Write a review temporarily disabled. Our system flagged this request as potentially automated and has disabled form submission for security reasons. If you believe this is a mistake, please contact us. We’ll be happy to help resolve the issue.

Microsoft Corporation

Microsoft Defender for Endpoint

Composite Score

8.6 /10

CX Score

8.8 /10

55 Reviews Write a Review

Claim Software

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. Defender for Endpoint customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.

Company Details

Need Assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Get Assistance

Awards & Recognition

Microsoft Defender for Endpoint won the following awards in the Endpoint Detection & Response category

Filter By

2025 Data Quadrant Champion

2025

0 Top Rated Capabilities

2 Top Rated Features

2025

2 Top Rated Capabilities

0 Top Rated Features

2024

2023 Emotional Footprint Champion

2023

Service Experience
Product Impact
Contract Negotiation

2023

3 Top Rated Capabilities

1 Top Rated Features

2023

Microsoft Defender for Endpoint Ratings

Real user data aggregated to summarize the product performance and customer experience.
Download the entire Product Scorecard to access more information on Microsoft Defender for Endpoint.

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

88 Likeliness to Recommend

100 Plan to Renew

84 Satisfaction of Cost Relative to Value

{y}

{name}

Emotional Footprint Overview

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

+88 Net Emotional Footprint

The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.

How much do users love Microsoft Defender for Endpoint?

2% Negative

7% Neutral

91% Positive

Pros

Security Protects
Reliable
Enables Productivity
Helps Innovate

Feature Ratings

Average 81

Behavioural Analytics

IOC Consumption

IOC Tools

Continuous Monitoring

Malware Identification Accuracy

Intrusion Detection Prevention

Agent Efficiency

Task Prioritization

Automated Threat Response

Machine Learning

Whitelisting Blacklisting

Vendor Capability Ratings

Average 80

Ease of Implementation

Quality of Features

Ease of Data Integration

Business Value Created

Availability and Quality of Training

Breadth of Features

Product Strategy and Rate of Improvement

Ease of IT Administration

Usability and Intuitiveness

Ease of Customization

Vendor Support

Also Featured in...

Endpoint Protection - Enterprise

Score 8.4

View Microsoft Defender for Endpoint in this category (opens in a new tab)

Microsoft Defender for Endpoint Reviews

Role: Information Technology
Industry: Engineering
Involvement: IT Leader or Manager

Validated Review

Anonymous Reviewer

Submitted Nov 2025

Impactful and user friendly solution

Likeliness to Recommend

9 /10

Pros

Helps Innovate
Continually Improving Product
Performance Enhancing
Efficient Service

Astrid O.

Role: Finance
Industry: Banking
Involvement: End User of Application

Validated Review

Verified Reviewer

Submitted Apr 2025

Defender: Cybersecurity's Vigilant Guardian Shield

Likeliness to Recommend

9 /10

What differentiates Microsoft Defender for Endpoint from other similar products?

One factor for Microsoft Defender for Endpoint is the excellent coverage of endpoints, cloud services, and identity solution integration. It means that the behavioral sensors, on how the established software operates or not, capture arrays of activities and not isolated incidents, and this increases the probability of identifying fileless malware and living off the land attacks that signature-based products fail to detect.

What is your favorite aspect of this product?

I believe one of the greatest benefits of this solution is low performance reduction on the endpoints that accomplish the protection with no impact on the user interactions. The tools are also an interface, which makes it possible for beginner security analysts to independently perform Security Information and Event Management (SIEM) searches and gain a detailed understanding of attack paths and potential threats at an exceptional depth in minimal time, thus limiting exposures and resulting from security breaches considerably.

What do you dislike most about this product?

In terms of data forensic retention, there are some limitations with Microsoft Defender for Endpoint, which may sometimes complicate investigation of incidents that happened more than the standard retention time.

What recommendations would you give to someone considering this product?

Indeed, the program's capability to quarantine infected devices has been particularly useful, especially when operating the software remotely due to the limited IT team support. Once again, during a suspicious activity detection, I observed how the system pinpointed that the account was indeed suspicious, disconnected the workstation, and offered a detailed timeline of what happened, which makes it easier to close all the security breaches.

Pros

Helps Innovate
Continually Improving Product
Performance Enhancing
Enables Productivity

Edward N.

Role: Information Technology
Industry: Shipping
Involvement: End User of Application

Validated Review

Verified Reviewer

Submitted Mar 2025

It gets the job done

Likeliness to Recommend

7 /10

What differentiates Microsoft Defender for Endpoint from other similar products?

Good windows integration

What is your favorite aspect of this product?

