Skip to main content
TrustRadius
Microsoft Defender for Endpoint

Microsoft Defender for Endpoint
Formerly Microsoft Defender ATP

Overview

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation…

Read more
Recent Reviews
Read all reviews

How Microsoft Defender for Endpoint Differs From Its Competitors

Components

It's a good question. As someone who doesn't have access into that administrative view, I'm not sure as far as what I would assume everything's turned on, but I can't accurately speak to what else might not be. Yeah, I mean using those capabilities just as an end user, just to know that whatever …
Continue reading

Protection Scope

I mean, assuming every employee has at least well across both Mac and Windows, I would say upwards of 400,000 assuming it's deployed everywhere. From a employee device perspective? Windows machines and Macintosh machines. I'm not personally sure where the server side of the conversation …
Continue reading

Components

Well, we're tying it to Sentinel and via Sentinel. We're actually using Logic apps, playbooks, and books. We're using advanced investigation, threat analytics, and many others. But really, the fact that it can integrate with Sentinel in a single pane of glass is a game changer for us.
Continue reading

Components

Defender for Endpoint is a great EDR solution for protecting against malware, computer viruses and malicous files, etc. It also detects vulnerabilities which be analyzed in the Defender for Endpoint Microsoft portal. The integration of Microsoft Defender for Endpoint to Microsoft Defender for …
Continue reading

Components

Anti-malware, Asset Management. We're doing some stuff with tagging. I had to think about the different pieces in it. I know at least those three functions. I'm sure there's others.
Continue reading

Protection Scope

I think about 1500 endpoints. The vast majority of them are Windows 10. We're going to be migrating to 11 soon. We've got about a hundred servers. We've got about six Linux servers. The rest of them are either 2016, 2019 servers and probably about 80 Mac systems.
Continue reading

Components

We utilize everything relates endpoint and network issues. The AI integration is actually my favorite component because it comes in handy in vulnerability scanning through scanning our networks and alert us Incase of any exposure. Remediation and blocking of advanced threats are also a plus.
Continue reading

Protection Scope

We have currently installed Microsoft Defender for Endpoint on 1573 endpoint devices on our main network. This includes Windows and Apple desktops, laptops, and servers. We also do scan our routers and switches and have rolled out installation on some of our mobile devices. The goal is to secure …
Continue reading

Components

We are using everything related to the endpoint and to network devices. We have installed Microsoft Defender for Endpoint on our desktops and laptops. We have also implemented the network vulnerability scanning functionality that scans our network appliances and alerts us of any vulnerabilities.
Continue reading

Protection Scope

We currently have the Microsoft Defender for Endpoint agent installed on about 1600 endpoint devices on our network. These include Windows and Apple laptops and desktops. We are also scanning Cisco routers and switches. We are looking for a way to roll out the installation on mobile devices, in …
Continue reading

Components

- We use Endpoint detection and response for proactive detection and remediation.
- Attack Surface Reduction helps us proactively block commonly used attack methods by malware (scripts).
- We use Microsoft Defender for Endpoint as a layered approach with other security tools.
Continue reading

Components

  • Vulnerability Management
  • Baseline Assessments
  • Device Discovery
  • Endpoint Security Policies
  • Automated Remediation
  • Dynamic Device Tagging
  • Endpoint DLP
  • Web Content Filtering
  • Live Response
  • Unified integration with Defender for Cloud
  • Always remediate PUA
  • Device Deception (Preview)
  • Download quarantined files
  • Evaluatio…
Continue reading

Protection Scope

We currently have more than 200 active devices across the organization. We are a 'Windows' only organization when it comes to internal end user deployments. When it comes to server count, we have a small environment of less than 20 servers containing both Windows and Linux servers deployed in …
Continue reading

Components

Antivirus and Malware protection are features we are using by have them installed in endpoint devices that associated with our users that are in M365 group, once the user is eligible for M365, we will install the application and remove the other antivirus (if any), which then will bring us to the …
Continue reading

Components

We are using the following components / features of Microsoft Defender for Endpoint in our organization:
1. Centralised deployment of antivirus agent
2. Centralised monitoring of security alerts
3. Vulnerability management
4. Antivirus and anti malware
5. Integration with Microsoft Intune
6. Device …
Continue reading

Components

Admin portal : Enables endpoint monitoring, security incident identification, and response.
Endpoint Detection and Response (EDR) : Organizations can investigate security incidents, collect pertinent data, and implement the necessary remediation activities to eliminate and contain threats by using …
Continue reading

Protection Scope

Microsoft Defender for Endpoint offers comprehensive protection for Windows endpoints and Windows Server environments.
We are protecting over 30 Windows devices for our company, as well as more than 50 Windows and macOS devices for one of our customers. We also use Microsoft Intune to manage over …
Continue reading

