I give the solution a nine out of ten.

The solution is used for a website and is deployed in one location. We have 1,000 users.

Maintenance is completed once a month for batching the products in the environment for Sequel, SharePoint, and Microsoft products. Two people are required for the maintenance.

Microsoft Defender for Endpoint is a very good solution. I recommend the solution to others and suggest using only Microsoft products in order to receive all the support from one place.

View full review »

Defender for IoT is an add-on to Defender for Endpoint. It's there, but you have to onboard it. I don't really have enough devices, other than my home base, but in a regular business it would find all the switches, routers, security cameras, monitors, printers, modems, and anything else you have attached. With Defender for Endpoint, you need to have an operating system—Linux, Windows, et cetera—to deploy it.

A refrigerator or a camera or a security device doesn't really have a Windows-based operating system on which to deploy the agent. So IoT, within Defender, will scan those devices, find them, and let you know that it found them. It does that out-of-the-box with Defender for Endpoint. If you want to see the actual operating system of IoT devices and get alerts that something is out of date or has vulnerabilities, you have to get a subscription to IoT, which I hope to do.

There's a lot to learn when it comes to using Defender for Endpoint to automate routine tasks and find high-value alerts. KQL is a structured query language for hunting. If I have data ingestion from M365 logs, Defender for Containers, Defender for Storage, and AWS, Defender for Endpoint or Sentinel will allow me to hook up connectors to pull all of those logs into a "master database" with different tables that contain those logs. There are routines that are already written that say, "If you're looking for this type of an event that started with this application that went to a SQL server that was stored on this server that was accessed from a laptop where the guy went through a browser and went to this particular rogue network," and they access all those tables in that master database.

KQL allows me to tap into each of those different tables and correlate like events or like data, and pull it all into an alert or a threat hunt. It's something to master. It's sort of like regular SQL, but there are a lot of tables and schemas and you have to know what the tables and headers and columns and fields are, and then the syntax. It does threat-hunting really well with the canned queries that it has. But if you're looking for something in particular, you need to learn KQL. A SQL Server database admin would know SQL and how to pull data out of tables and do joins, commits, and transaction rollbacks. KQL is on that same level where you have to be an expert in KQL to actually pull all that stuff together. It's quite the learning curve, but there are courses out there that teach you.

I've been doing systems administration and engineering server admin things for quite some time, a couple of decades since Windows came out, and a little bit before that. But jumping over into the security space for my home business, and putting all these things together with Defender and Sentinel, has been a learning curve. It has slowed me down a little bit. A while back, security was always an issue for security teams. Now that I'm working on my own company, I'm a one-man show. But at the same time, I know there are a lot of bad actors out there.

View full review »

I rate Microsoft Defender for Endpoint nine out of ten. If you're planning to use Defender, you need to understand the options around E3, E5, and a la carte licensing. This is also true if you do a bake-off between IBM, ArcSight, or other best-of-breed products, understand what capabilities you really need. If you're a small or medium-sized enterprise, you won't have the same needs as a corporation with half a million endpoints. 

View full review »

I give the solution a nine out of ten.

The comprehensiveness of Sentinel's security protection is linked to identity management and is very easy.

View full review »

A weakness, as well as an advantage, of Defender is that it is always on the cloud. There is no on-prem. You deploy additional agents into the customer infrastructure, but the console and the feedback are through the cloud.

Customers often say that Microsoft has included it in their license. So, it is license-cost neutral, but just because it is included in the license and appears to be cheap, it isn't necessarily a good reason for doing it. It isn't equivalent to other EDR or XDR solutions, but to an extent, you get what you pay for. ATP is a work in progress. To me, it is not a complete product.

Customers also go for it because it gives them visibility, and it means it is one less system to manage. They have the license for it, and they just want everything in the same ecosystem. There isn't much that we can do about that. As an MSSP, we're agnostic from a technology point of view. If the customer says, "This is what we want to do," we'll take it over.

I would advise asking yourself:

• What do your endpoints consist of?
• Which operating systems, such as Windows, Linux, iOS, or Android, will you have to support? The functionality that you get depends on your license.
• What is it that you're trying to achieve by taking Defender? 
• Are there more capable XDR-type solutions out there? 

If I was comparing them, from most effective to least effective or least integrated, I would put SentinelOne, Palo Alto Cortex, Cybereason, Microsoft Defender, and Cisco AMP.

If you want to get into the advantages of XDR solutions, which is about the detection capability coupled with artificial intelligence (AI) and data leaking, then it may not be the solution that you want. If you also want to be able to do threat intelligence, it is not the solution for you. That's because essentially the threat intelligence features are not there. You can get some threat intelligence from Azure, Microsoft Sentinel, etc, but it is not in the product like with Palo Alto Cortex, SentinelOne, or Cybereason.

I'd give it a cautious six out of ten.

View full review »

We're a Microsoft partner. 

I'd rate the product seven out of ten. 

You can spend a lot of money to get a very specific security tool, however, if you don't have the money, Defender does a pretty good job for you.

View full review »

I rate the solution nine out of ten, and I recommend it.

We use Microsoft Sentinel, and it allows us to ingest data from our entire ecosystem.

Sentinel enables us to investigate threats and respond holistically from one place, which is important to us.  

View full review »

I rate the solution ten out of ten.

We use Defender for Cloud and make use of its bi-directional sync capabilities, or use Intune, so all our computer objects are synced via Azure ID and pushed into Intune. This capability is there, and it functions, though there are more important features.

It isn't easy to say if the product saves us money and the business is not overly concerned about the cost of Endpoint. You get what you pay for, it's an integrated solution, and there isn't a better one on the market. It does the job, is configurable, and has limitations like all products.

Once Defender for Endpoint becomes more mature in a couple of years, it'll be the Holy Grail like Windows 7 was.

To a security collogue who says it's better to go with a best-of-breed strategy rather than a single vendor's security suite, I'd say Microsoft is the best of breed for those who want a unified approach or integrated solution. I wouldn't use other security products because it's not necessary. I'd integrate the Microsoft security suite anywhere I go.   

View full review »

I rate Microsoft Defender for Endpoint a nine out of ten. Defender is one of the best I've seen, and I'm not saying that as a Microsoft reseller. We use Defender and have gotten our Microsoft certifications to provide a high level of service for our clients. It's crucial to have a product we stand behind and believe in wholeheartedly. We're not getting kickbacks from Microsoft for saying or doing any of that. We use it because it works. 

I would say there's a trade-off. Once you start adding complexity to security, you're going against best practices that say simpler is better. Adding another vendor or a level of complexity is usually unnecessary. Unless there's something Microsoft completely missed, I would question the value of going to another vendor. 

Communication and planning are most important. Any time you change products or deploy something for the first time, you should test it first in a smaller use-case scenario. That will help you identify any issues with your network, firewall, or legacy applications that may be falsely identified as a threat. It's always best to test your use case scenarios in a proof of concept before you deploy it.

View full review »

I give the solution an eight out of ten.

The most cost-effective and user-friendly option for security is a single-vendor security suite. This approach also eliminates the need for multiple integrations.

I recommend that organizations avail themselves of Microsoft's trials and demos, and compare Defender with other solutions in their environment to determine the best fit. With a Microsoft E5 license, organizations can access all of Microsoft's solutions and use whatever they need.

View full review »

I would advise following those secure scores and watching out as you start to communicate with your user base because you're going to impact applications.

To a security colleague who says that it is better to go with a best-of-breed strategy rather than a single vendor’s security suite, my response would be that you got to measure trying to do the integration because with security, to me, bringing that integration together is the key thing. You need to know how quickly you are going to be able to move from your detection to your mitigation. Are you going to turn on things on the firewalls or can you go right to the devices and isolation? The best of the breed is great, but trying to get them all to work together becomes very complex.

I would rate it an eight out of ten.

View full review »

My advice is, "Try it, and you will love it." If you go for any other product, you will have to manage everything separately, which becomes an overhead. You will have a separate console, separate licensing, and a separate vendor. You will also get a piece of software that is going to have a layer in between the operating system and your applications, whereas Defender incorporates itself onto the layer where the operating system is sitting. So, you don't tax your resources to manage a product that is already incorporated into all systems. Everybody knows how to use Windows and Defender, so the learning curve is also not there. It is very easy, and it offloads a lot of things such as tech requirements, separate licensing requirements, and separate vendor management. 

I am not advising you to go ahead and discard whatever you are using. You should implement it in a test environment and see what your requirements are because the requirements will definitely impact the licensing. If your requirements are met, and then compare the time required to manage Defender versus the current solution that you are using. You should compare how many hours are you putting in managing both solutions with a different skill set. Only after such evaluation, you should deploy it. 

The biggest lesson that I have learned from using this solution is to always keep it simple. Don't complicate.

I would rate Microsoft Defender Antivirus a nine out of 10. If they can make the UI more systematic, I can give it a 10 out of 10.

