This is an impossible question because of missing unfilled variables such as threat model, use case and the nature of data protected. I agree with the general sentiment.
Let's say you're a journalist at an important news org. Even for your personal devices, the builtin defender isn't enough.
There is a fundamental principle for sophisticated actors, that prevention is not enough. Your security software should do monitoring (off device) and do that very well. You are already compromised, you should be looking into the collected data to see where, when and by whom so you can do something about it. Unfortunately in the last fee years the line has been getting very blurry between sophisticated nation state actors and criminals and common criminals trying to score as much loot as possible (mostly due to being forced to use sophisticated tools and techniques because solutions like Defender have gotten very good).
You maybe an average joe and still be a target for "sophisticated" actors or you may think you are an "average joe" but your pwnage offers a strategic value to someone resourceful,
My advice is to take inventory of the data and resources you have access to and see (with help if needed) what threat model fits your use case. MS does offer a Defender ATP that's basically turning on few more switches and sending them a log of everything happening your machine.
Back tracking a bit: Defender is really good. Cloud based protection is their secret sauce, turn it on and pretend they are to be trusted with collecting random files from your PC.
Let's say you're a journalist at an important news org. Even for your personal devices, the builtin defender isn't enough.
There is a fundamental principle for sophisticated actors, that prevention is not enough. Your security software should do monitoring (off device) and do that very well. You are already compromised, you should be looking into the collected data to see where, when and by whom so you can do something about it. Unfortunately in the last fee years the line has been getting very blurry between sophisticated nation state actors and criminals and common criminals trying to score as much loot as possible (mostly due to being forced to use sophisticated tools and techniques because solutions like Defender have gotten very good).
You maybe an average joe and still be a target for "sophisticated" actors or you may think you are an "average joe" but your pwnage offers a strategic value to someone resourceful,
My advice is to take inventory of the data and resources you have access to and see (with help if needed) what threat model fits your use case. MS does offer a Defender ATP that's basically turning on few more switches and sending them a log of everything happening your machine.
Back tracking a bit: Defender is really good. Cloud based protection is their secret sauce, turn it on and pretend they are to be trusted with collecting random files from your PC.