doesn't use too many resources, so you don't have to install different things."
  • "Its price could be better."

What is our primary use case?

We replaced our antivirus with Microsoft Defender, and we are implementing three products. We have Microsoft Defender for Endpoint, which is deployed on all our endpoints. We also have Microsoft Defender for Office, which works very well to protect Office documents. 

We are using this solution for MDM and MAM for the endpoints. We are using its latest version.

What is most valuable?

It integrates very well with all Windows workstations or other Microsoft Endpoint products. It also works quite well. So far, I have not had any issue that hasn't been sorted out. 

It doesn't use too many resources, so you don't have to install different things.

What needs improvement?

Its price could be better.

For how long have I used the solution?

We have been using it for three months. 

What do I think about the stability of the solution?

It is very stable for Windows. 

What do I think about the scalability of the solution?

It has very good scalability. We have 151 users.

How are customer service and technical support?

I have not directly interacted with them. My colleagues have interacted with them.

Which solution did I use previously and why did I switch?

We were using another solution that was number three in the market according to Gartner 2019.

How was the initial setup?

There wasn't really much that we had to do because we have Intune, so it was very easy to deploy. We used the Control Panel, and it was deployed on the rest of the machines. What took longer was the onboarding of the machines to Intune, but once they were there, they were all protected. We, of course, had to remove the old antivirus.

What about the implementation team?

We used a partner. We had two people for this.

What's my experience with pricing, setup cost, and licensing?

It is within the same range as other products. It is not too expensive, and it is also not cheap. Its price can be better, but, well, it is Microsoft.

What other advice do I have?

I would recommend this solution to others. I have a lot of good things to say about it. We are still navigating through it, and it has been working very well. We will absolutely keep on using it. 

I would rate Microsoft Defender for Endpoint an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PR
Consulting Director at a tech services company with 5,001-10,000 employees
Real User
Reliable protection included with Windows Operating System

Pros and Cons

  • "It's stable."
  • "I would like to see fewer pop messages and alerts."

What is our primary use case?

I'm a consultant and I don't use these solutions. We sell them and we do research for sales purposes.

I don't use it explicitly. Rather, it's there on my laptop filtering viruses. It's there to protect my laptop.

What needs improvement?

I have had a few minor issues on my laptop but nothing really big.

I would like to see fewer pop messages and alerts. 

It's disturbing when you have that many alerts. 

Even though it shows you it's working, I don't really need to see it. If it was running in the background and never showing that would be perfect for me.

For how long have I used the solution?

It's been a part of my laptop by default for two to three years.

I am probably not using the latest version. I don't follow the best practices in terms of updates. I may have an outdated product.

What do I think about the stability of the solution?

It's stable. There are no issues that I know of. 

My laptop has been working.

What do I think about the scalability of the solution?

As it is for my personal use, this is an area that is not necessary for me to explore.

I am the only person using it.

I am a part of a tiny organization with a tiny team that is autonomous.

How are customer service and technical support?

I have not contacted technical support.

Which solution did I use previously and why did I switch?

I have used Symantec Endpoint Protection. It was the standard choice in my previous company.

How was the initial setup?

From what I remember, the initial setup was transparent. I haven't had to deal with it.

I would say that the initial setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

It's included with the Windows Operating System, I don't pay for any licensing fees.

What other advice do I have?

I would recommend using this solution. I haven't had any issues and it's been working fine for me.

I plan to continue using this product as long as it is not causing any problems.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Microsoft Defender for Endpoint Report and get advice and tips from experienced pros sharing their opinions.