Components

1. Endpoint Detection and Response
2. Advanced Threat Protection
3. Attack Surface Reduction
Continue reading

Protection Scope

More than 1000 devices are configured with Microsoft Defender for Endpoint. We are using this in Windows 10, 11 and Windows Servers
Continue reading

Components

EDR, Auto investigation & remediation Threat & Vulnerability Management Attack Service Reduction rules Secure Score for Devices Network Discovery. Basically, all features for clients are managed with Intune as MDM; Servers are managed with Azure Policy and GPO. Linux machines have custom scripting …
Continue reading

Components

Endpoint Protection
Threat & Vulnerability Management
Intune Integration
Microsoft Defender Antivirus
Microsoft Defender SmartScreen
Attack Surface Reduction
Continue reading

Components

Advanced threat detection, automated incidence response, integration, endpoint detection and response, and threat intelligence. All the features come together in investigation and response to threats enhancing the general security of our small organization.
Continue reading

Components

We are using the following features of Microsoft defender Unified security tools and centralized management.Next-generation antimalware. Attack surface reduction rules.Device control (such as USB)Endpoint firewall.Network protection.Web control/category-based URL blocking.Device-based conditional …
Continue reading

Protection Scope

We have around 4000 endpoints, including workstations and servers that vary from Windows workstations, windows servers, Linux servers, Android devices, and iOS devices. Etc.
Continue reading

Components

Vulnerability management to identify issues and review recommendations. Configuration management and monitoring. Endpoint detection and response to identify potential threats and shut them down before the prove to be an issue. Incident reporting and root cause remediation research when issues are …
Continue reading

Components

Threat Protection: Microsoft Defender for Endpoint provides real-time protection against a wide range of threats, including malware, viruses, ransomware, and phishing attacks. It uses advanced threat detection algorithms and machine learning to identify and block malicious activities.Endpoint …
Continue reading

Protection Scope

5,000 Endpoints we're currently managing through Microsoft Defender for Endpoint protection. We only use it for Microsoft Servers as it doesn't support macOS, Linux servers, Android, iOS, etc).
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Malware Detection (53)
    8.5
    85%
  • Infection Remediation (52)
    8.2
    82%
  • Anti-Exploit Technology (51)
    8.0
    80%
  • Centralized Management (52)
    7.9
    79%

Reviewer Pros & Cons

View all pros & cons
Verified User
Engineer in Information Technology
Government Administration Company, 5001-10,000 employees
Verified User
Partner in Sales
Information Technology & Services Company, 10,001+ employees
Return to navigation

Pricing

View all pricing

Academic

$2.50

On Premise
per user/per month

Standalone

$5.20

On Premise
per user/per month

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

Microsoft Defender for Endpoint Overview

YouTube
Return to navigation

Features

Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

8.2
Avg 8.4
Return to navigation

Product Details

What is Microsoft Defender for Endpoint?

Presented as an epicenter for comprehensive endpoint security, Microsoft Defender for Endpoint helps users rapidly stop attacks, scale security resources, and evolve defenses across operating systems and network devices.

Rapidly stops threats: Protects against sophisticated threats such as ransomware and nation-state attacks.

Scales security: Puts time back in the hands of defenders to prioritize risks and elevate the organization's security posture.

Evolves the organization's defenses: Goes beyond endpoint silos and mature the organization's security based on a foundation for extended detection and response (XDR) and Zero Trust.

Microsoft Defender for Endpoint Features

Endpoint Security Features

  • Supported: Anti-Exploit Technology
  • Supported: Endpoint Detection and Response (EDR)
  • Supported: Centralized Management
  • Supported: Infection Remediation
  • Supported: Vulnerability Management
  • Supported: Malware Detection

Microsoft Defender for Endpoint Screenshots

Screenshot of blocked activitiesScreenshot of Detects & respondsScreenshot of discovers vulnerabilityScreenshot of Eliminates blind spotsScreenshot of Risk management

Microsoft Defender for Endpoint Video

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint Competitors

Microsoft Defender for Endpoint Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

Frequently Asked Questions

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.

CrowdStrike Falcon, Symantec Endpoint Security, and Sophos Intercept X are common alternatives for Microsoft Defender for Endpoint.

Reviewers rate Endpoint Detection and Response (EDR) and Malware Detection highest, with a score of 8.5.

The most common users of Microsoft Defender for Endpoint are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(186)

Attribute Ratings

Reviews

(1-25 of 84)
Companies can't remove reviews or game the system. Here's why
May 20, 2024

Microsoft Defender for Endpoint Review

Verified User
Partner in Sales
Information Technology & Services Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • I would say the ease of use and integration across the broader M365 Suite has led to some other business decisions to move from third party tools onto more of a M365 stack. So not necessarily that was the gateway entry point into the broader solution, but it was one of many where the presence within IBM has grown across the entire portfolio of M365 as a result of the successes with Defender as well as other solutions as well.
May 20, 2024

Microsoft Defender for Endpoint Review.

