We have MDE deployed to 3000+ devices. It provides valuable protection, information about vulnerabilities and how to remediate them on the protected devices, and alerts us to potential nefarious activity. The data can be used to track harmful payloads from the source, its activity on the machine and any network connections made. We rarely have to create exceptions for software except on older operating systems.
Pros
Malware protection
Vulnerability reporting
Attack analysis and response
Web content filtering
Cons
Better support for older operating systems
Onboarding devices can be tricky to set up
Tracking and monitoring for devices that have not been onboarded can be confusing
Likelihood to Recommend
It is great for larger organizations with full time security staff. It is probably too cumbersome for small businesses to manage effectively.
VU
Verified User
Engineer in Information Technology (Chemicals company, 1001-5000 employees)
Good and compatible software for Windows OS security. Helps to protect the endpoint and provide proper security, and detect threats easily. Best defender for the daily use case. Easy management of configurations, timely alerting, and malware protection are our common use scopes.
Pros
Centralized and easy management of threats alerting and configuration
Automated threat detection and reporting as well.
Extremely user-friendly UI and good performance experience too.
Cons
High number of false alerts triggering.
It take much time in remove virus and scans which is little annoying.
little issues is clarifying the alerts and finding the right path of tackling.
Likelihood to Recommend
Defender is one of easiest and comes as an integerated free tool with windows OS to protect environment from threat and malwares. Dashboard is easy , good and configuration management is one of the huge environment because they are too basic if a technican is aware about windows they can simply configure it. It gives real time protection with full reporting support of threats as well.
We use it for securing our endpoints and it's to make sure that users don't make foolish decisions on their computers.
Pros
It is pretty robust in the sense of alerting and what it does for our users as far as it's integrated to their operation systems and so it makes it easy for them to see alerts as well on their endpoints. And then for us to get information within our same platform
Cons
I think the biggest problem with it for us is just lack of visibility in that when it comes to putting it within Microsoft's platform. So for us, the platform is so robust, but if you don't have every feature for it, it kind of loses some of the functionality.
Likelihood to Recommend
It's great for endpoint security, it's great for helping us integrate with the OS, making it simple for end users, not having to worry about a lot of user operations. It's difficult for seeing the whole pane of glass for everything without buying every single Microsoft product out there.
VU
Verified User
Director in Information Technology (Sporting Goods company, 201-500 employees)
We use Microsoft Defender for Endpoint for phishing emails where we have installed the endpoint as well as all other users endpoint laptops where we use it to monitor all threats and take appropriate action accordingly.
Pros
Great threat detection and management.
No major impact on performance of the device.
Securing our buisness in and out.
Cons
User Interface can be worked upon.
Improving Capabilities with non windows environment.
Latest Security updates timely.
Likelihood to Recommend
Microsoft Defender for Endpoint is a great solution for your buisness. Extremely useful for active background scanning and analysis without any major list on the devices. Not that great in logging and audit trails.
Defender for Endpoint is used to compliment other EDR/AV tools. Defender for Endpoint is a great solution for protecting against malware, computer viruses and malicous files, etc. It also detects vulnerabilities which be analyzed in the Defender for Endpoint Microsoft portal. Therefore, the use cases covered includes, protection, detection, performance and performance impacted, ease of deployment and integration.
Pros
Defender for Endpoint is updated automatically on a regular basis.
It catches a most malicous files which means it's detection works very well malware, viruses and ransomware.
Defender for Endpoint integration well with other Microsoft products. For example, it integrates well with Microsoft Sentinel SIEM solution.
Defender for Endpoint data is very useful for threat intelligence and threat hunting.
Cons
Defender for Endpoint does not support some older operating systems versions. Most organizations have legacy applications running on legacy OSs therefore some of these should be supported.
Onboarding assets is a little different depending on the operating systems that is being used. This takes away for a consistent onboarding process.
From a management standpoint, some aspects of management is handle in local SCCM while others are on the Microsoft cloud.
Likelihood to Recommend
Microsoft Defender for Endpoint is well suited for detecting malicious files from a EDR prospective. It is light weight and does not impact other processes or applications running on systems. Microsoft Defender for Endpoint is at time difficult to troubleshoot. It would be nice to be able to flip a switch to disable Defender for Endpoint when troubleshooting issues.
