I usually get asked what endpoint security solution would I recommend . This is just as abstract as which car would be the best for you.

Any responsible solutions sales professional or security sales person would differ answering the question on till after getting more information.

Seeing that Windows is the most popular operating system by far. Windows Defender has been shipping as part of the OS for years now.

So as a start many non-corporate users use the default and leave it enable, or with activities to remediate application or performance issues you disable defender first. So over the years if you are financially active online you would buy a more comprehensive solution.

Either a AV Name brand product or full blown security product.

In doing this many users have dispelled MS’s credibility in the client security space.

As this sentiment rolls on, the same message creeps into the corporate space. The AV/Endpoint security  market is extremely crowded and as such competitive. 

 So is Defender just a waste of time ? Yes if you dont take time to understand what you need and more critically what the components are and what they do ? How they interact and how to extract effective value.

While this can be said for most software its more relevant with Microsoft Defender family. the second part is to understand how to license the different pieces.

After a quick google i came up with the following list :

  • Windows Defender
  • Microsoft Defender
  • Advanced Threat Protection (ATP)
  • Microsoft Defender Antivirus
  • Microsoft Defender for individuals
  • Microsoft Defender for Endpoint Plans 1 and 2
  • Microsoft Defender for Business
  • Microsoft Sentinel.
  • Microsoft Defender for Cloud.
  • Microsoft 365 Defender.
  • Microsoft Defender for Endpoint.
  • Microsoft Defender for Office 365.
  • Microsoft Defender for Identity.
  • Microsoft Defender for Cloud Apps.
  • Microsoft Defender Vulnerability Management.
  • Microsoft Defender for Endpoint on Mac
  • Microsoft Defender for Endpoint on Linux
  • Microsoft Defender for Endpoint on Android features
  • Microsoft Defender for Endpoint on iOS features

Quiet a lot right! 

The reality is that Microsoft has a very comprehensive suite of security products.

I will create a series of posts to explain the major modules and groups of products.

To round up this post . - Windows Defender.

Windows Defender or Defender Antivirus is the bundled / Built-In AV component of the Defender Family of security products from Microsoft.

The value in having it shipped is that apart from the AV engine is contains a number of probs that enable and power the other licensed capabilities.

The Next Gen mind set and proven track record puts Defender on par with most of the other competing solutions.  One of the key points is that all of the product line are able to share sensor data and aggregate to a single cloud console ( MS Security Sensor).

 

Look of for new posts where ill share my thoughts on the other Defender Products.