We performed a comparison between BigFix and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The setup is pretty simple."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It is stable and scalable."
"The solution was relatively easy to deploy."
"NGAV and EDR features are outstanding."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product detects and blocks threats and is more proactive than firewalls."
"It has plugins development options, which are great."
"Before we had BigFix, we had problems with some malware. BigFix allows us to immediately patch all instances of endpoints that were vulnerable to antivirus and initiate scans. That's key."
"Software distribution and patch management are the most valuable."
"The most valuable aspect of BigFix is its ability to patch desktops. While we have complete control over servers and can easily push patches to them, desktops pose a greater risk for leaks and vulnerabilities if patches are not installed in a timely manner. By using BigFix, we have significantly improved our ability to patch desktops, whether they are laptops, desktops, or other mobile devices used by end-users."
"BigFix technical support is good."
"It has improved my organization because we can automate a lot of tasks. We went from manually patching machines or doing our best and having very little visibility into it to us being able to set it and forget it and getting really good results on first-pass patching."
"What I like most is that it is a powerful solution."
"My company provides support services to a lot of customers and companies. We have reduced a huge amount of man-effort. Along with the man-effort, we have reduced the timeline to fix the compliance and security gaps. We have an unbroken record. The documentation clearly says that we have done the patching of newly released patches, including Microsoft and third-party patches, in up to 80% of the computers, within 72 hours of the release of the production. That was a very massive benefit that we have seen. When I talk about the 80% endpoints, it is 100 or 200. I am talking about 25,000 endpoints."
"We are able to productively integrate with existing on-prem, hybrid, or cloud applications."
"Defender provides useful alerts and groups them. It sends an alert to your portal if it detects any malicious activity, and you can group multiple alerts to form an incident."
"The folders and files protection are its most valuable features. These have been valuable because of the increase in ransomware attacks. With these two features, I can ensure that no changes have been made to our system or endpoint folders and files without the user being aware."
"For threat-hunting, I'll put some threats in a test scenario. I've downloaded known viruses that are out in the public for testing. They're not really a virus but they've got a signature. Defender for Endpoint will automatically find those, quarantine them for me, and alert me to what it did. It gives me "automated eyes.""
"One of the features which differentiates it from other EDR providers is the Automated Investigation and Response, which reduces the workload of SOC analysts or engineers. They don't have to manually investigate each and every alert on the endpoint, since it does so automatically. And you can automate the investigation part."
"One of the valuable features of the solution is the small updates that keep my machine relatively clean from any infections."
"Defender is stable, I haven't had any problems with viruses when using it, and it's easy to update."
"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."
"ZTNA can improve latency."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Making the portal mobile friendly would be helpful when I am out of office."
"The SIEM could be improved."
"FortiEDR can be improved by providing more detailed reporting."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The only minor concern is occasional interference with desired programs."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The BigFix Inventory could have an increased scope regarding the tools that can be detected. It does not cover all the possible software installed in Asset."
"One aspect that could be improved is the speed of the console. Sometimes it can be slow, which is something that needs to be addressed."
"I'm looking for them to make big web UI improvements."
"The relevant language takes a little getting used to since it's not used anywhere else in the industry. It's just in the BigFix environment."
"I would like to see more integration with external data."
"I would like to see a web UI SDK so we could take what is provided currently and be able to build our own customized web UI for particular customers that want to sell service."
"They don't have a proper mobile device management capability. They're working on it, however, that's the one thing that needs improvement so that you can have full unified endpoint management."
"I'd definitely like to see additional feature parody in the web UI versus the console. There are certain things that you can only do in the console and they're very cumbersome to do, like secure parameters, for example. That's definitely something that has a wide degree of utility but it needs to be easier to surface. At this particular juncture between the transition, between the legacy console and the web UI, it's hard to justify dealing with the cumbersome aspects of the legacy console when theoretically everything's been through the web UI."
"Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."
"The solution has minimal customization options, especially compared to Mandiant, so we want to see more scope for customization. A single portal for customization would also be a welcome addition."
"Threat intelligence has the potential for improvement, particularly by integrating more sources."
"I would like to see fewer pop messages and alerts."
"They should come up with pre-built inner workflows."
"We would like to see more tools for managing on-premises security... Sometimes, we have the tools, like Defender, to manage security in the cloud, but because we are so focused on the cloud, we forget the fact that we need to be sure about the security of the on-premises environment, specifically Active Directory."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
BigFix is ranked 14th in Endpoint Protection Platform (EPP) with 91 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. BigFix is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of BigFix writes "Very stable and easy to deploy with excellent patch compliance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". BigFix is most compared with Microsoft Intune, Microsoft Configuration Manager, Microsoft Windows Server Update Services, Red Hat Ansible Automation Platform and Automox, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune. See our BigFix vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.