View full review »

A good antivirus is something that sort of happily sits in the background and just pretty much does its job until it is needed. It is just sitting there constantly watching and monitoring. Then, if it does need to intervene or remediate against the threat, that is when you know, "My antivirus is happily working." We haven't had many incidents to deal with. To be honest, we have had a couple of false positives. 

Definitely shortlist them in your list when you are out looking for a new vendor. What tends to happen with a lot of IT professionals is that they overlook the Microsoft offering because of the reputation that Microsoft Defender has had in the past, when it came to its consumer version. However, they have spent the last few years completely revamping their security stack. I think it offers a really well-rounded, holistic approach to cybersecurity now. They are definitely worth considering next to CrowdStrike, Sophos, and Darktrace.

A lot of organizations are probably like, "Oh, no, we don't want to get Microsoft. We don't want to get Defender. We want to get an established name," but I think Microsoft has put a lot of effort, budget, and development time into their security stack. It is a great suite. 

As their Azure platform grows, they leverage that to power and drive their Defender for Endpoint. A lot of the protections that they deploy are cloud-delivered platforms. So, they are picking up telemetry from millions of different signals and endpoints. They have so much data and can see trends really quickly.

I would rate them as eight out of 10.

View full review »

I rate Microsoft Defender for Endpoint an eight out of ten.

We also utilize Defender for Cloud. Defender for Cloud is employed specifically for the Azure product. If we have servers deployed within Azure, the system handles alerting, traceability, and security. Therefore, we certainly use it.

We have three locations where Microsoft Defender for Endpoint is deployed. One is in Australia, another is in Qatar, and the third is in India. Consequently, we employ approximately two hundred personnel.

No maintenance is required for Defender for Endpoint on the customer's end.

A single-vendor security solution approach is better than a best-of-breed strategy. We all are using Microsoft laptops and OS.

I recommend completing a POC before adapting Microsoft Defender for Endpoint.

View full review »

To those evaluating this solution, I would advise first figuring out what your needs are. Figure out what levels of granularity you need in the system to see if it will support your needs. For example, if you have something like department-level control over devices, you might want to look at another system versus a central security solution that controls all devices. Beyond that, make sure your machines have the resources necessary to support the features you turn on in the environment. A lot of the resources in Microsoft Defender for Endpoint can be shut down for slower machines and older machines.

I would rate Microsoft Defender for Endpoint a solid nine out of ten.

View full review »

A single-vendor security suite has its advantages in terms of ease of porting, ease of connecting to the SOC, and also dashboarding. For ease of use, a single vendor strategy is valuable. But cost-wise, if you go for multiple vendors, you may be able to negotiate the cost, but that approach makes things difficult to integrate.

It detects suspicious malware and credential access issues, and it even maps to the Mitre ATT&CK framework. It's a pretty good product. Try it out and implement it as soon as possible.

View full review »

Your use cases, how your organization is configured, and what your infrastructure is like will determine whether you go with a best-of-breed strategy rather than a single vendor's security suite. From a cost perspective, I think it's better to just go with one technology because when you have two technologies in place, there may be conflicts with policies that may result in additional time spent investigating.

However, if an organization has a high number of macOSs and they have a lot of Linux servers, they may choose to go with two technologies if Microsoft Defender doesn't provide a complete set of security capabilities.

Before you implement the solution, first see what your use cases are and what you're actually looking for. Then, define your environment and what you're going to protect first, whether they be application servers or just endpoints. Then, you can have a detailed discussion with the implementer or vendor.

On a scale from one to ten, I would give Microsoft Defender for Endpoint an overall rating of seven.

View full review »

I'd rate the solution eight out of ten.

View full review »

I rate Microsoft Defender for Endpoint eight out of 10. 

View full review »

I give the solution a ten out of ten.

The solution is deployed across our local network. 

I recommend the solution and it should not be removed from a person's computer.

The type of endpoint security solution that is used in an organization should be based on the environment.

View full review »

It is just like anything. You should definitely do your homework and see if it is going to give you the information that you need. You should focus on forensics and the kind of information you are going to get out of Microsoft Defender. Will you get the reporting that you need? Will you get the telemetry and all the data that you need to be able to follow the path of an attack? You need to be able to see that. You need to know this information for your clients because they may need it for the FBI or something else. So, you need as much information as you can. You need to make sure that that you're going to get the information out of there and you have the right setup to be able to see everything with all of your clients. You should have an RMM tool or whatever you're using to be able to see all of your clients, and you need to make sure that you have the setup for that.

Microsoft Defender has been around for many years, and since Windows 10, they've really ramped it up, and it has gotten a lot better. I've seen some of the statistics on it, and it stands up against some of the other solutions out there, such as Norton. They've added things that make it more of an EDR, which is the endpoint detection and response layer. The ransomware was one of the big add-ons, and it is good that they've put that in there. It can stand on its own now.

It has not affected our organization's security posture a lot, but it has given me more options to lower costs for my clients. It has helped my clients and in turn, my business. It has not affected our end-user experience in a negative or a positive way. It is just a tool. I do the monitoring, stopping, blocking, and everything else for clients. 

It can be a good solution, and I hope that they grow with it and do more with it. They can make it simpler for the security and MSP world. If their solution just gets better for the MSP world, it would help everyone.

I would rate Microsoft Defender a seven out of 10 because of its lack of usability for an MSP and its lack of telemetry information, but it is useful, and it does stop ransomware.

View full review »

If you're looking for anti-virus software, use the one that comes with Windows 10, and save your money.

On a scale from one to ten, I would give Microsoft Defender for Endpoint a ten.

View full review »

I give the solution an eight out of ten.

Microsoft Defender for Endpoint is deployed across multiple locations and departments. The solution can be used for enterprise, medium, and small businesses but can be expensive for SMBs.

To achieve success with Microsoft Defender for Endpoint, it is crucial to establish best practices and ensure full deployment without causing any disruptions to business productivity. Simply enabling all features without understanding their impact could lead to interruptions in productivity. By adhering to best practices and carefully assessing the impact of each policy, we can ensure a smooth and effective implementation.

View full review »

I would rate this solution as eight out of ten.

If you have the money for it, I would recommend the Microsoft security solution.

I would recommend a single-vendor strategy if you have the money for it. I believe in defense in depth. Regarding endpoint protection, I think it's better to stick with one vendor. In my previous organization, they had conflicts between MDE and McAfee. McAfee would read MDE as a virus, and MDE would read McAfee as a virus.

The problem with endpoints is that if you have more than one solution, each of those solutions will see the other guy as a virus or potential virus. When it comes to endpoint protection, I would go with a single vendor.

View full review »

I rate Microsoft Defender for Endpoint nine out of 10. 

View full review »

I would rate Microsoft Defender for Endpoint eight out of ten.

Microsoft-heavy organizations should avoid using third-party SIEM solutions, as the compatibility issues would require significant effort from the IT department to configure them with Microsoft applications.

Microsoft Defender for Endpoint is a detection system, not a prevention system. We receive alerts after a threat has occurred.

It is better to choose a single company security solution because it will free up time to focus on the environment and identify loopholes. Rather than using three or four third-party software programs, which would require us to spend more time learning about them and resolving compatibility issues, a single solution would provide a better view of the environment.

View full review »

First, have an understanding of Microsoft's best practices. Second, understand that Defender for Endpoint is part of the operating system. It is not a "bolt-on," like most antiviruses are. There are going to be some differences in how Defender interacts with an operating system, compared to an external solution. Be prepared for that.

It helps prioritize threats across an enterprise to some extent, but we haven't delved that deeply into that part of Defender yet.

The solution hasn't saved us time but I'll qualify that with the fact that we are in migration, moving to a new system, which is Microsoft, and that always takes more time and effort, as we work through the teething troubles. That is not necessarily a reflection on Microsoft. It's a reflection that anytime you move from one system to another, it takes a while before the teething troubles are smoothed out.

If a security colleague said to me that it's better to go with a best-of-breed strategy rather than a single vendor security suite, I would say there are pros and cons. It would have to be a discussion about what they need to achieve and their thoughts on why a particular solution would seem best. On a high level, there are good and bad reasons for all kinds of solutions. Without having a clear understanding of what is trying to be achieved, it's really difficult to say whether one is particularly good or bad.

View full review »

I recommend this solution to others.

I rate Microsoft Defender for Endpoint an eight out of ten.

View full review »

If you're considering working with Microsoft Defender, the first thing you need to do is an inventory of the infrastructure. We need to know what the client has: how many Windows Servers, how many Linux servers, and how much content. And then you need to know what you want to do with the devices. Some devices are not supported anymore. We need to know which devices the client wants to be covered by Defender.

A lot of times, we want to work with Sentinel because it's the best on the market. But Sentinel is more tricky to put that in place. But when you advise a client on security, of course, you propose a lot of solutions, including Defender and Sentinel. You propose the best on the market to improve their security.

