We performed a comparison between Code42 Incydr and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"I get alerts when scripts are detected in the environment."
"The setup is pretty simple."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Impressive detection capabilities"
"Backup and recovery have been great, but I love having the ability to keep the hybrid type build which they offer."
"Low system overhead, setting retention policies, ease of use"
"It had the ability to preseed by sending in a data drive and could restore by sending the user a data drive."
"Risk factors can be adjusted for all intricate details."
"It has quite a bit of flexibility in configuring backup sets."
"The solution is very stable. Very rarely do we have any issues with it. We don't have to deal with bugs or glitches. It doesn't crash or freeze. We find it to be reliable."
"t has a very user friendly status bar with common errors and has logs built in to the console so we can review the issues or status of CrashPlan."
"There are a couple of things. One of them is that they have what they call Incydr. Their detection and response solution to the insider threat area is called Incydr. That gives visibility to the clients that have widely dispersed employee bases due to work from home, or that had a dispersed workforce predating any of the work from home requirements. Even though they might not be inside the organization physically, they're inside the organization. It allows us to get some visibility into what people are doing, what the context is, and how to control what might be the potential for intellectual property theft or file exposure."
"Technical support has been great."
"We use Microsoft Defender for the antivirus."
"The attack surface reduction rules are the most valuable. We're able to have unattended remediation actions when the solution works side by side with a local antivirus like Microsoft Defender or Kaspersky. The attack surface reduction rules help us to proactively block and stop threats."
"The integration with all variations of Microsoft Defender, for Endpoint, 365, and Cloud is valuable."
"Microsoft Defender for Endpoint is beneficial because we are using Microsoft Windows and all the core solutions are made by Microsoft, such as the authentic platform, operating system, and antivirus protection. It is a heterogeneous environment. We had to use third-party solutions before and update everything separately. For example, the policy for antivirus. With Microsoft Defender for Endpoint, when Microsoft Windows receives updates it will update with it. This is one main advantage of this solution."
"It's a Microsoft product; it's easier to deploy this product than other options."
"This product is flexible, and it is very easy to get updates from the Microsoft website."
"I enjoy using the live response feature, which allows me to remotely access different endpoints and investigate malicious files, such as malware that people may have downloaded, and other related issues."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The dashboard isn't easy to access and manage."
"I haven't seen the use of AI in the solution."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Intelligence aspects need improvement"
"Detections could be improved."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not user-friendly."
"Java, please get rid of Java."
"In a couple of instances, we had a little bit of trouble in getting it distributed throughout the organization. We ultimately managed to do it, but they talk about it being a pretty simple process, and it became a little laborious. It would just turn away. The agents were not being distributed. It was just churning and churning and churning. When we were looking for specific categories of data, it was getting bogged down, but that was not even so much Code42, although some of it was their issue."
"What I think could be improved is how I get support."
"Reporting could use an overhaul. It is very limited."
"Due to recent changes that effectively abandoned an entire segment of their user base, I no longer trust nor can recommend Code42 products."
"The application, written in Java, required far more system resources on a Client than other solutions."
"There doesn't seem to be any feature that is lacking."
"More security would be nice, I would love to be able to remotely brick a stolen laptop and it's hard disk drive (HDD)."
"The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices."
"Microsoft Defender for Endpoint is effective for validating work, but not ideal for investigations."
"With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras."
"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"The scanning is slow when it is working with incoming emails."
"The application control feature requires improvement."
"I personally haven't experienced any pain points, but some of my coworkers feel that it isn't secure enough."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Code42 Incydr is ranked 42nd in Endpoint Detection and Response (EDR) with 78 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews. Code42 Incydr is rated 9.0, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Code42 Incydr writes "Provides comprehensive visibility and protection, helps in identifying the gaps in security, and comes with excellent onboarding support". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Code42 Incydr is most compared with Threat Detection, Investigation & Response (TDIR) Platform, Microsoft Purview Data Loss Prevention, Morphisec, Qualys Multi-Vector EDR and HPE GreenLake for Backup and Recovery, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and Fortinet FortiClient. See our Code42 Incydr vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.