Forum Discussion
Windows Defender antivirus and Defender for Endpoint next-gen antivirus
- Thanks, but do we unlock additional features for Windows Defender antivirus, if we use Defender for Endpoint? That's still not clear.
- I can recommend the following video to learn about the MDE features: https://www.youtube.com/watch?v=U7jWbXx_bmE
It's a bit older, but still give you great insights.SteBeSec still not clear for me. I perfectly understand that MDE adds additional features besides tradional antivirus.
But this link (https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-in-windows-10?view=o365-worldwide) states that MDE includes "Next-generation protection".
I have read further and understood, that MDE includes PUA (potentially unwanted application) detection. As well as it includes BAFS (Block at first sight) feature. And also there is dynamic emergency updates feature (Cloud-delivered protection and Microsoft Defender Antivirus | Microsoft Docs).
Are these available without MDE?
If you ask me: Yes. With MDE, you get the whole EDR/XDR part, post breach functionality, custom indicators, Advanced hunting, Reportingcapabilities via API and so on.
With only Defender AV built in Windows 10, you are missing all the features mentioned above and if you are also missing SCCM or Intune, you don't have the possibility to manage Defender , it updates and its detections. Only the Defender Settings can be distributed via GPO.
Hope this answers your question.
