TrustRadius: an HG Insights company

Microsoft Defender for Endpoint

Score8.8 out of 10

285 Reviews and Ratings

Free Trial

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.

Categories & Use Cases

Media

Screenshot of blocked activities
Screenshot of Detects & responds
Screenshot of discovers vulnerability
Screenshot of Eliminates blind spots
Screenshot of Risk management

1 / 5

Screenshot of blocked activities

Key Features

Learn about the best (and worst!) features Microsoft Defender for Endpoint has to offer, as determined by TrustRadius' reviewers.
Based on 285 ratings of Microsoft Defender for Endpoint's features
View all features

Top Performing Features

  • Malware Detection

    Detection and blocking of zero-day file and fileless malware.

    Category average: 9.1

  • Endpoint Detection and Response (EDR)

    Continuous monitoring and response to advanced internet threats by endpoint agents.

    Category average: 9.2

  • Infection Remediation

    Capability to quarantine infected endpoint and terminate malicious processes.

    Category average: 8.6

Areas for Improvement

  • Centralized Management

    Centralized management supporting multi-factor authentication, customized views, and role-based access control.

    Category average: 8.7

  • Vulnerability Management

    Vulnerability prioritization for fixes.

    Category average: 8.6

  • Hybrid Deployment Support

    Administrators should be able to choose endpoint security on-premise, cloud, or hybrid.

    Category average: 8.1

Most Frequent Users

Top 3 industries using Microsoft Defender for Endpoint
Based on HG Insights installation data
View all Reviews
#1 most frequent

Professional, Scientific, and Technical Services

25.0%

743 installations of 2,975

First thing I use in this product for no more than the employee devices, right?

Cybersecurity Senior Engineer, Maureen Data Systems (MDS) (201-500 employees)
Verified Review
#2 most frequent

Finance and Insurance

12.2%

364 installations of 2,975

It has positive impacts because of the integration with all our Microsoft projects.

Security Admin, Chevron Federal Credit Union (201-500 employees)
Verified Review
#3 most frequent

Manufacturing

12.0%

357 installations of 2,975

Reviews

What users are saying about Microsoft Defender for Endpoint.
View all reviews

Microsoft Defender for Endpoint

Incentivized
Cathy Spence
Cecil at Argus Insight (51-200 employees employees)

Use Cases and Deployment Scope

Scope of use case is the title, link file, RNK, and file. Malware

Pros

  • I get a good rest. Static file Detections of malware are updated quite often and are also quite effective. And overall has more.

Cons

  • So far, it has not been detecting the link. File. Malware for changes that we are facing where you buy separately from simple anti, let the link file malware problem.

Return on Investment

  • It's malware detection, so it didn't apply any objectively; it didn't really apply any bit objectively is anti-slideshare.

Usability

Offers Solid Protection Against Attacks at the Endpoints.

Patrick Lendi
IT Manager in Information Technology at Kaba Delivery (51-200 employees employees)

Use Cases and Deployment Scope

We use the Microsoft Defender for Endpoint to protect data at the endpoints. Helps to keep employees laptop, desktops, phones and other devices secure and protect against cyber threats. Offers a strong encryption scheme that helps to protect data organizational data from getting in wrong hands in-case of lost of a device.

Pros

  • Protects devices from cyber attacks ( Malware and Spyware)
  • Responding to threats in real-time.
  • Automates cyber threat protection and response.
  • Seamless integration with Microsoft ecosystem.
  • Offers reliable security monitoring.

Cons

  • Learning curve for advanced features.
  • False positive in occasional instances.

Return on Investment

  • Enhances security at the endpoints.
  • Helps to boast productivity by elimination of interruptions.
  • Enhances compliance and disaster recovery.

Usability

Other Software Used

Barracuda Backup, Microsoft 365

Microsoft Defender for Endpoint should just be enabled by default

Incentivized
John Lee
IT Director in Information Technology at Fleurco Products Inc. (51-200 employees employees)

Use Cases and Deployment Scope

[...] is a manufacturing company headquartered in Montreal. We have offices across Canada and the United States. Microsoft Defender for Endpoint is deployed across our entire organization. Having a cloud based solution with a single pane of glass to manage all our assets is of the highest importance to us. Being able to receive immediate alerts when suspicious activity occurs has been extremely helpful in keeping our risks at a minimum. Microsoft Defender for Endpoint management is also smart enough to not send several alerts when an attack could be hitting multiple targets within a certain time frame or it's the same attack multiple times.

Pros

  • Consolidate alerts so you are not overwhelmed
  • Integrates with Microsoft products
  • Already licensed if you're using Office Premium or higher enterprise licenses

Cons

  • Management Interface needs work
  • Digging through analysis is not always informative
  • Constant clicking around to find all the relevant information

Return on Investment

  • Microsoft Defender for Endpoint has alerted our team when users clicked on phishing links in emails and we were able to prevent any harm
  • When a website frequently visited was compromised, Microsoft Defender for Endpoint quickly quarantined the file that was auto-downloaded.
  • The alerts for the website download were all consolidated to one incident making it easier to manage.

Usability

Return on Investment

We have Microsoft Defender for Endpoint installed across our entire organization with offices in Canada and the United States. All our workstations are Microsoft Windows based. Our servers are all Microsoft Windows Server and we have a few on-premise servers at our headquarters as well as several hosted on Microsoft Azure.

Alternatives Considered

BlackBerry Protect (CylancePROTECT) and BlackBerry Optics (CylanceOPTICS)

Other Software Used

Sage 300, WatchGuard AuthPoint

My Insights on Microsoft Defender.

Incentivized
Piero Biglione
IT Technician in Information Technology at Arkios (51-200 employees employees)

Use Cases and Deployment Scope

We use the Microsoft Defender for Endpoint protection and threat response. It helps protect our organization's servers and cloud from any attacks, thus keeping our data secure. The tool helps to ensure that our endpoints are secure from any threat through threat detection and elimination automation.

Pros

  • Proactive threat detection and protection.
  • Offers comprehensive endpoint security.
  • Offers advanced threat protection.

Cons

  • Sometimes it gives false positives.

Return on Investment

  • Improved security posture.
  • Saves time.

Usability

Microsoft Defender for Endpoint Review

Verified User
Engineer in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

We use it to monitor alerts and incidents, respond to them, gather data, and threat hunt.

Pros

  • Particularly well. It gives a clear picture when alerts come in. We’re able to dig deep into the process or file that’s generating the alert, so that’s very helpful.

Cons

  • Room for improvement: better whitelisting capabilities. That’s the number one thing I would love to have.

Return on Investment

  • Mostly poisitive.

Return on Investment

2000, we're supporting Windows.

Related Products

Products similar to Microsoft Defender for Endpoint that may also meet your needs.
All comparisons
Symantec Endpoint Security
CompareLearn more
Sophos Intercept X
CompareLearn more
CrowdStrike Falcon
CompareLearn more