Microsoft Corporation

Microsoft Defender for Endpoint

8.3 /10

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. Defender for Endpoint customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.

Company Details

Need Assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Get Assistance

Microsoft Defender for Endpoint Ratings

Real user data aggregated to summarize the product performance and customer experience.
Download the entire Product Scorecard to access more information on Microsoft Defender for Endpoint.

87 Likeliness to Recommend

1
Since last award

95 Plan to Renew

1
Since last award

86 Satisfaction of Cost Relative to Value

1
Since last award

{y}

{name}

Emotional Footprint Overview

+82 Net Emotional Footprint

The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.

How much do users love Microsoft Defender for Endpoint?

6% Negative

7% Neutral

87% Positive

Pros

Respectful
Includes Product Enhancements
Enables Productivity
Reliable

Feature Ratings

Average 79

Endpoint Detection and Response

Dynamic Malware Detection

Port and Device Control

Centralized Management Portal

Application Containment Mechanisms

System Hardening

Cross Platform Integration

Kernel Monitoring

Cross Platform Support

Ransomware Recovery and Removal

Host NGFW Functionality

Vendor Capability Ratings

Average 81

Ease of IT Administration

Usability and Intuitiveness

Business Value Created

Ease of Customization

Quality of Features

Breadth of Features

Availability and Quality of Training

Product Strategy and Rate of Improvement

Ease of Data Integration

Ease of Implementation

Vendor Support

Also Featured in...

Endpoint Detection & Response

Score 8.5

View Microsoft Defender for Endpoint in this category (opens in a new tab)

Microsoft Defender for Endpoint Reviews

Arjan S.

Role: Information Technology
Industry: Technology
Involvement: IT Development, Integration, and Administration

Validated Review

Verified Reviewer

Submitted Mar 2024

Multiplatform Premium EDR Solution

Likeliness to Recommend

8 /10

What differentiates Microsoft Defender for Endpoint from other similar products?

The integration with the Microsoft XDR platform is great and becomes better over time. Seamless integration with Sentinel and easy of quering with the KQL langiuage

What is your favorite aspect of this product?

KQL language

What do you dislike most about this product?

deploying EDR on server platform

What recommendations would you give to someone considering this product?

start with a small poc, check for performance and detection quality ... built it out in rings from there

Pros

Continually Improving Product
Inspires Innovation
Includes Product Enhancements
Security Protects

Cons

Vendor Friendly Policies
Less Generous

Wesley B.

Role: Information Technology
Industry: Technology
Involvement: IT Development, Integration, and Administration

Validated Review

Verified Reviewer

Submitted Mar 2024

Great integration and easy

Likeliness to Recommend

7 /10

What differentiates Microsoft Defender for Endpoint from other similar products?

The broad scope of what it can be applied to. Along with portals that link with the Microsoft suite.

What is your favorite aspect of this product?

Microsoft integrations!

What do you dislike most about this product?

Probably the bad reputation it has received over the years, Many people are reluctant or hesitant when they hear that we've switched to them.

What recommendations would you give to someone considering this product?

It's great, go for it if you're already a Microsoft house!

Pros

Reliable
Performance Enhancing
Includes Product Enhancements
Appreciates Incumbent Status

SMARANIKA H.

Role: Information Technology
Industry: Technology
Involvement: Initial Implementation

Validated Review

Verified Reviewer

Submitted Feb 2024

Strong and comprehensive solution

Likeliness to Recommend

9 /10

What differentiates Microsoft Defender for Endpoint from other similar products?

Wide range of threat protection: Combines antivirus, anti-malware, endpoint detection and response (EDR), and vulnerability management capabilities to protect against various threats. Cloud-based delivery: Eliminates the need for on-premise infrastructure, simplifying deployment and management. Integration with Microsoft 365: Seamless integration with existing Microsoft 365 security tools for centralized management and enhanced threat detection. Machine learning: Leverages advanced machine learning and behavioral analysis to identify and block emerging threats.

What do you dislike most about this product?

Limited platform support: Primarily focuses on Windows devices, with limited native support for macOS and Linux. Potential for false positives: Advanced detection methods might occasionally generate false positives, requiring manual investigation. Customization limitations: While offering some configuration options, advanced users might desire more in-depth customization capabilities. Reporting complexity: Some users report challenges in generating detailed and customized reports. Vendor lock-in: Switching from Microsoft Defender to a different solution might be challenging due to its integration with other Microsoft 365 tools.

What recommendations would you give to someone considering this product?

Microsoft Defender for Endpoint is a strong and comprehensive solution for organizations primarily using Windows devices and invested in the Microsoft 365 ecosystem. Its cloud-based delivery, integration with other Microsoft security tools, and advanced threat detection capabilities make it a compelling option. However, consider the potential limitations for non-Windows platforms, false positives, and customization options before making a decision.

