Microsoft Defender for Endpoint and Microsoft Intune serve different purposes. The first protects endpoints from cyber threats like viruses, malware, ransomware, and phishing attacks, and the second is a management console that helps you control and configure your devices.
To summarize, both are Microsoft products and offer seamless integration with other Microsoft tools. Microsoft Defender for Endpoint helps secure your devices from cyber threats and Microsoft Intune helps manage and configure various devices within your organization.
"This solution definitely increases our security posture. When you are reviewing your existing fleet or endpoints and based on the configuration that you put out of your Defender for Endpoint, you then receive a security score from Microsoft. Depending on what rules you have configured, what policies you have deployed, and what attack surface reduction rules that you have set up and deployed, it is almost gamifying information security in the sense that you are always trying to achieve a higher score. The more hardening you perform on your endpoints, the better score you receive. This generally tends to give you a better peace of mind, but also makes you secure at the same time."
"It is stable and very easy to use."
"It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10."
"The most important and the most relevant features of Defender for Endpoint are the malware and ransomware protection."
"It is stable and easy to use. Everything is okay, and there are no performance issues."
"The installation is straightforward."
"This software is easy to use."
"Its real-time security is the most valuable."
"It supports end-users who tend to lock their devices quite frequently. Its conditional access policy helps us keep the users logged into their devices."
"We can manage and standardize security across your environment, identify problems, receive alerts, and so on. That's its purpose, and that's also why it's so good."
"The solution is scalable. We currently have tens of thousands of users within our organization using the solution."
"Configuration profiles, remediation, scripts, and auto-pilot features are very good."
"It works pretty well for us."
"We are a remote company, and the product helps us manage the global endpoints. It helps us natively manage the endpoints in the cloud from anywhere."
"Its direct integration with all the other products that we have from Microsoft is valuable. We're using the E5 license, and we have a whole wealth of different products available. It just makes it easier to have everything from one provider."
"The main advantage is that Intune performs its intended functions effectively."
"The solution could be more friendly for end-users, with different type of scans or scheduled scans for it."
"The interface could be improved."
"I miss having an executive dashboard or a simple view for viewing things. Everything is extensive in this solution. Everything is configurable and manageable, but the environment of Microsoft 365 has about 13 administrative dashboards, and in each of the dashboards, there are a gazillion things to set up. It is good for a large enterprise, but for a 200-seat client, you need to see 5% of that."
"Features like device inventory continue to lack essential workstation drill-downs showing the entire device information with the least effort."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"The product development team makes frequent changes that affect the stability of the solution."
"Its price could be better."
"The solution could always be more secure."
"No option to do end-to-en macOS management. Slow implementation of policies."
"Enhancements for managing MacOS more comprehensively would be beneficial."
"An issue we have run into with Microsoft Endpoint Manager is that we cannot patch third-party products like Adobe and Chrome with it."
"It should be easier to define policies and comply with those policies."
"We would like to see support for Chrome and/or devices for Chromebooks."
"The main disadvantage seen today is regarding Linux clients. We have a lot of development resources that have Linux on their clients, and we can't manage them on the same platform, as we do with other clients such as macOS and Windows. So, it should have support for Linux clients. It should also have better support for macOS."
"It doesn't economize when you scale up. We have over 14,000 employees, and we have between 7,500 and 8,000 city-owned or personal devices being used to conduct city business. Its price can be improved. It is not a cheap solution."
"Onboarding of endpoint devices is not straightforward. The onboarding process was a little heavier than I thought it would be. That's the key improvement area. Obviously, the more control you have over the devices, the better it is."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 5th in Microsoft Security Suite with 182 reviews while Microsoft Intune is ranked 3rd in Microsoft Security Suite with 165 reviews. Microsoft Defender for Endpoint is rated 8.0, while Microsoft Intune is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Microsoft Intune writes "We can manage all aspects of our devices from a single console, easy to scale, and quick to deploy". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform, whereas Microsoft Intune is most compared with Jamf Pro, VMware Workspace ONE, ManageEngine Endpoint Central, Microsoft Entra ID and AWS Systems Manager. See our Microsoft Defender for Endpoint vs. Microsoft Intune report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
In recent years Microsoft has really upped its game with Defender and Intune. As core cyber-security for an SME, keeping just to Microsoft is now a real option. The challenge is understanding the gaps / cyber security service weaknesses (if they exist) in comparison with other vendors such as ESET, Malwarebytes, Trend Micro, etc.
Azure AD Services, Defender for Endpoint, and Intune are all Microsoft products, but it is important to understand how each product works as they may not be compatible and there may be some limitations.
Devices managed through Intune may not have all of the Defender for Endpoint features. Some advanced features such as automated investigation and remediation may only be available for devices that are enrolled in Defender for Endpoint standalone.
In addition, Azure AD and Intune have different requirements for device enrollment and management. Intune requires devices to be enrolled and managed through an MDM solution, while Azure AD provides basic device management capabilities but may not support all of the features available in Intune.
Lastly, there may be limitations to how user identities and access are managed between Azure AD and Intune. Some features that are available in Azure AD, such as conditional access policies, may not suit Intune, and additional configuration may be required to ensure that user identities and access are properly managed across both services.
If anyone out there has other experiences, please let me know!
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.
1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.
2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.
3. You can still use autopilot using both of these approaches.
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.
There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...
But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations.
Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...