Usually, they go for Microsoft Defender, but for Sentinel, sometimes it takes time. They say to us, "We don't have the money right now, let's wait two years." On many of my projects, my clients have already worked in the cloud and they want to start working with Azure. That's why Microsoft Defender is a good tool to implement. There are times we advise the client about Sentinel but they already have a SIEM solution like Splunk.

Defender for Endpoint does not help us automate routine tasks right now because it's extra work. I know we could put that in place, but often, when we start working with a client in the cloud, we spend a lot of money on that. I know, in the day-to-day operations of the security teams of our clients, they have so much to do and it would be really good to implement automation. We propose it to our clients, but it's up to them to decide if they want to do it.

The threat intelligence can help prepare for potential threats before they hit, but this is also something we need to talk to the client about. Sometimes, it's not in our hands. We can propose things to the client, but they have to choose. So far, after proposing these kinds of things to clients, I haven't received their agreement. This part of the solution is really interesting, but it can also be expensive for some clients. It depends on their budget.

And in terms of using multiple vendors for security or a single-vendor security suite, in my current company, we generally advise our clients to have different vendors, but it depends on the client. I, myself, am not a risky guy. But a lot of our clients have Microsoft products, and we'll advise them to use Microsoft products. You don't want to go to war with your client.

Sometimes, they want to work with a lot of different products, but when you try to do that it can be really expensive because you need to work on the connections between them. I usually advise Microsoft because it's very easy and a lot of clients already have Windows Servers, et cetera. It really depends on each case. It depends on who is paying, who is asking, and what they want.

View full review »

I would rate this solution an eight out of ten.

There are several free platforms to test all the functionalities and evaluate the solution. If you see that they cover all of your needs, my advice is to buy the product.

I prefer a single vendor's security suite because integration is easier.

View full review »

I would advise comparing it with others. If your environment is mostly Microsoft, it makes sense to use Microsoft Defender as part of your deployment.

I would rate it a nine out of ten.

View full review »

I would rate it a nine out of 10.

View full review »

In terms of the end-user experience, end-users don't like to be bothered with the virus scan. A virus scan is always annoying for the end-user. An end-user cannot actually configure the antivirus and only gets a notification if something is wrong or some malware is found. That's it. There is not really an end-user experience.

The performance of the client is fine with Defender. We are not encountering many performance issues or any serious issues with Defender. When we turned over to Defender, some of the applications that were functioning absolutely flawlessly with McAfee started to have serious performance issues. So, we had to define an exclusion list for some of the processes or applications, but there are always some applications that needed exclusions for McAfee or Defender.

I would rate Microsoft Defender for Endpoint an eight out of 10.

View full review »

I give Microsoft Defender for Endpoint an eight out of ten.

No maintenance is required on our end for Microsoft Defender for Endpoint.

Microsoft Defender for Endpoint is a powerful tool and I recommend it.

Using a single vendor security suite carries inherent risks, but with a well-established company like Microsoft, those risks are significantly reduced, and it's more cost-effective than using multiple best-of-breed solutions to achieve the same level of security.

View full review »

The solution provides us with clear visibility. We have a clear dashboard analysis, and we don't need to worry about the changes we need to make as it gives a clear solution for us. Threat hunting is the best feature that gives the response to any event happening.

The solution helps me prioritize threats across our enterprise because I'm able to map all the devices across my enterprise. It is improving my security score compared to the earlier one. Compared to our earlier endpoint protection solutions, we have a good edge over the mapping we have with Microsoft Defender for Endpoint. Any new devices getting added to our ecosystem are getting secured in a better way.

We use more than one Microsoft security product. We have integrated all of these products, and it was easy to integrate them.

The integrated Microsoft security solutions work natively together to deliver coordinated detection and response across our environment. This is very important for us because we follow a framework where protection, detection, response, and recovery have to happen in a seamless manner.

Microsoft security products give visibility into the information about the latest threats happening across the globe. This gives us awareness and helps us to be well-prepared before the attacks.

We use Microsoft Defender for Cloud, and we make use of its bi-directional sync capabilities. Microsoft Defender for Endpoint has both on-premises and cloud capabilities.

We use Microsoft Sentinel, which enables us to ingest data from our entire ecosystem. We have different types of endpoints. The ingestion of data gives more data and more credibility to the logs, which makes my environment more secure.

MS Sentinel enables us to investigate threats and respond holistically from one place. It provides vulnerability management and threat detection so that we'll be able to see different logs and parameters. Normally, the threat collection, detection, and response are very much important for an organization.

MS Sentinel’s built-in SOAR and UEBA are different higher-end functionalities with artificial intelligence that provide a secure environment for any platform. It can analyze more volumes of data.

Compared to MS Sentinel, SOAR solutions are more costly.

Our Microsoft security solution helps automate routine tasks and help automate the finding of high-value alerts. It gives us a clear investigation report to find the RCA appropriately, thereby speeding up our response time.

Our Microsoft security solution has helped eliminate having to look at multiple dashboards and given us one XDR dashboard. I can integrate all my security parameters into one dashboard, and looking for the management review is easy for me.

The solution’s threat intelligence helps prepare us for potential threats before they hit and to take proactive steps. It alerts me immediately from which IP the threat is coming so that I can block that respective port immediately and prevent it from entering my network.

Our Microsoft security solution has saved us time by making the operations faster and reducing the response time. The solution has saved me almost 15 days in a month.

Our Microsoft security solution has saved us money by providing a single integrated solution and eliminating the need for different security solutions.

The solution has decreased our time to detect and respond. The solution has enabled me to act quickly on any issue before it hits me.

Microsoft Defender for Endpoint is a one-stop solution for your protection, and it gives overall visibility of your endpoint devices. You can easily add on the devices whenever the enterprise is growing.

With Microsoft Defender for Endpoint, you can club your endpoint protection, email protection, network protection, and application protection and ensure they are in good hands. We can handle anything regarding security operations, investigations, or complaints from a single point.

Overall, I rate Microsoft Defender for Endpoint a nine out of ten.

View full review »

I give the solution an eight out of ten. When discussing Microsoft Defender with other engineers, we agree that it can be challenging to become accustomed to and comprehend the UI at first. Once we have a grasp on the UI, it is excellent; however, initially, it is difficult to learn.

Microsoft Defender for Endpoint is deployed in systems located in data centers and on-premises, providing a wide range of devices. Approximately two thousand endpoint devices are in use.

Since the solution is a Windows subsystem, it is not difficult to maintain. We utilize a management solution to run many of those updates regularly, ensuring that they are completed regularly.

No single solution or vendor has all the answers, and it can be risky to rely on just one source. If an attack occurs and we are only using one form of security, if it is breached, the attackers will have unfettered access. Therefore, I believe it is beneficial to have a multi-layered approach, utilizing multiple solutions and vendors with different technologies that can work together.

I suggest people do some Microsoft training regarding the Defender platform to become comfortable with it before deploying it to understand exactly what is necessary to make it work.

View full review »

I would rate the solution eight out of ten. 

The infrastructure team has bi-directional sync capabilities set up and running well. It's essential when it comes to having hybrid cloud solutions and cloud solutions from different vendors. Various systems need to have seamless communication and shared issue reporting.  

Microsoft is increasing its data connectors, which is very helpful for ingesting data from different feeds, though some elements aren't fully fleshed out yet. How much data needs to be digested depends on the enterprise; every SIEM tool has a price to pay for how much data is ingested. The simple answer is that Sentinel allows us to ingest a ton of data, and that's vital. If we can't see a threat, we can't detect it and protect against it.  

Sentinel enables us to investigate and respond to threats from one place, which is very important for us. This is an area Microsoft has improved because we used to have to go to three different portals for our security picture. Now, everything we need to find can be seen in one pane of glass in Sentinel, whether we are looking at alerts or incidents.  

The comprehensiveness of Sentinel's protection depends on an organization's security program's maturity and capacity to leverage the solution. There's room for growth, but Microsoft is making good strides in the machine learning and AI portion of its product. The setup and fine-tuning of the tool play a significant role in how smoothly SOAR operates and whether it fulfills an organization's specific requirements. The default playbook may not fit with needs precisely, and staff with knowledge of Kusto Query Language are necessary for fine-tuning. A certain level of expertise is required to leverage Sentinel's sort and machine learning capabilities fully. 

I don't know how much Sentinel costs as I don't see the bills, but the biggest standalone SIEM and SOAR competitor is Splunk. Splunk does a better job but is also much more expensive; people often complain about the cost. I can't compare the value and pricing of the two as I need to know precisely how much they cost. Splunk is supposed to have changed its pricing model to become more affordable recently, and I wonder if Microsoft did the same with Sentinel. However, because Sentinel integrates with other solutions an organization may already use if they're a Microsoft shop, it makes it worth the price.