VU
Verified User
Contributor in Information Technology (Consumer Goods company, 5001-10,000 employees)
We are using this protection as part of the M365 subscription to some of our users, I must admit the all in one package with the collaboration tools is something unique that you cannot find in other subscription based, it is doing what it supposed to do, if not better, which is protecting our end points and bring the additional safe feelings to both IT and our users,
This is being used for our end point devices' protection that includes antivirus and malware protection. it is implemented to all of our M365 subscribers ( around 200 of them ) and till date are satisfied with the protection given to our machines
Pros
Antivirus protection
Malware protection
Quarantine and alerts
Offering with other suites in M365 family
Cons
There are cases where it is not able to detect malware but other antivirus is detecting it
Better dashboard
Likelihood to Recommend
It is good as it comes with the M365 suites, which in a way can be a great bargain point as you pay several products with one pricing and we all know that Antivirus is not cheap. It can improve the security definition to detect better threats out there, as the internet is sometimes a scary place and the dashboard can be improved for administrator function. For MS Windows environment, the protection and collaboration with Windows firewall is expected and can be and additional compliment to each other
VU
Verified User
General Manager in Information Technology (Automotive company, 1001-5000 employees)
We use it for endpoint management, just to make sure that we have visibility into our endpoints and we're able to get an alert on any anomaly behavior. And we're able to remediate using the product. If you want to isolate whatever we're getting an alert on. We also have a list of all our endpoints shown, we're able to go in there and be able to see what endpoints we have, what vulnerabilities they have, and any incidents, any behavior that can be happening within the endpoint.
Pros
I haven't seen anything that I can say I can pick it out of as particularly well or not. I just haven't had any issues with the product, but I also haven't paid attention to say, oh, in comparison to this. But I do like the incident response part of it because it does help us. It does have features where you can look deep down and look at the incident and be able to track and see exactly where the incident is and the direction, all that stuff. So I like that.
Cons
I haven't really looked in because we have so many products. I don't think I can provide. But I don't think I have one because we have so many products, we just use this for a particular reason. But so far I don't think I have any issues with it at all.
Likelihood to Recommend
It's most appropriate for incident response. I find it very valuable that I can find the information when there's an incident and be able to see where that is so I'm able to track it and see what the anomaly is and check it. And I like that a lot. It has a capability for vulnerability management, but I don't necessarily use that because there are so many other tools that specifically deal with vulnerability management, and so I would say I enjoy the incident response part of it.
VU
Verified User
Employee in Information Technology (Railroad Manufacture company, 5001-10,000 employees)
We use it to gather valuable insight into what our users are doing on their laptops. We use it for instant response tactics as well as just as being able to take preventative measures and what we're configuring as well as some of the vulnerabilities that we discover.
Pros
Some of our favorite things that it does is it creates a very key timeline to what some of the processes that are running, the applications that are being run, as well as just overall what's being done on the computer as well as provide us good data on vulnerabilities, extensions, and browsers, as well as just baseline configurations that either are misconfigured, not configured or recommendations actually improve our security posture.
Cons
So I think one of the strongest roadblocks we've run into is we currently use a different product for our whole EDR suite and in active mode for Defender for Endpoint, it really clashes with other EDR tools. So if we could work together to better not interfere with each other, we'd find it a lot more valuable.
Likelihood to Recommend
I'd say it's very suited for larger corporations that have lots of mobile devices or just laptops and are very client user focused. I'd say it's not very keen for use in maybe smaller companies that are just mobile focused as it is a Microsoft product. So it's very key and geared towards a Windows device.
VU
Verified User
Analyst in Information Technology (Food & Beverages company, 10,001+ employees)
It's our threat protection tool. What's hopefully keeping us safe during the day.
Pros
It generates enough alerts and lets us know what's going on. It's any malware incidents, it's quick and prompt to alert us, be able to isolate. It's a good tool.
Cons
It's a little noisy. It can get alert heavy, but I guess it's doing its job, so I don't know if that's much of a complaint.
Likelihood to Recommend
I'm a fan of the product just more because it's to say integrated into Windows. It's not a third-party app that I have to install. So just the ease of it already being there, integrated into Windows, and then it does its job because it's saved our butt a bunch of times with some malware.
VU
Verified User
Director in Information Technology (Electrical & Electronic Manufacturing company, 10,001+ employees)
