Item: Microsoft Defender for Endpoint
Rating: 10
Author: Verified User

Use Cases and Deployment Scope

I would say the best part about Defender is that it's seamlessly integrated into the operating system and as a lot of overhead comes with all sorts of agents that do get installed onto a particular device or laptop, what have you, it's certainly a drag on resources. So the deep integration of Defender into an endpoint machine significantly helps with that processing overhead that you get from add-ons of other agents that are just inherently built in.

Pros and Cons

From an overall endpoint protection perspective, I would say it certainly helps protect through the integration across the entire OS and software browser or what have you. Just that deep integration protects against threats, potentially internal with accidental file sharing, external files, browsers, malicious links, URLs, just the ability to have that smart screen capability built in, again throughout the entire OS really just helps protect the entire machine.

From an improvement perspective. The only thing that comes to mind is when there's a health notification on a particular action in the security center where there's maybe an action to take, whether a piece is misconfigured and it maybe click to activate set capability.
So from a negative, the only thing that really comes to mind is within the device security portal within the machine itself. Occasionally you'll get alerts such as Core Isolation, maybe after a security update or whatever, just the Windows update comes through. Maybe something might be disabled temporarily. And trying to re-enable that feature through a single click. And then a reboot doesn't always seem to stick the first time, but that's honestly the only thing that stands out.

Return on Investment

I would say the ease of use and integration across the broader M365 Suite has led to some other business decisions to move from third party tools onto more of a M365 stack. So not necessarily that was the gateway entry point into the broader solution, but it was one of many where the presence within IBM has grown across the entire portfolio of M365 as a result of the successes with Defender as well as other solutions as well.

Key Differentiators

Other

I wasn't one of the decision makers were the purchase overall that goes through our CIO organization. But as a user though, I would say it was a good decision. Trying to think how to word that in a sense. Well, from a decision not involved in the purchase process, I would say I didn't have a decision to use it, but I'm glad that they made the decision that we can use it.

Components

It's a good question. As someone who doesn't have access into that administrative view, I'm not sure as far as what I would assume everything's turned on, but I can't accurately speak to what else might not be. Yeah, I mean using those capabilities just as an end user, just to know that whatever I'm working on or just as I go throughout my workday, I don't have to worry about security.

Protection Scope

I mean, assuming every employee has at least well across both Mac and Windows, I would say upwards of 400,000 assuming it's deployed everywhere. From a employee device perspective? Windows machines and Macintosh machines. I'm not personally sure where the server side of the conversation goes because a lot of the other stuff is online like Exchange Online for example. But I know at least from that device's perspective I can be certain of that answer.

Alternatives Considered

I would say not to name specific company names, because I'm a partner with one of them and that's the account that I work with. But I use some competing solutions that I would say are pretty heavy from an overhead perspective with the agent that has to be installed in the machine. It can be too restrictive for permissions where it gets in the way of an employee doing their job and the ability for Defender to be secure in that, but still allow an employee to go about their day and do what they need to do is certainly a change maker there. But yeah, from the other products perspective across the years, whether it be business or personal, some other products I can name are other endpoint protections from Vera Avast, McAfee, of course as folks remember that. And some of the other major players too that I would say a large networking company that doubles in security as well. I'll name them that way.

Key Insights

Do you think Microsoft Defender for Endpoint delivers good value for the price?

Yes

Are you happy with Microsoft Defender for Endpoint's feature set?

Yes

Did Microsoft Defender for Endpoint live up to sales and marketing promises?

Yes

Did implementation of Microsoft Defender for Endpoint go as expected?

I wasn't involved with the implementation phase

Would you buy Microsoft Defender for Endpoint again?

Yes

Likelihood to Recommend

I would say, where it's well suited as certainly any device where you know that either you're potentially running a Kickstarter device as your own personal unit, but maybe you want to try to connect it to some resource like, "Hey, you know what? This is a small community device. Maybe I'll try connecting my email on the go." You're protected from that perspective with the vendor, even if it's something that might be a bit suspicious from a hardware perspective. There's also the case where any device that you know are running Defender for endpoint that you're good to go. You don't really have to worry about all the other solutions out there because Defender has recovered.

Microsoft Defender for Endpoint Review

Overall Satisfaction with Microsoft Defender for Endpoint