When it comes to a best-of-breed versus a single vendor security suite, it depends on the people higher up in the organization and usually comes down to cost. Everyone wants the best of the best, but only some companies are capable or willing to pay for that because it can be costly. Microsoft is trying to provide a pricing model that encourages customers to use a suite that seamlessly integrates with Windows and server OSs and increases integration with Linux and Mac OSs. That can provide a better ROI than getting the best of the best but having limited visibility and integration with other tools and the network. Microsoft leverages the security suite model as its selling point, and it's working for them. 

I advise potential customers to read up on the community boards and look into their specific needs. Defender for Endpoint is a good competitor for those looking for an EDR solution, and for those looking for a complete security suite, it's one of the better choices. The tool is competitive, but there are other choices if a company wants the best. Microsoft Defender for Endpoint is in the top three, only considering EDR, but for those looking for a line of products to protect their company and thereby make some savings, it's one of the premier choices.

View full review »

We are not using Microsoft Sentinel. It will create alerts regarding VMs or storage but the cost is very high. Sentinel is not going to help much more when compared with Defender for Endpoint. Sentinel isn't preferable. It only creates alerts. There is not that much impact on the organization if it uses Sentinel also.

Microsoft Defender for Endpoint is a very good solution. I recommend using it.

View full review »

I give Microsoft Defender for Endpoint an eight out of ten.

We currently have around 6,000 Microsoft Defender for Endpoint users in our organization.

We have a team called InfoSec Operations that handles maintenance and consists of approximately five people.

I recommend Microsoft Defender for Endpoint for larger organizations, and they should undergo training if they intend to use it in conjunction with Microsoft Sentinel, as it is a complex tool compared to others like QRadar. For smaller organizations, I suggest using Splunk, which is a reliable solution.

Microsoft Defender for Endpoint is a viable solution, but it does have limitations when it comes to other operating systems. I would not recommend this solution for an organization that operates in a Linux-based environment.

View full review »

I would rate this solution an eight out of ten.

There are pros and cons to having a best-of-breed strategy versus a single vendor security suite. I would go for a single vendor security solution just to have convergence but it depends. Considering the fact that I'm working for a Microsoft Gold partner, I haven't had the occasion to make a comparison.

I would recommend implementing Microsoft Defender for Endpoint. My advice is to use Intune to have better control, especially for Microsoft devices. I would also advise using third-party local antivirus solutions rather than relying on Microsoft Defender Antivirus, which is a lock-in to a single vendor.

View full review »

My advice to people looking into implementing Microsoft Defender for Endpoint is to do it very fast because the tool is changing very rapidly, so if you are a novice and you are just learning, what you learn might get changed in the next quarter. Some of the functionality might get changed, so you need to keep up with the changes, and you need to learn quickly and implement Microsoft Defender for Endpoint fast.

My rating for Microsoft Defender for Endpoint is seven out of ten.

View full review »

I give Microsoft Defender for Endpoint an eight out of ten.

We deployed Microsoft Defender for Endpoint and CrowdStrike together in one organization. While Microsoft Defender for Endpoint displayed valid alerts, there were no alerts in CrowdStrike.

View full review »

Defender for Endpoint doesn't really help to prioritize threats across the enterprise. It's more of a basic threat protection solution. It's more of a reactive approach, once something hits.

With a single vendor, it's much easier to detect alerts and threats beforehand. Having a single vendor helps.

I would recommend Defender For Endpoint. If you are using other Microsoft products, together, this is a better security solution.

View full review »

In my opinion, from the management and maintenance point of view, it is better to go with a single vendor, but from the security point of view, multiple vendors on multiple layers could work better than one vendor. If one vendor is breached, then everything goes, but if you have several layers with several vendors, and only one is breached, you have other vendors.

My advice to those evaluating Microsoft Defender for Endpoint is to stick with it and train themselves. They should know the solution and try it as much as they can. Microsoft is on the right path here.

It helps to automate routine tasks and the finding of high-value alerts, but we haven't yet implemented automation. We are planning to implement it, but at this time, because of a small number of clients, it is easier to do it manually. We just look into the alerts and resolve them one by one. We don't have a few thousand alerts per day, per week, or per month. So, it is manageable to handle them manually.

It would help us to eliminate looking at multiple dashboards and have one XDR dashboard, but we haven't yet managed to do that.

I would rate it an eight out of ten. I would have rated it a ten, but it is a pretty pricey solution.

View full review »

I'd rate the solution seven out of ten.

View full review »

I rate Microsoft Defender for Endpoint nine out of ten.

Microsoft Defender for Endpoint is indeed a commendable product. However, despite its implementation, we should consider the integration of other security products. This is due to the escalating variety of cyberattacks prevalent today. While Windows consistently issues patches to update its existing products, I propose the adoption of a dual-product approach within our infrastructure. This approach aims to preempt eleventh-hour security breaches. By juxtaposing and scrutinizing the attributes of different solutions, we can better comprehend their nuances, specifically at the feature level. The pivotal factor lies in how adeptly a solution identifies and mitigates potential threats. Therefore, I advocate for the incorporation of two distinct solutions within our infrastructure. This strategy is poised to yield heightened efficiency, effectively mitigating the risks of both security breaches and data breaches.

View full review »

I've seen a lot of people saying that they are looking for feature X but it's not there in the product. Most EDR products function in the same way, but they call features by different names. My advice would be to consult with Microsoft's Fast Track support engineers. They can guide you and explain every feature. Go for that first and then implement it.

I would definitely recommend Defender for Endpoint because going with a third party would require a lot of maintenance. For smaller companies, Defender for Endpoint would be more cost-efficient than requiring more headcount to do more maintenance.

View full review »

If you have a big team, then you can go with a best-of-breed strategy where you have dedicated teams that are looking at your endpoint protection, email protection, network protection, and so on. You may have a SOC team as well that gets the events and incidents from all of the different teams, analyzes centrally and provides a general view from a security operations perspective. In summary, if you have a well-resourced, mature organization, then it may make sense to go for the best-of-breed strategy.

However, if you have an organization without a big security team, it makes sense to have a single vendor's suite. At times, it may appear to be a single point of failure, but in terms of management and usability, it's a bit easier to work with and deploy. It will give you some level of visibility that will cut across the different domains.

Overall, Microsoft Defender for Endpoint is a good solution, and it'll give you good visibility and protection. It's worth considering, and I will rate it at eight on a scale from one to ten.

View full review »

At the moment, it is one of the best security platforms for endpoint security in the market. It is comparable to SentinelOne in terms of features and functions.

It is part of Microsoft's ecosystem. If you need a reliable and secure work environment, and you are bound by GDPR and other standards where you have to take care of your data and prevent breaches and unauthorized access, it is a great solution. 

The E1, E3, or E5 license contains Defender for Endpoint along with many other solutions. Having just the scanner is not enough these days. You need an overview of your whole environment. You need to make sure that your endpoints are encrypted, they are up to date, and they are correctly using zero-trust relationships for your central services. All these things that you need these days are perfectly implemented in the solutions that Microsoft provides. This is the only way for a company that takes data seriously and has to give a guarantee to customers that data is protected.

It is resource-intensive, but you have to take into account that it is not only a file scanner. It is continuously scanning every connection you make on the internet. It is deeply investigating the data that you transport and the connections that you make. It is scanning your files, and it is scanning your software against all kinds of knowledge bases to identify whether there are vulnerabilities in the software that you use. It is a solution that integrates almost everything. It is doing what a central firewall did before, but it is doing that in a distributed way on your device. So, it does so much more than you expect. If you are providing it to your users, you have to take its CPU consumption into account, and you need to provide sufficient CPU power for this.

I would rate it an eight out of ten.

View full review »

If you have all the information, and you are clear about what solutions your business needs, and Microsoft has all that information, the change is very easy. It's a very good solution.

View full review »

My advice regarding Defender is the same for any other security solution: Check what you need, what types of logs and whether you will consolidate these logs in another tool. What type of knowledge will you bring from those tools to create and apply new policies and anticipate security problems?

Always check your needs with the business case. Aligning them will help determine what you need to buy. Check inside Defender to see what you need to activate. Every new feature you activate inside the cloud is billed and you need to understand if you really need each feature.

Defender has some effect on the endpoint itself but it does not change the user's work processes. It is a single tool on the endpoint to monitor the activities that happen there, but it does not affect the end-user.

But you need to understand the limitations. There are some limitations with Defender when it comes to non-Microsoft solutions. But that's not unique to Defender. It's the same with every tool. You need to understand its limitations.

View full review »

Defender for Endpoint is marketed as an endpoint detection and response tool, but for others who are looking at onboarding it, they should take it as a holistic tool that provides AV, EDR, and vulnerability management all in one. However, it does not provide very good integration with third parties.

