@Obsolesce said in Evaluating Defender ATP:
@marcinozga said in Evaluating Defender ATP:
I was about to evaluate it to, I had a webex session with Microsoft sales, and while it looks nice, it doesn't really offer anything special over other solutions. And it's expensive, really expensive. Perthaps sales mislead me but we either had to subscribe to O365 E5 or M365, or get Windows 10 Enterprise licenses. It worked out to being 15-18 times more expensive than 3rd party antivirus solution.
While it may be more expensive than one's current A/V solution, it's definitely not 15-18 times more than a different centrally-manageable enterprise solution.
The cheapo 3rd party solutions really only offer definition based protection. That's pretty standard and is just the tip top of the iceberg of enterprise end-point protection. I'm not saying any blanket statements here, perhaps simple cheapo a/v is fine for some traditional or legacy environments, they are all different. I'm also not saying everyone needs all the features of DATP. My point is that while some can get away with a simple cheapo or free A/V or definition based protection, there's a ton of need for more than that.
We've been using Microsoft Cloud App Security for a while as an add-on to M365 E3 package and been really helpful in many situations, where user account got compromised and attempts made to login from risky IPs/infrequent countries! We got them on the fly and had preset alerts to disable the accounts. I am assuming that with defender ATP add-on, the coverage gets better. I personally am evaluating the portal and impressed with the amount of details they have covered.
Few screens from my personal tenant. I've been blasting these test vms with malwares!
I love secure score, with defender you get that extended to windows as well!
and the best part!
Evaluation lab! You can fire up an Azure VM for free and test out any malware and other settings and tweak policies accordingly. The VM only stays active for few days, but you can fire up new machines (current limit is 3)