Works well with other MS products

What do you dislike most about this product?

The malware ML is not always reliable

What recommendations would you give to someone considering this product?

Make sure you tune the product

Pros

Helps Innovate
Reliable
Performance Enhancing
Enables Productivity

Cons

Slower Product Innovation
Commodity Features
Less Efficient Service

Microsoft Defender for Endpoint

What is Microsoft Defender for Endpoint?

Company Details

Need Assistance?

Awards & Recognition

2025 Data Quadrant Champion

2023 Emotional Footprint Champion

Microsoft Defender for Endpoint Ratings

88 Likeliness to Recommend

100 Plan to Renew

84 Satisfaction of Cost Relative to Value

Emotional Footprint Overview

+88 Net Emotional Footprint

How much do users love Microsoft Defender for Endpoint?

Pros

Feature Ratings Average rating of all product features, some of which may not be shown below

Behavioural Analytics Includes real-time dashboard visualizations, detailed & summary reporting on user behaviour.

IOC Consumption Ability to consume IOCs.

IOC Tools Full export capabilities are simple to execute.

Continuous Monitoring Allows customers to select specific third parties which are continuously monitored, with alerts generated for significant changes in risk scores

Malware Identification Accuracy Malware identification and fingerprinting can provide extensive and deep indicators and analysis of malware detected.

Intrusion Detection Prevention Through event monitoring, the detection, countermeasure and prevention of possible security incidents or threats.

Agent Efficiency Agents are lightweight and create few conflicts or performance impacts.

Task Prioritization Ability to assign a priority to tasks.

Automated Threat Response Automatic response to threats.

Machine Learning Can provide deep behavioural insights.

Whitelisting Blacklisting Whitelisting and blacklisting of applications and websites that are either certified to be safe, or suspected to be malicious.

Vendor Capability Ratings Average rating of all vendor capabilities, some of which may not be shown below

Ease of Implementation Successfully implementing new software is necessary to realize its full value and promote end user adoption. This data indicates whether or not the product is easy to implement.

Quality of Features Feature quality is just as important as quantity. Use this data to determine if this product will do what you're purchasing it to do, easily, intuitively, reliably, and effectively.

Ease of Data Integration Use this data to determine whether the product will cause headaches or make data integration easy.

Business Value Created Software needs to create value for employees, customers, partners, and, ultimately, shareholders. This data expresses user satisfaction - or lack thereof - with the product's business value.

Availability and Quality of Training Effective and readily available training enables users to get the most out of the software you've chosen. Use this section to make sure your vendor's training programs and materials measure up.

Breadth of Features Users prefer feature rich software that enables them to perform diverse series of tasks. This data expresses user satisfaction with the product's breadth of features.

Product Strategy and Rate of Improvement Vendors who don't stay on top of emerging needs and trends won't enable you to meet your business goals. Use this data to separate innovators from imposters.

Ease of IT Administration This data indicates whether IT personnel will be able to resolve issues and perform configurations efficiently and effectively.

Usability and Intuitiveness End user learning curves cost the organization money. Pay attention to your end users' technical ability to determine how important UX is in your purchase.

Ease of Customization Don't get bogged down in a difficult customization; use this data to make sure you can easily achieve the functionality you need for your particular situation.

Vendor Support The importance of vendor support will vary for each organization depending on internal capabilities, but there will always be issues that only the vendor can resolve.

Also Featured in...

Endpoint Protection - Enterprise

Microsoft Defender for Endpoint Reviews

Impactful and user friendly solution

Likeliness to Recommend

Pros

Astrid O.

Defender: Cybersecurity's Vigilant Guardian Shield

Likeliness to Recommend

Pros

Edward N.

It gets the job done

Likeliness to Recommend

Pros

Cons

Most Popular Microsoft Defender for Endpoint Comparisons

ThreatDown EDR

Crowdstrike Falcon Platform

Sophos Endpoint

Trellix Endpoint Security

Acronis Cyber Protect Cloud

Palo Alto Cortex XDR

Feature Ratings

Behavioural Analytics

IOC Consumption

IOC Tools

Continuous Monitoring

Malware Identification Accuracy

Intrusion Detection Prevention

Agent Efficiency

Task Prioritization

Automated Threat Response

Machine Learning

Whitelisting Blacklisting

Vendor Capability Ratings

Ease of Implementation

Quality of Features

Ease of Data Integration

Business Value Created

Availability and Quality of Training

Breadth of Features

Product Strategy and Rate of Improvement

Ease of IT Administration

Usability and Intuitiveness

Ease of Customization

Vendor Support