View full review »

My advice for anybody who is implementing Windows Defender is to purchase the ATP, which is in addition to the version that comes with Windows 10. This will allow you to really get the benefits and manage your organization's endpoints as a whole. This requires a presence in the Microsoft environment, such as a subscription to Office 365 or Azure.

I think that people should explore Windows Defender before looking at third-party products. While they are not a pioneer in anti-malware and anti-virus software, they are attacking it and they have a good budget. The advanced threat protection has a large cloud presence in Azure that we can take advantage of, and they update their product frequently. As soon as there is a new threat, they act on it right away.

I would rate this solution a nine out of ten.

View full review »

I would rate Microsoft Defender for Endpoint six out of ten. The support and product development team need to improve.

We have deployed Microsoft Defender for Endpoint across the globe on all of our endpoints.

Microsoft Defender for Endpoint updates itself so there is no need for maintenance.

It is advisable to always exercise patience with technical support and occasionally guide them in the right direction. Otherwise, they may become overly focused on irrelevant logs. Additionally, it is crucial to always have a contingency plan in place in case Microsoft Defender for Endpoint encounters unforeseen challenges.

The effectiveness of both best-of-breed and single-vendor security suite methodologies hinges on seamless integration. When products integrate effectively, they provide a unified view of the security landscape, enabling comprehensive monitoring and threat detection. A SIEM, XDR, or similar tool can serve as this centralized dashboard, providing a single pane of glass for security operations. By centralizing visibility and streamlining response times, organizations can effectively achieve their information security analysis and response objectives.

View full review »

To a security colleague who says it’s better to go with a best-of-breed strategy rather than a single vendor’s security suite, I would agree. I prefer multiple vendors. I am not in favor of implementing Microsoft products in all areas because, in every domain, there are some specialty products. You should focus on that and see how to make your organization much safer. Every organization claims that it has all the products, but all the products are not good. That's why you have to find out the best one and put it there.

I would recommend comparing it with other products and defining what are the most important needs for your organization. You may not require all the features. Microsoft Defender includes a lot of things. Microsoft Defender has its own MCAS solution. It also supports DLP, which is not yet mature. You should see what is required for your organization and then do a testing or PoC on that.

Microsoft Defender works well with Microsoft products. You can implement or install it on the Windows platform, but you will have to find another way to track non-Windows platforms, such as Linux platforms or Unix platforms.

Similarly, Microsoft Sentinel does the analysis for Microsoft products in a better way, but they are yet to catch up when it comes to non-Windows products. It lacks when it comes to analyzing non-Windows products. It isn't able to identify all the threats properly. The number of false positives is much more compared to other products, but still, Microsoft Sentinel is one of the leading products in the market. It has developed a lot as compared to what we saw one year ago. It enables you to ingest data from your Microsoft environment, but I am not sure about the non-Microsoft environment. This data ingestion is very important. Without ingesting all the logs to your SIEM, you can't monitor the threats. When it comes to security products, they need to be product-independent. In terms of cost, it is almost similar to other products, but it is a little bit cheaper than Splunk. In terms of ease of use, on the Windows platform, it is very easy to use, but it is not so easy for non-Windows platforms.

Overall, I would rate Microsoft Defender an eight out of ten.

View full review »

I would rate the solution an eight out of ten. 

Defender for Endpoint helps us automate routine tasks, but I don't specifically know what kind of automation it does or what we use it for, as the InfoSec team is responsible for that. 

No solution is completely foolproof, but the configuration has a large part to play in the quality of the protection. 

We have been in business for two years, so we're a relatively small and young company. Nevertheless, it's vital to have protection against malicious actors. The threat landscape we face today is complex and diverse, so our threat protection needs to be up to par. That's the benefit of using the product; we need to protect our data, and having a tool that informs us of potential threats is excellent.

As an end user, the solution didn't personally save me time, but I imagine it did for the InfoSec team who deal with it directly. The security reporting will all be in one place, and we don't have to go to the marketplace to look for separate tools to fulfill different functions.

View full review »

Overall, I would rate it nine out of ten.

View full review »

I would rate Microsoft Defender for Endpoint a nine out of ten. It provides me with greater certainty regarding malicious activity compared to Splunk, which demands much more analysis. Defender for Endpoint performs a significant amount of work in terms of identifying and validating malicious elements. This saves us from having to read and interpret a large number of logs. It takes care of the interpretation and conducts about half of the log analysis on our behalf.

I still have to conduct threat intelligence on my own, such as open-source intelligence. I don't automatically search VirusTotal for things, but I still end up doing my own source searching.

View full review »

In theory, the best-of-breed strategy is not secure, and practically, a single vendor's suite is better because there is only one contact.

I would recommend trying Microsoft Defender for Endpoint and would give it an overall rating of nine on a scale from one to ten.

View full review »

My advice would be to plan carefully and make sure you take notice of what's coming out because it pushes out a lot of very useful information. It's a matter of having sufficient staff because the amount of information it gives you is phenomenal. If a company doesn't have sufficient resources then any other antivirus might work, but this thing produces so much useful information that if you're implementing this solution it's worthwhile having the staff to deal with it. 

I rate this product 10 out of 10. 

View full review »

We are a partner and we consult clients on security solutions. It's one of the solutions we take to our clients.

For companies that are Microsoft shops, I would recommend the product. It saves a lot of integration requirements as compared to other solutions. It's a good product that does what it says it will do. 

I would rate the product a seven out of ten. There are improvement opportunities in terms of the overall tech and commercial aspects of the product. It needs to be more competitive and technical. 

View full review »

I'm just a customer and an end-user.

I'd rate the solution at an eight out of ten. I've been very pleased with how it has worked for me over the last two years. 

I would recommend the solution to others, however, I'm just a passive end-users and not as technically involved as those deploying the solution in our company. However, from my perspective, there has never been an issue on my machine with malware and therefore it seems to be doing what it's designed to do.

View full review »

I'm a consultant. I primarily work with Microsoft and I do the threat management and check vulnerabilities on the database. I'm looking for something that is not super expensive yet covers vulnerability management and where you can pick the products, and pick alerts, and you get a weekly digest report, just so that we can better manage everything.

I work with pretty much all of the 365 products. I'm pretty widely experienced in Defender. I work for a managed service provider. I'm one of the people that's, besides having my Microsoft Azure architecture, Azure security, Microsoft 365 expert level, plus M365 security knowledge. I focus on Azure and M365 security.

For Microsoft Defender, the product is cloud-based, therefore it is managed and it's updated constantly.

I would advise users to take advantage of Microsoft integrations. I would suggest that they put it all together, so they can use it as a full bundle.

I'd rate the solution at a ten out of ten.

View full review »

I would rate Defender a nine out of 10, while Cortex XDR is a five out of 10.

View full review »

Go for it. It is a standard solution. If you use Windows, you might as well go for Defender. With this solution, you have your normal dependencies within Microsoft. This means that you don't have to talk to another company; you talk directly to Microsoft. Some people might go for something else, and that is fine too. However, depending on how big your company is, if you are a small or medium business, you may want to have as many eggs in one basket to have fewer points of contacts.

It is a good endpoint. All the administration is handed over to our outsource partner. So far, it has been good. We have been using it for years, so it is the de facto standard for us right now.

As far as I know, its capabilities are okay. It is up there with the rest of them. Sometimes, this is what Gartner says is the best, the next best, the 10th best, etc. That will always change. As long as we don't get hit, we are fine. If we get hit, then there are questions around what we can expect from it, what we can get out of it, what help did we get, etc., but I would let my outsource partner deal with that. Directly, I don't have my hands on it.

I would rate this solution as an eight out of 10.

View full review »

I give Microsoft Defender for Endpoint an eight out of ten.

No maintenance is required from our end.

I believe a best-of-breed solution is better because it eliminates some of the limitations of applications that do not provide solid stability in terms of detection time, response time, and eradication. This is because a best-of-breed solution is designed to be the best in its class at each of these tasks. As a result, it can identify threats more quickly, respond to them more effectively, and eradicate them more completely.

When evaluating the solution, we must understand how our environment is structured. Is it a hybrid environment? Does it have Unix, Linux, or Microsoft distributions? And within those distributions, do we plan to purchase multiple enterprise systems to cater to each individual distribution?

View full review »

I rate Microsoft Defender for Endpoint a nine out of ten. If someone asked me whether a best-in-breed or single-vendor strategy was better, I would say there's no right or wrong answer. It's better to use one vendor from an integration perspective because it's easier to set up. 

A single-vendor approach also simplifies support. For example, if you use CrowdStrike, you might be using Splunk as your SIEM. When you open a ticket with CrowdStrike, they will only be able to answer questions about their own products. 

View full review »

We constantly get updates from Microsoft that are light and they don't really affect us while we're working. The updates have been very helpful.

I would recommend Microsoft Defender for Endpoint.

View full review »

Work on Sentinel. It has a lot of power versus the Microsoft Defender solution.