Verified User
Manager in Information Technology
Information Technology & Services Company, 10,001+ employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • It's awareness because while the vendor for endpoints cannot stop specific threats, you have the visibility that something else is going on, and that's much better than not having anything. So I mean, in the end, protection-wise, it has its areas of opportunity, but it's the awareness to say, company X customer, you need to do this, though the response is very manual.
May 17, 2024

Microsoft Defender for Endpoint Review

Verified User
Engineer in Information Technology
Banking Company, 10,001+ employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • The positive impact is that it allows us to answer to some compliant test that we have as a financial institution have been outdated year by year by an institution that is from the government. And this solution puts us in a good position to answer to those compliance.
May 17, 2024

Microsoft Defender for Endpoint as a EDR tool

Verified User
Contributor in Information Technology
Consumer Goods Company, 5001-10,000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • Defender for Endpoint has helped with enhancing security for our organization.
  • Defender for Endpoint gives other benefits in that it is used with DLP and protects against data leakage.
  • From a cost and implementation prospective, organizations does not have to purchase separate tools for managing DLP and EDR.
May 17, 2024

Microsoft Defender for Endpoint Review

CS
Chuck Steigerwalt
Director of Information Security and Department
Regis University (Higher Education, 1001-5000 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • It has made me feel more comfortable on a day-to-day basis that our institution is secure, especially having gone through a ransomware in 2019. If we had something like this in place in 2019, we would've stopped the situation before we ended up calling the cyber liability insurance carrier.
March 21, 2024

Perfect Endpoint Security, Exposure Detection and Management Tool.

Conrad Nyamache | TrustRadius Reviewer
Conrad Nyamache
Computer Technician Specialist
Utility (Program Development, 51-200 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • It is a unified platform with lots of core features for exposure detection, antivirus and SIEM all in a single platform.
  • The centralized management is absolutely the it.
  • It creates a more intertwined secure environment because it integrates well with other Microsoft security apps.
  • Automated detection and remediation saves in time and money.
  • Visibilities of endpoints and advanced threat detection increase our security and well-being.
November 27, 2023

Microsoft Defender Review

VK
VIJAY KANAL
NATIONAL PRODUCT MANAGER
CRAYON SOFTWARE (Information Technology & Services, 201-500 employees)
Score 8 out of 10
Vetted Review
Reseller
Return on Investment
  • EDR doesn't come as inidivual product - if an organization needs only EDR they cannot buy and have a forceful look at the complete suite.
  • Licenses consolidate and single visibility
  • Basic firewall security is provided - can be easily position to SMB size customer.
November 21, 2023

The one stop security shop for the endpoints

Yash Mudaliar | TrustRadius Reviewer
Yash Mudaliar
Associate Lead Security Admin
Atidan (Information Technology & Services, 201-500 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • Only negative ROI is the costly licenses that can set you back a significant amount in your annual budget especially if you have a 300+ audience group.
  • With automated remediation we have seen a tremendous decrease in triage time and even were able to deflect potential attacks in the early stages.
  • With device groups, we have been able to customize EDR policies for different user types and hence were able to be compliant more effectively (in a user-friendly way).
  • We have been able to manage content filtering very effectively with Endpoint DLP and has proven to be a big positive ROI for us.
November 03, 2023

"Microsoft Defender for Endpoint One of the best tool to manage threat, Vulnerability and Compliance of the endpoints."

Verified User
Consultant in Engineering
Information Technology & Services Company, 11-50 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • Positive : Microsoft Defender for Endpoint offers sophisticated threat detection and response capabilities, putting it into use helps increase security. Reduced security incidents, data breaches, and related expenses may arise from this.
  • Positive : A more secure environment means less time and effort spent by IT and security teams on remediation and incident response.
  • False Positives: Like any security solution, false positives can occur, leading to unnecessary investigations and potential disruptions to business operations. This may require additional resources to manage.
October 18, 2023

A Comprehensive Look at Microsoft Defender for Endpoint. Defending with Style

Verified User
Consultant in Information Technology
Information Technology & Services Company, 11-50 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Return on Investment
  • By providing robust threat protection, Defender for Endpoint can prevent downtime caused by security issues. Employees can work without interruptions, leading to increased productivity.
  • By significantly decreasing the frequency of security incidents like malware infections and data breaches, Microsoft Defender for Endpoint can protect your network. The cost of incident response, cleanup, and potential regulatory fines are reduced as a result of the decrease in events.
  • The implementation and configuration of Microsoft Defender for Endpoint may require an initial investment in licensing, training, and deployment, which can temporarily affect ROI.
  • The cost of licensing can be substantial, especially for larger organizations. This cost needs to be factored into the ROI calculation.
Return to navigation