Advice Request Why are we even messing with anything other than WD these days?

[Andy Ful]

...
This is just my experience and I know that everyone's will be different.
...

Some people feel WD as light, some not. The same is with other AVs.
There is no need to force people on using WD or other good free AV.
Anyway, it is good to know what are the strong and weak points of a chosen AV.

 

[ForgottenSeer 72227]

Some people feel WD as light, some not. The same is with other AVs.
There is no need to force people on using WD or other good free AV.
Anyway, it is good to know what are the strong and weak points of a chosen AV.

Exactly!

For the record I'm not trying to force anyone to use anything, I just want people to use what ever they want. I know you didn't direct this to me @Andy Ful The only thing I like to stress to people is to try it out for yourself and see what you think.

It's why I'm not overly fond of a vs b threads because I fell like they become a popularity contest, rather than providing information to help someone choose a product. Even then picking a product that gets the most votes doesn't mean it will be the best one for you, especially if you are buying a license.

 

[Andy Ful]

Exactly!
...
For the record I'm not trying to force anyone to use anything..

That is not true. You force me to use my brain.

 

[Local Host]

That is not true for 'Windows Defender Advanced Thread Protection'. Just look at the name of the first table in : https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2O8jv .
Microsoft clearly shows in this document that some WD ATP features are available in Windows Home. In the same time you can look at what MS writes about licensing:

Licensing requirements
Microsoft Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers:

• Windows 10 Enterprise E5
• Windows 10 Education E5
• Microsoft 365 E5 (M365 E5) which includes Windows 10 Enterprise E5
  
  
  

  Minimum requirements for Microsoft Defender for Endpoint - Microsoft Defender for Endpoint

  Understand the licensing requirements and requirements for onboarding devices to the service

  docs.microsoft.com

So, it is clear that the term "Windows Defender Advanced Threat Protection" is used by MS in a different meaning. The first (in the comparison document) includes Windows Home, Pro, and E3. The second (Licensing requirements) does not. Furthermore, there is also Azure ATP and Office 365 ATP.

Is true you confusing the entire thing, ATP provides the tools to properly manage existing features, on top of new features. Is entirely different to what is used by default.

Microsoft Data Breach & Endpoint Security - Microsoft 365

 

[Windows_Security]

The link Andy supplied sort of confirms his claims that ATP is build on WD (from Minimum requirements for Microsoft Defender ATP)

The Microsoft Defender ATP agent depends on the ability of Windows Defender Antivirus to scan files and provide information about them. When Windows Defender Antivirus is not the active antimalware in your organization and you use the Microsoft Defender ATP service, Windows Defender Antivirus goes on passive mode.

What actual information are you referring to which proofs your point? Please eloborate, I would like to understand your claims, but I can't find it on:

Is true you confusing the entire thing, ATP provides the tools to properly manage existing features, on top of new features. Is entirely different to what is used by default.

Microsoft Data Breach & Endpoint Security - Microsoft 365

 

[Andy Ful]

Is true you confusing the entire thing, ATP provides the tools to properly manage existing features, on top of new features. Is entirely different to what is used by default.

Microsoft Data Breach & Endpoint Security - Microsoft 365

I am afraid that I will hold on to my interpretation.
Anyway, it is pointless to discuss it here. The only important thing is that Windows built-in features which usually are activated by Windows Defender ATP software and services available on Windows Pro, E3, or E5, can be activated (in a limited way) also in Windows Home.

Features available on Windows Home are enumerated in the "Windows 10 commercial edition comparison" document:

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2O8jv

1. Integrity enforcement of operating system boot up process.
2. Integrity enforcement of sensitive operating system components.
3. Advanced vulnerability and zero-day exploit mitigations.
4. Reputation based network protection for Microsoft Edge, Internet Explorer and Chrome.
5. Host based firewall.
6. Ransomware mitigations.
7. Pre-execution emulation executables and scripts.
8. Runtime behavior monitoring.
9. In memory anomaly and behavior monitoring.
10. Machine learning and AI based protection from viruses and malware threats.
11. Cloud protection for fastest responses to new/unknown web-based threats.
12. Protection from fileless based attacks.

Some of them are activated by default, others can be activated via PowerShell or 3rd party configurator.

 

[Deleted Member 308817310]

- Better behavioral blocker in default settings. I found it always sleeping in default settings, very reactive in tweaked settings, thanks to ConfigureDefender
- More stable web filter. Sometimes works, sometimes doesn't
- Better/more usable folder/ransomware protection

Microsoft aren't going to do it because it wouldn't make any sense from a business perspective. Microsoft have nothing to prove to home consumers, they are already in control of the entire security software industry on Windows (for the vendors that take business seriously) because they control the development, maintenance and documentation of various APIs and the rules for eligibility to use special features which are advantageous.

Microsoft already have Windows Defender Advanced Threat Protection (ATP) which is a model for businesses and it is better with performance, behavioral-based technologies, etc. If they give it all away for free, why would any Enterprises both paying for it?

 

[bellgamin]

Once upon a time there were many web browsers -- Netscape, K-meleon, et alia. Then M$ added a free browser to Windows -- Internet Explorer (IE). Soon the other browsers withered away and IE no longer had any serious competition. Lacking competiton, IE degenerated to the state that it became a veritable honey pot for malware. The same descent to mediocrity will occur if WD causes other AVs to wither. Lacking competition, will M$ continue to spend serious $$ on keeping WD at the bleeding edge of dealing with ever-changing threats? They didn't do so for IE and (IMO) they won't do so for WD either.

No competiton means an open door to mediocrity. M$ has always chosen to enter that door very shortly after it opened. Always.

 

[Andy Ful]

...
No competiton means an open door to mediocrity. M$ has always chosen to enter that door very shortly after it opened. Always.