View full review »

I would rate this solution 7 out of 10.

View full review »

I would recommend this solution only for small home environments. It is not for enterprise environments unless you buy the commercial version.

I would rate Microsoft Defender Antivirus a seven out of ten.

View full review »

Microsoft Defender decreased our time to detect and time to respond. However, we didn't completely rely on one solution. We had other means as well. We used to have another EDR solution as well, and we used to run both together.

I would definitely agree with a security colleague who says that it’s better to go with a best-of-breed strategy rather than a single vendor’s security suite. For example, if you are a one-vendor customer, the day the vendor gets hit with zero-day or any huge attack, none of your tools or software would work. Your data and other things are also at risk. So, having multiple vendors is good because you'll be covered by different products. 

Microsoft Defender's threat intelligence helps to prepare for potential threats before they hit and take practice steps, but there was another team that was using the threat intelligence and reporting capabilities to see whether the organization was ready. In my previous organization, we had overall IT support, which was then divided into nearly 20 different teams. We had one team specifically to do one specific job. 

For prioritization of threats, if I'm not wrong, Microsoft Defender gives you a severity value. I haven't been in the admin part for long, but it gives you a severity value. Based on that, you can prioritize your threats.

I would rate Microsoft Defender an eight out of ten. 

View full review »

I would rate this solution an eight out of ten.

View full review »

I rate Microsoft Defender for Endpoint a ten out of ten.

View full review »

Microsoft Defender is good enough as long as you ensure the environment is well-patched and secure, then even the free option will be sufficient to take care of the entire ground.

We are not looking to increase usage at the moment because of the underlying economic situation.

I would rate this solution as nine out of 10.

View full review »

The product's threat intelligence prepares us for potential threats and helps us take proactive steps. Its vulnerability management feature is important to us. 

Microsoft Defender for Endpoint has improved our security posture by giving visibility to our endpoints and vulnerabilities. 

The tool helps us save months per year. It also helps us save money in manhours.

 Microsoft Defender for Endpoint has reduced our time to respond and time to detect by a large margin. 

We chose the product because we already use Microsoft products, and it better integrates with them. 

I rate it an eight out of ten. 

View full review »

Microsoft Defender for Endpoint helps us save time since we don't have to keep a separate semantic console. 

We can see the threats as soon as they come in. Our security team gets notifications. 

I rate it an eight out of ten. 

View full review »

While we have the solution set up on our private cloud, you can also use a hybrid setup if that's better for your organization. 

I would advise new users to connect it with an endpoint manager and connect it with the cloud and then let the real magic happen.

I'd rate the solution an eight out of ten.

View full review »

New users who are leveraging Microsoft can decide if they want to use Defender. It's already there - you can either activate it or not, depending on your preference. It's nice that you have a choice. Many companies find Defender is enough for them, however, if you want more security, you may be able to add other firewalls or security features to your existing infrastructure.

I'd rate the solution at a seven out of ten.

View full review »

The organizations I have worked with that are using Microsoft Defender for Endpoint are mostly small- and medium-sized businesses. Our larger customers are generally not using it.

There was a service built within our organization, a service that is very much hooked in with CrowdStrike. If you've ever seen the CrowdStrike products, you'll understand why. They are pretty impressive products. They do some things that help them see malicious activity in near real-time. Can they react to it in near real-time? No. But like everybody, they are trying to find a way to be able to react faster. They just bought a company called Humio, which is a SIEM/SOAR product I referred to earlier that does not store events directly to disk, so it can act on things much faster.

Used alone, I would rate Defender for Endpoint a seven out of 10. When integrated with other Microsoft products, I would give it an eight. It really depends on other pieces of the solution for Zero trust to work properly. It won't work well if you deploy it by itself. If you're going to use Defender for Endpoint, you should also use Defender for Identity, Defender for Office 365, and the full gamut, including MCAS and MIP, and then you will need your SIEM/SOAR. It's a long journey. And you had better have done your identity very well. If you haven't, it won't really matter what you throw in place, once they breach your identity plane. That's the most important one. I can put every possible safeguard in place, but if someone gets the keys to the kingdom, I might as well just turn them off.

View full review »

I rate Defender for Endpoint nine out of ten. It's great. I don't have anything negative to say about those technologies. They are serving their purpose.

View full review »

We are Microsoft customers. We don't have a special relationship with the organization. 

We are using the latest version of the solution. 

It's a good product overall. I would rate it an eight out of ten.

View full review »

We've been working with various Microsoft solutions, e.g. Microsoft Defender for Endpoint, Microsoft Azure, etc.

Microsoft Defender for Endpoint has been awesome, so far.

I wasn't around during the setup of the solution, so I have no idea on how long setting it up took.

We have 6,000 end users of Microsoft Defender for Endpoint within the company, and it's being used on workstations, servers, and mobile devices.

I'm rating Microsoft Defender for Endpoint nine out of ten. I found it to be a good product. It's a fine product.

View full review »

Microsoft Defender for Endpoint has improved a lot over the years and it is a lot better now.

I would recommend this solution to others.

I rate Microsoft Defender for Endpoint an eight out of ten.

View full review »

If I do recommend it, it will not be solely for security purposes. It is possibly for a first-line security platform, and it is required to build a second, third, and possibly fourth business security layer.

I would rate Microsoft Defender for Endpoint a seven out of ten.

View full review »

I would advise doing your due diligence. This is more than just an endpoint security solution, and sometimes, you've got to think of your technology stacks before applying or purchasing certain security solutions and see if they're applicable to your environment. 

I would rate it an eight out of 10. No endpoint solution is ever going to be able to be perfectly good at stopping all types of threats. No endpoint solution would ever get a 10 in my point of view. 

View full review »

I would rate Microsoft Defender for Endpoint a seven out of 10.

View full review »

I would recommend this solution to others if they don't have many third-party tools. It is a very good solution.

I would rate Microsoft Defender for Endpoint a seven out of ten.

View full review »

In general, Windows Defender is a good feature for the Windows Operating System.

I would rate this solution a seven out of ten.

View full review »

We are considering moving to another solution, so we are trying to inform ourselves about the other products in the market that will fit our budget and needs. We are trying to see what the competitors offer in the server market. We are looking into ESET NOD32 because we know the product from back in the day.

I would recommend this solution. It is free, and it is doing its job for Microsoft Windows Server. It is a good product. I would rate Microsoft Defender for Endpoint a nine out of ten.

View full review »

I would recommend Microsoft Defender. They are a leader, and they have many deployment use cases. However, it also depends on the requirements of a company. There is no one-size-fits-all. Each company has its own unique requirements.

I would rate it an 8 out of 10.

View full review »

I would recommend this solution to others.

I rate Microsoft Defender for Endpoint a nine out of ten.

View full review »

It's pretty good.

I would rate this solution a nine out of ten.

View full review »

Overall, I would rate Microsoft Defender for Endpoint a nine out of ten.

View full review »

My advice would be to start small, don't start a project thinking that it's the best solution, and bowl it out straight away. Take your time. Don't think that you'll be able to incorporate the platform within a month, although that would depend on the size of your business. Take your time, there's no rush, be patient. Because there will always be some problems.

I would rate it an eight out of ten. 

View full review »

My advice for anybody who is implementing this product is to first analyze their critical assets to have an understanding of what they are. Then, decide if they want a scalable solution. New threats are coming in every month and the way this is going, Microsoft is learning lessons from networks that have been compromised. With this information, they give updates and patches to everybody. In support of this product, you have to consider the patching, consider the visibility that it gives, and then consider the critical assets it is protecting.

I would rate this solution a seven out of ten.

View full review »

I have never touched this product. I'm just selling it, and I don't recommend it to anybody as a standalone solution.

I would rate this solution a five out of ten.

View full review »

I would recommend Defender to anyone thinking of using it, and I rate it as eight out of ten.

View full review »

I rate Microsoft Defender for Endpoint an eight out of ten.

View full review »

I would rate Microsoft Defender for Endpoint and eight out of ten.

View full review »

Since we started using this product, we have not had any breaches. When we were using the products by McAfee and Symantec, there were issues with viruses and malicious payloads. Now, it is better because we haven't had any major issues with the systems.

My advice for anybody who is implementing this product is to let the IT staff manage it, and not allow end-users to configure it or modify their own settings.

I would rate this solution an eight out of ten.

View full review »

I would rate Microsoft Defender for Endpoint a seven out of ten. The solution is stable, easy to deploy, and scalable. However, threat detection could use some improvement.

Our organization is a cybersecurity company, and after using Microsoft Defender for Endpoint for one year, we found that it lacked features such as endpoint detection and response. Additionally, it was weak in certain areas, like detecting a set of malware and providing email protection. As a result, we started exploring other solutions, even though they may be more costly.

View full review »

I recommend this solution and rate it eight out of 10. 

