How many of you guys have (or are considering) a switch to Windows Defender as your primary anti-virus? Considering the attack vector added by other vendors (thanks, Google Project Zero) and the speed at which Microsoft is improving Defender it’s starting to seem like having one less management interface & license pool to manage is quickly becoming a reasonable decision (if it isn’t already).
We’re using it as our primary. Small staff, though. If they have any questions about whether they should click on something, they call me. We did have a ransomware outbreak last year, but that was because someone left a port forward for Remote Desktop open to a Domain controller that had a stupid password.
Are you using any Internet Content Filtering or Security service? That, also, might help protect your clients. We only use MS Windows Defender but I also will run free Virus software from time to time. We use Cisco Umbrella for additional security and content filtering but others, like ChurchDNS, are cheaper but could help.
I am using Windows Defender on all the Windows clients (uninstalling any previous A/V). There are many urban legends concerning Windows Defender and most competing vendor are highly motivated to propagate those myths. You might find this article interesting:
The only third party A/V I would seriously consider would be either Cylance (Mac and Windows) or Tanium.