Microsoft Defender for Endpoint Reviews & Product Details

We use Microsoft Defender for Endpoint on a very large deployment and most of the endpoints were previously running Cortex XDR. Defender provides high level of protections against cyber treats. Our GSOC team investigates incidents and deploys security policies via the Microsoft Defender portal. We were able to detect and stop cyber attacks in the very early stages and this helps us keep the environment clean. So far we haven't had any major incidents. Review collected by and hosted on G2.com.

It takes a lot of training and constant learning, managing the security policies for all protection modules is a complex process. There is no Linux support at this time. Review collected by and hosted on G2.com.

It provides endpoint protection against cyber threats. It has a combination of machine learning , behavioural analytics and the best part which I personally like is that it has cloud-based security intelligence to detect and response to the threats in real-time. It is seamlessly works with Windows, Mac.

The best thing about the EDR is that it can analyze the behavior patterns and trriger alerts when unusual or malicious activities are detected. Review collected by and hosted on G2.com.

There are two, three things I want to mention about the EDR which I personally felt to mention is that it's complex liscensing model it can be confusing to the new user and for thr intermidiate as well , defender for endpoint is included in different packages and organizations may need help understanding which features are included in which package.

And the last thing I want to mention is intensive resource utilization on certain devices , perticularly on the older devices the software can be resource-intensive which may cause trouble in performance degradation, mainly during scans. Review collected by and hosted on G2.com.

We like of Microsoft Defender for Endopint, system license that permit have 2 choise and the price that is competitive in the market, console cloud is another plus and multiple support different operating system. Defender is easy to use and easy to implement and with api is very easy to integrate with SIEM Review collected by and hosted on G2.com.

Support is not the best and take a long time to respond to service request Review collected by and hosted on G2.com.

Microsoft provides security for endpoints , Office 365 apps , Servers etc. Their providing zero hour prevention to all of the endpoint which are configured with Microsoft endpoint security. Review collected by and hosted on G2.com.

the deployment process is very complex when configuring security for IOS device. Review collected by and hosted on G2.com.

I've been working for Microsoft Defender for Endpoint for past 3 months and it's been a wonderful experience so far. One of the best things is the the GUI. It's quite indulging else usually the tools consoles have a very simple console. Atleast working on Microsoft Defender for Endpoint is creating more interest while working. Review collected by and hosted on G2.com.

Sometimes it's just difficult to navigate from one page to another. Sometimes also the source does not reflect any evidences. Review collected by and hosted on G2.com.

It's capability to deeply integrate within the Microsoft Ecosystem Review collected by and hosted on G2.com.

It's high consumption of resources of the system Review collected by and hosted on G2.com.

Best when it comes to prevent from virsu and malware

Excellent in handling the vulnerabilities and taking remediateion action against each vulnerabiltity

The EDR function gives extra wings ti analyst to detect , prevent and response to any cyber attack. Review collected by and hosted on G2.com.

Quite a few i have observed false positive alert detecting genuine service as malware or threat.

In perspective of new user to get to use of its GUI is difficult Review collected by and hosted on G2.com.

The defender is best known for the overall detection rating of malwares be it a static or behavioural detections. The defender is versatile and helps in securing security postures in many ways. It is easy to organise and manage over a wide range of endpoints. Offers protections for cross platforms as well. Review collected by and hosted on G2.com.

Nothing to dislike here as it is a great solution for security needs and one minor improvement is it's Offline detections which can be bit better. Review collected by and hosted on G2.com.

This is a solution perfectly compatible with the Windows operating system. This makes them easy to configure and manage for people familiar with Microsoft tools. From the device side, it ensures safety and risk that even an unintentional threat will be quickly detected, removed and properly communicated to the team responsible for security as well as to the end user. Review collected by and hosted on G2.com.

Detailed reports and statistics provide a very good insight into the security of networks and end machines, but most of this data is reserved for administrators, not the end user, who is the last to learn about threats and potential vulnerabilities. I lack security analysis capabilities for the end user, who ultimately can only scan the machine for threats. Review collected by and hosted on G2.com.

Extended features

Alerting and aggregating multiple alerts under incident.

Automated investigation launching capabilities.

Vulnerability management feature.

Asset discovery and management.

Exposure management (latest in preview)

Advanced threat hunting through KQL (this is a prerequisite though) Review collected by and hosted on G2.com.

Nothing really that didn't like.

Probably, Microsoft is complicating Security defender portal by adding all its security products alerts into single dashboard. This is currently creating silos to L1 members. Review collected by and hosted on G2.com.