Generally true. But, the lack of competition in the AV market is not that we could expect for several years. For the last 8 years, Microsoft Defender ATP became one of the strongest competitors:

Forrester names Microsoft a Leader in 2020 Enterprise Detection and Response Wave

I’m proud to announce that Microsoft is positioned as a Leader in The Forrester Wave™: Enterprise Detection and Response, Q1 2020.

www.microsoft.com

 

[Andy Ful]

The WD free is among the best free AVs when online (highly depends on the cloud).
Of course, without the ATP features, it cannot compete with top commercial AVs which usually have several ATP features.
I think that many misunderstandings about WD free, could be avoided if people would stop comparing WD free with commercial AVs. WD free can be compared with commercial AVs in some scenarios (like real-world tests), because of SmartScreen and BAFS. When these features are not important (like in malware tests), WD free (without activated ATP features) has to have worse detection as compared to products with ATP features.

 

[Kermit80]

So i'm wondering why we are even messing with anything else other than WD these days?

WD is tied to Windows Update. That's a deal breaker for me.

 

[RejZoR]

Speed. I have high end desktop PC and WD drags it around like I'm running a Celeron from 20 years ago... No such thing with avast! or Kaspersky.

 

[Andy Ful]

There are people who can feel WD slow, but there are also other people who do not have such problems and had problems with other AVs (also with Avast or Kaspersky). Personal problems with any particular AV cannot be generalized because they can be related to drivers, special configuration, other security software leftovers, etc. For example on my computer, I do not see much difference with most AVs.
Anyway, WD is known to be much slower than some AVs with tasks that require operations on many files (opening folders with many executables, copying, moving, packing, unpacking, making backups or full scans, etc.). Other tasks ((re)booting the computer, launching applications, web browsing, document editing, watching videos, playing music, etc.) are very fast.

 

[Digmor Crusher]

WD certainly not slowing my older desktop down.

 

[Nightwalker]

WD has a very tiny system impact on my Ryzen 5 3600 machine, it is among the best in this regard nowadays in my experience and it is the best considering browsing speed.

I am very pleased with how it is behaving on Windows 10 2004, it is being the ideal experience for me.

 

[Local Host]

I can feel a night and day difference on a clean install system when I turn OFF WD.

Especially when debugging projects on VS.

Kaspersky on the other hand, has no performance impact whasoever on my system.

 

[Gandalf_The_Grey]

For me WD has almost no impact on the system, but I don't do anything like debugging projects.
Kaspersky has in general no impact on the system but slows down browsing.
And I don't like the root certificate it installs.
At the moment I'm using WD on my personal laptop and KSC Free on the laptops of my two children.

 

[SeriousHoax]

The main issue for me is the performance. I'm very happy with it protection wise specially thanks to Andy's Configure Defender. But the performance is consistently inconsistent on my system. What I mean is, things at which WD is supposedly good at (Apps opening) is quite irregular on my system. Apps like Firefox, Edge, Office applications, Revo Uninstaller always opens really fast while apps like Steam, Everything, MPC-BE, Telegram portable, etc loads slowly on first run upon executing from start menu shortcuts with a 2-3 seconds system freezing like scenario along with high CPU and disk usage when these apps run for the first after system startup.
This is the main reason I usually keep going back to ESET which has absolutely no noticeable system impact.
MS should take the performance impact issue more seriously since I'm not the only one with this issue but that may not happen anytime soon/ever. Probably their engine is CPU heavy, the removal of cache upon system shutdown and other issues I'm not qualified to understand properly.

 

[avstor]

I can feel a night and day difference on a clean install system when I turn OFF WD.

Especially when debugging projects on VS.

Kaspersky on the other hand, has no performance impact whasoever on my system.

none of that means much of anything
like every coder that uses Windows is aware WD is going to get triggered by most things freshly made in VS or even VS' own files
we pound out code in VS inside a VM with WD disabled
problem solved

 

[RejZoR]

There are people who can feel WD slow, but there are also other people who do not have such problems and had problems with other AVs (also with Avast or Kaspersky). Personal problems with any particular AV cannot be generalized because they can be related to drivers, special configuration, other security software leftovers, etc. For example on my computer, I do not see much difference with most AVs.
Anyway, WD is known to be much slower than some AVs with tasks that require operations on many files (opening folders with many executables, copying, moving, packing, unpacking, making backups or full scans, etc.). Other tasks ((re)booting the computer, launching applications, web browsing, document editing, watching videos, playing music, etc.) are very fast.

I'll never believe ANYONE saying WD doesn't slow down systems. It just doesn't compute on any way. It's not like my 5820k at 4.6GHz on all 6 cores with 12 threads, 32GB RAM and 2TB SSD are somehow slow by any means. If anything, it should negate ANY effect entirely or mostly. What I think is the case is that people don't actually know it's slowing their systems down. It's not like it makes it slow by taking 3 hours to boot or make Start menu open with 5 second delay. But opening Downloads folder full of EXE files and whole system will drag its feet behind itself and you can even see icons slowly refreshing. It also makes compiling of my tweak tools like 5x longer. Sure whole process still only takes like 3-4 seconds, but with any other antivirus, it takes just 1 second or 2 and it's really annoying I'm expecting to move on and test the binary and I have to sit there and wait for something I know it doesn't take that long with other antivirus. And then executing that compiled binary. Again, massive lag executing it. And it's just a ~500KB binary. Takes seconds with WD whee with most other AV's it takes 1 second or less. Don't get me started with big EXE files like graphic drivers from NVIDIA that are 500MB in size. It takes forever to launch compared to other AV's. I don't know what WD does and how that makes it so much slower, but others are doing something better which makes them that so much faster.