View full review »

I would recommend implementing this solution together with a certified partner. That will help to avoid a lot of mistakes and save you money, because licensing is a big part of the project.

View full review »

This is an on-premise solution where all connections have a cloud connection.

I would recommend the solution to other companies. I'd rate the solution at a nine out of ten. 

View full review »

We're a consulting company. We are not partners with Microsoft.

We use the solution as a SaaS.

I'd advise other companies to use this solution. It's an ideal choice, however, I'm not sure about the pricing. Maybe it's on the higher end of other competitors' pricing. That said, if you have an opportunity to use it, it will solve a lot of problems with respect to pain point detecting and doing investigations. At the same time, with Microsoft, if 80% of your organization is using Windows systems, it's going to be compatible. Specifically, with its platform, Microsoft understands what is right and what is wrong. Therefore, if the money is not a concern, or the budget is not a concern, opt for this. At the same time, as a generic statement, if not this solution, go for an EDR tool that suits your organization's needs best.

I'd rate the solution at a seven out of ten simply due to the fact that I have not fully optimized it. 

View full review »

This is definitely a product that I recommend people use because first of all, you do not have to pay anything extra to use it. The performance is very smooth and it protects your system, which is very much needed. All in all, I would say that this is a good antivirus solution.

I would rate Microsoft Defender Antivirus an eight out of ten.

View full review »

When we initially implemented Windows Defender, we were pessimistic about whether it would be good enough. However, it is a pretty mature product now.

My advice for anybody who is considering this product is that it's good, and it gets results early.

I would rate this solution an eight out of ten. 

View full review »

Make sure you read the documentation and understand what else is required before you get started.

I would rate it a seven out of ten. 

I don't think that another tool is doing anything better, or this one doesn't. It's just about using it and seeing where to find the stuff.

View full review »

Because of my lack of knowledge or experience with the solutions full capacity, I cannot recommend this solution or offer any advice.

I would rate this solution a five out of ten.

View full review »

While I cannot speak to the exact version number, we are likely on the latest version. We have an administrative team that makes sure it is updated and takes care of everything for us. 

I would recommend the solution to others. So far, it has been a good product.

I'd rate it overall at an eight out of ten.

View full review »

Customers haven't given us any feedback about difficulties with the solution. With its intelligence and tools over cloud infrastructure, it's a good product. We are developing some use cases and projects for customers with Microsoft Defender for Endpoint. It is good for us.

View full review »

We are a Microsoft Customer.

I'm not sure if I would recommend the solution to others. It depends on their requirements. It needs to fit a company's use cases.

I would rate the solution at an eight out of ten.

View full review »

We are totally satisfied with performance and price. However, there is still the question, "Is it safe and secure enough for home, primary-school-age children, and minors?" Despite having a Masters degree in Computer Sciences and Mathematics, I have not been able to say if Microsoft is doing bad or good things.

Many companies may say that they have the best product, but I recommend always watching the news about what a company is doing. Stay informed. Don't be complacent. 

The solution is a nine out of 10.

View full review »

I will continue to use and would recommend the solution to others. 

I rate Microsoft Defender Antivirus an eight out of ten. 

View full review »

I rate Microsoft Defender for Endpoint a ten out of ten.

View full review »

We are customers and end-users.

This Microsoft security platform is very much a SAS platform. It's playing together with all the other security products from Microsoft and the company is using the Azure platform to collect the information and to work on the main refine security findings. It's working very well together with the Microsoft Cloud solution for security.

It's my understanding that they call it the security graph. It's quite important that they are communicating together. Windows Defender, ATP is delivering a lot of telemetry to that form and correlating it with telemetries.

The reason why we have implemented DHCP part is due to the fact that we bought a Microsoft E5 license with a lot of security enhancements.

I've only seen it in the implementation and design phase, however, it's pretty good. That said, it's also within the environment of a large company where the processes can be a bit difficult.

I'd advise users to integrate it into their security operations center so that they can have the full benefit of the product.

I'd rate the solution at an eight out of ten.

View full review »

I would recommend the solution because I can confidently tell everyone that this product is working very well and it's stable. You are always sure that they are able to deal with a virus or something else that may interrupt your work.

I would rate this solution nine out of 10.

View full review »

Defender by itself is not a solution. Defender is basically a functionality.

We have some issues with reporting, but I think it's just the way we've integrated right now, again not using ATP. So, we just use STC MS management. Then it's limited in terms of reporting.

From an operator's perspective, I think there are some policy detection issues where you've got a detection for a signature but how it translates into the FCCM dashboard where it doesn't really categorize that particular model. It picks something up as bad but it's just unknown.

So, I think that's a known issue with this particular thing. Because it doesn't know what it is classified as it doesn't really do anything. For it to do something, the policy has to recognize the category of that number. It could be a trojan horse or whatever it is, but it doesn't really do that. It could be what they call an autonomous detection where the system categorizes it as not recognized and hence it blocks it, but it's not going to let you delete it instantly. Usually, you can say if it's detected you want to block it, that's the first step. The second step is to be able to delete the file or quarantine the file. But it doesn't recognize that, so it doesn't know what it needs to do. Instead, it just blocks it. It only blocks it because it doesn't recognize it as being Malware.

I would rate this product a six out of ten.

View full review »

To achieve the best results holistically, consider the total cost of ownership of the Microsoft suite of products.

I would rate Microsoft Defender for Endpoint a seven out of ten.

View full review »

I would definitely recommend others to go with Defender ATP if they have got the licenses because it can give them a wide range of security controls. It is integrated with Office portals and Microsoft monitoring systems, so they get the sensors from different places. We haven't come across any security threats yet. From the point of view of its theory, implementation, and architecture, Defender ATP and other ATP integrations would definitely help customers in controlling their organization and implementing the best security rules and policies.

It hasn't affected the user experience much for our customers. Customers only see the notification pop up saying that Defender hasn't found anything and things like that.

I would rate Microsoft Defender for Endpoint a seven out of 10.

View full review »

If your computers or users are limited and you are not worried about using your computers for a lot of other browsing purposes or a lot of communication from the public, then you can depend on Microsoft Defender as your only solution. However, when your company is a lot more public facing, then you get a lot of mail from the public and must interact with the public. Also, if you must connect your computer to other computers not in your company, then I would suggest going for either a top-of-the line antivirus solution or third-party solutions. Totally depending on Microsoft Defender is not going to work for a company who is facing a lot of public interactions with their computer system.

I would rate it as an eight out of 10.

View full review »

I would recommend this solution to others.

I rate Microsoft Defender Antivirus an eight out of ten.

View full review »

Overall, on a scale from one to ten, I would give this solution a rating of seven. If they improved the scalability, I would give it a higher rating.

View full review »

It's a good solution. I would recommend Microsoft Defender ATP to anyone who is interested in using it.

I would rate Microsoft Defender ATP a seven out of ten.

View full review »

I would suggest that if you're already using Microsoft products, then I think it makes sense to go with Microsoft Defender over any other product.

I would rate this solution an eight out of 10. 

View full review »

Windows is a great tool that I have used. It has helped my organisation in achieving what it does daily and protected our data in a great way.

I would recommend every user who has a computer or laptop to consider using Windows Defender since it is the best tool to safeguard your system from malware and attacks.

View full review »

I would say this is a good product. It's very intuitive, easy to use, and very good for people who don't have much experience in security.

This a very good product because every time there is an update it corrects any issues. It can help an enterprise go up.

I would rate it a nine out of ten. 

View full review »

Anyone on Windows 10 Enterprise should choose this solution.

It really depends on the volume. You need one senior architect who can just define the entire thing: the device, network configuration, etc. You will also need some Level 1 engineers who need to keep on monitoring the devices and do onboarding. If they are using the latest version of Windows 10, then you can do the onboarding via Intune, Endpoint, etc. 

My rating for this solution is an eight out of 10.

View full review »

I would recommend this solution. I would rate it a seven out of 10.

View full review »

We sell the Microsoft 365 solution to customers. If a customer wants Windows 10 Defender, they can choose Defender ATP in Office 365.

I would rate this solution as a five or six out of 10.

View full review »

I would highly recommend Microsoft Defender Antivirus for an individual looking to protect their endpoints.

View full review »

Microsoft has started to integrate the interface with new Windows 10 settings. Previously, there was a lack of information. Users weren't aware of the status of the product in terms of what it was doing on your computer and whether it was actually protecting you or not. In the background, it must have been doing its job, but you couldn't be very well aware of the status of the software. All those issues are now resolved. The information now is very handy, and the user interface is also great. I would recommend this solution to others.

I would rate Microsoft Defender Antivirus a nine out of ten.

View full review »

I have used it enough to be sure that I could recommend it for home use on a PC.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate Defender as a nine-out-of-ten based on my experience.  

View full review »

I rate Microsoft Defender for Endpoint a seven out of ten.