Pros

Helps Innovate
Continually Improving Product
Reliable
Enables Productivity

Microsoft Defender for Endpoint

What is Microsoft Defender for Endpoint?

Company Details

Need Assistance?

Awards & Recognition

Microsoft Defender for Endpoint Ratings

87 Likeliness to Recommend

1 Since last award

95 Plan to Renew

1 Since last award

86 Satisfaction of Cost Relative to Value

1 Since last award

Emotional Footprint Overview

+82 Net Emotional Footprint

How much do users love Microsoft Defender for Endpoint?

Pros

Feature Ratings Average rating of all product features, some of which may not be shown below

Endpoint Detection and Response Active threat detection that remediates against known and unknown malware and malicious activities, leveraging machine learning techniques.

Dynamic Malware Detection Heuristics are applied to files to identify similarities with known malware and block it.

Port and Device Control Includes USB encryption and endpoint data loss prevention.

Centralized Management Portal Includes multiple client management, push install capability, comprehensive policies for different groups, and active directory integration and synchronization.

Application Containment Mechanisms Includes cloud based protection, sandboxing, and local containerization.

System Hardening Automated vulnerability patching and vulnerability assessment.

Cross Platform Integration Open API and net sec appliance integration with NGFW, SIEM, IPS/IDS, Automated Network Quarantining, DLP, Data Discovery, and Threat Intelligence.

Kernel Monitoring Monitoring of processes, memory, and system files at the OS level.

Cross Platform Support Includes the variety of client devices and operating systems supported by the solution.

Ransomware Recovery and Removal Recover files removed and/or encrypted by ransomware.

Host NGFW Functionality Includes policy-based default-deny/whitelisting and application verification and trust (VPN/virtualization).

Vendor Capability Ratings Average rating of all vendor capabilities, some of which may not be shown below

Ease of IT Administration This data indicates whether IT personnel will be able to resolve issues and perform configurations efficiently and effectively.

Usability and Intuitiveness End user learning curves cost the organization money. Pay attention to your end users' technical ability to determine how important UX is in your purchase.

Business Value Created Software needs to create value for employees, customers, partners, and, ultimately, shareholders. This data expresses user satisfaction - or lack thereof - with the product's business value.

Ease of Customization Don't get bogged down in a difficult customization; use this data to make sure you can easily achieve the functionality you need for your particular situation.

Quality of Features Feature quality is just as important as quantity. Use this data to determine if this product will do what you're purchasing it to do, easily, intuitively, reliably, and effectively.

Breadth of Features Users prefer feature rich software that enables them to perform diverse series of tasks. This data expresses user satisfaction with the product's breadth of features.

Availability and Quality of Training Effective and readily available training enables users to get the most out of the software you've chosen. Use this section to make sure your vendor's training programs and materials measure up.

Product Strategy and Rate of Improvement Vendors who don't stay on top of emerging needs and trends won't enable you to meet your business goals. Use this data to separate innovators from imposters.

Ease of Data Integration Use this data to determine whether the product will cause headaches or make data integration easy.

Ease of Implementation Successfully implementing new software is necessary to realize its full value and promote end user adoption. This data indicates whether or not the product is easy to implement.

Vendor Support The importance of vendor support will vary for each organization depending on internal capabilities, but there will always be issues that only the vendor can resolve.

Also Featured in...

Endpoint Detection & Response

Microsoft Defender for Endpoint Reviews

Arjan S.

Multiplatform Premium EDR Solution

Likeliness to Recommend

Pros

Cons

Wesley B.

Great integration and easy

Likeliness to Recommend

Pros

SMARANIKA H.

Strong and comprehensive solution

Likeliness to Recommend

Pros

Most Popular Microsoft Defender for Endpoint Comparisons

Malwarebytes Endpoint Detection and Response

Trellix Endpoint Security

Symantec Endpoint Security

Kaspersky Endpoint Security for Business

Avast Business Security

Sophos Intercept X Endpoint

1
Since last award

1
Since last award

1
Since last award

Feature Ratings

Endpoint Detection and Response

Dynamic Malware Detection

Port and Device Control

Centralized Management Portal

Application Containment Mechanisms

System Hardening

Cross Platform Integration

Kernel Monitoring

Cross Platform Support

Ransomware Recovery and Removal

Host NGFW Functionality

Vendor Capability Ratings

Ease of IT Administration

Usability and Intuitiveness

Business Value Created

Ease of Customization

Quality of Features

Breadth of Features

Availability and Quality of Training

Product Strategy and Rate of Improvement

Ease of Data Integration

Ease of Implementation

Vendor Support