View full review »

I rate Microsoft Defender for Endpoint eight out of 10. It's a cost-effective solution for Microsoft shops.

View full review »

I rate Microsoft Defender eight out of 10. 

View full review »

I'm using Microsoft Defender for Endpoint for myself and for my clients. I'm a partner of Microsoft.

I'm the one in charge of the deployment and maintenance of this solution.

My advice to someone planning to use Microsoft Defender for Endpoint is that it's super easy to understand, whether you have no prior knowledge of it, or you want to learn more about it. You can also learn more about security, particularly information security.

My rating for Microsoft Defender for Endpoint is nine out of ten.

View full review »

I wouldn't call Microsoft Defender for Endpoint a solution, I'd call it part of a solution. I don't think I would be going around recommending it.

I rate Microsoft Defender for Endpoint an eight out of ten.

View full review »

I would recommend Microsoft Defender for Endpoint.

View full review »

Microsoft Defender for Endpoint is quite good. We haven't really experienced any issues with it.

I would recommend Microsoft Defender for Endpoint to other users. Overall, on a scale from one to ten, I would give this solution a rating of eight. 

View full review »

I rate Microsoft Defender for Endpoint eight out 10. I would recommend it to others.

View full review »

We're just a customer and an end-user. We don't have a business relationship with Microsoft.

We're using the latest version of the solution.

I would recommend this product to other organizations. In fact, I already have.

Currently, I'd rate it an eight out of ten. That's with the knowledge gap I have, as a user that just started working with the solution recently.

View full review »

This is a good product and I can recommend it to others.

I would rate this solution an eight out of ten.

View full review »

I would really recommend this solution because it is an in-built Microsoft product, and it is at the OS level. We don't require a new layer to install it as a software application. 

I would rate Microsoft Windows Defender a seven out of ten.

View full review »

If you require Endpoint Detection and Response or Behavior Analysis and you can afford it then go with those products. I would rate Microsoft Windows Defender a seven out of ten.

View full review »

Currently, we have not experienced or seen any challenges with Microsoft Defender for Endpoint.

Our customers are mostly medium-sized companies.

My advice to people thinking about implementing Microsoft Defender for Endpoint is that it is good, in relation to Windows, but if they want to have a holistic product in relation to Linux and other systems, they need to consider other products.

I'm rating Microsoft Defender for Endpoint an eight out of ten.

View full review »

I would recommend this solution to others.

I rate Microsoft Defender for Endpoint a ten out of ten.

View full review »

I would rate this solution as 10 out of 10.

View full review »

Before settling on this solution, you should explore more than one form of ATP. Overall, Microsoft Defender Antivirus is a very good application.

On a scale from one to ten, I would give this solution a rating of ten.

View full review »

I would recommend this solution to others. I have a lot of good things to say about it. We are still navigating through it, and it has been working very well. We will absolutely keep on using it. 

I would rate Microsoft Defender for Endpoint an eight out of ten.

View full review »

For Windows Defender, there's no server edition for it. It's free. There is no additional cost. It's part of Windows, i.e. if you have issues with compatibility using other products. 

If you paid for Windows, it already comes with Windows Pro and Windows Enterprise automatically. It's better to go with it than pay the additional expense of deploying other solutions.

On a scale from 1 to 10, I would rate this product a nine. It doesn't have all the features that it needs to be perfect.

View full review »

Microsoft Defender for Endpoint only provides a basic level of security. I don't find it overly useful or appealing. I can trade it with another endpoint security solution. It's an addition to other endpoint security solutions.

I rate Microsoft Defender for Endpoint a five out of ten.

View full review »

I rate Defender seven out of 10. 

View full review »

If anyone is looking for an antivirus instantly, they can enable Microsoft Defender for Endpoint on their Windows operating system. If they are still thinking of buying endpoint security in the future. They can use the Microsoft Defender for Endpoint in the meantime.

I rate Microsoft Defender for Endpoint a nine out of ten.

View full review »

We are always using the latest version of the solution.

I'd rate the solution at an eight out of ten.

I would recommend the solution to other users and organizations.

View full review »

I don't recommend this solution.

I would rate Microsoft Defender for Endpoint a five out of ten.

View full review »

I would recommend using this solution. I haven't had any issues and it's been working fine for me.

I plan to continue using this product as long as it is not causing any problems.

I would rate this solution an eight out of ten.

View full review »

Overall, on a scale from one to ten, I would give this solution a rating of nine. Some integration components on Mac should be improved. It should be more stable on Mac. If they fixed this, I would give it a rating of ten.

View full review »

Defender is an ideal solution for web security. I would rate it as seven out of ten.

View full review »

I would recommend my friends and colleagues use Microsoft Defender because it always protects us against ransomware and viruses. 

In summary, this is a great product.

I would rate this solution an eight out of ten.

View full review »

I would recommend this solution to others.

I rate Microsoft Defender Antivirus a nine out of ten.

View full review »

I'd say the product rates about an eight out of ten as it currently stands.

You have to implement the product — there's no choice. You can't use the exchange online protection or the advanced analytics or obscure identity IP protection without the APT being installed on the endpoint. Otherwise you're not getting into threat intelligence or the actions. You're not going to get the full response plan or activities that occurred. You cannot deploy without APT being installed on the desktops and have a full, defined solution for unified labeling. That has to be deployed and tested for unstructured data for at least six months with the AIP (Azure Information Protection) scan that's deployed with APT.

View full review »

If you have a mid-sized organization, the solution works well. However, in a large size organization, there are challenges.

I rate Microsoft Defender for Endpoint a seven out of ten.

View full review »

This is a product that I have recommended to my friends and I will continue to do so.

Overall, this is a good product and I have never been disappointed with it. That said, there is always something that can be improved.

I would rate this solution a ten out of ten.

View full review »

I rate Microsoft Defender an eight out of ten. I would recommend it to others, but it depends on whether they have their own policy for deploying antivirus products. It's good for some users who have some preferences—who need to follow their security policy or who have some budgeting issues. 

View full review »

We are using the public cloud deployment model of the solution.

I would recommend the solution. I would rate it ten out of ten.

View full review »

My additional advice would be to create a test user group, deploy the software to those test users and then monitor those users as part of a log management operations center and run comparisons over several months. Comparing those users, against other users perhaps using a third-party product, like Symantec, would allow for calculation of performance and progress metrics. Based on that, a decision can be made as to whether to deploy the software across the organization or not.

I'd give this tool a rating of 8 out of 10. It's got good detection rates, low on system resources, doesn't interfere or hamper workflows, and it's easy to use.

View full review »

I would rate the solution a seven out of ten. As it's a free solution, it doesn't have a lot of features like paid versions. If you are a home user or don't have a paid version of any other antivirus, Defender will be fine for you.

View full review »

I would rate this solution an eight out of ten.

View full review »

The majority of the updates are really good. 

I would rate this solution eight out of 10.

View full review »

I would recommend this solution and rate it a seven out of 10. 

View full review »

I'd recommend the solution. Why not, after all? It's already there within Windows 10 and is part of a user's Microsoft bundle. 

Overall, I'd rate the product eight out of ten. If it had more ransomware protection, I'd rate it higher. As it is, the solution offers great malware features, is ranked pretty highly in Gartner and is easy to implement and use. Plus, it doesn't drain a lot of your machine's resources, which is a bonus.

View full review »

I would rate this solution a seven out of ten.

View full review »

I will rate Microsoft Defender eight out of 10 for now, but we need to evaluate it more, especially the virus detection, which still isn't proven. I think we need to evaluate it first. 
Yes. I wouldn't recommend it for end-users who already have a more capable antivirus solution. But if someone would like to try in a small environment, we can recommend Defender security.

View full review »

We are Microsoft resellers.

The solution is not on the cloud. Our office is small. We use independent computers. It's not in a structured network environment. We just use a small wireless network. As individuals, we are using it on small computers.

In my region, I would not necessarily recommend this solution. I'd still advise my clients to have other antiviruses unless I get to know that there is a licensed version of Windows Defender that Microsoft is selling and licensing. I still go ahead to advise my clients to buy other antiviruses, which are more effective. Kaspersky, for example, is a good option.

I would rate the solution at a six out of ten. There are other more robust antiviruses on the market that you can license.

View full review »

I would recommend this solution to others. It is very easy to use.

I would rate Microsoft Defender Antivirus an eight out of ten.

View full review »

My advice for anybody who is looking into using this product is that it's a good and easy way to secure your PC.

I would rate this solution an eight out of ten.

View full review »

We are using the on-premises deployment solution.

I would rate the solution seven out of ten.

View full review »

Defender Pro or Home Basic antivirus provides some sort of security against the latest internet threats, but going for the reputed Anti-virus software like Symantec Endpoint, Quick Heal, etc. would be a wiser choice. The price of this program may be a bit lower, but safety of you and your computer is of greater importance. View full review »