Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Microsoft Entra ID
Score 8.8 out of 10
N/A
Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
I've used Sophos, Bitdefender, SentinelOne, and, of course, Microsoft Defender for Endpoint. We chose this at the time because we were such a Microsoft shop that it just seemed to integrate well with all the other things that we had set up with Microsoft.
Previously, we've used Sophos. We've used, way back when, McAfee, Norton, Symantec, all those. And we finally settled on Microsoft Defender for Endpoint. We're a Microsoft technology stack shop. So obviously it was natural. It's built into Windows, so we're not adding …
Unless you have a dedicated Security Operations Center working twenty four hours a day seven days a week that is able to constantly monitor Cylance and make the necessary changes for your users, it is not worth the trouble. Microsoft Defender for Endpoint does what it needs to …
Microsoft Defender for Endpoint consistently showed better user experiences during scans due to the reduced amount of resources used on each system compared to our previous endpoint protection solutions. However, the main reason we chose Microsoft Defender for Endpoint is …
Microsoft Defender for Endpoint offers strong integration with Microsoft 365 and Azure services, which provide a unified security experience. While McAfee Trellix is known for solid antivirus, Microsoft Defender excels in integration in the ecosystem.
Defender is far easier to deploy and manage than Sophos and tends to work without as many issues. The threat assessment portal provides an in-depth view of the organization's security posture, whereas Sophos only shows the patching status of the PCs. We did need Intune to get …
Cylance's policy is to block everything and requires an active person to monitor and unblock legitimate processes. As updates and software continue to evolve, it is a full-time job to be a Cylance administrator. Microsoft Defender for Endpoint is a set-and-forget solution that …
Microsoft Defender for Endpoint is the most cost effective solution considering our Microsoft 365 licensing status. While many 3rd party solutions are great and have been used over the years, in the non-profit world, cost is a huge driving factor of items. Coupled with …
Microsoft Defender for Endpoint is on par or exceeds the competitor products and provides an enterprise grade EDR solution. Based on the savings by bundling Microsoft products under the E5 license and the benefits it provides; it is an excellent choice for customers looking for …
MDE integrates much more into our M365 ecosystem than any other MDR possibly could. Bitdefender may have provided a similar level of endpoint protection but the reporting, vulnerability reporting and other incident tracking and correlation are critical in today's business …
Crowdstrike is the more feature complete product but licensing model and cost does not work well with the small business model. ESET Protect is considerably more complicated from a licensing perspective but once operational is a fine product.
Microsoft Defender for Endpoint is far more robust and easy to use than NinjaOne's RMM tools. Microsoft Defender for Endpoint allows us to easily manage our endpoints, from an almost single pane of glass, whereas Ninja has multiple settings, policies, etc. that are harder to …
We use Microsoft Defender for Endpoint along with Crowdstrike on some of our critical systems as it enhances the protection we have for our environment.
We have not used anything else other than Microsoft Defender for Endpoint. Maybe we've used other antivirus software like Sophos and things like that. They're just not all encompassing and that's why we moved to use this product.
I have been working with customers that they are transitioning from Sentinel One, CrowdStrike to Defender for Endpoint, right? So I think it's because they see the value in the product and also they see how much they can save in terms of the cost for companies because they …
We previously used CrowdStrike on our servers. However, the seamless integration of Microsoft Defender (MD) with XDR and the entire Microsoft ecosystem led us to choose Microsoft Defender for Endpoint (MDE).
What we love more about this product is the way this pro gets integrated into the other family of solutions, especially Defender for Identity or the XDR solutions. We think that the market, the customers are full of unattended consults coming out from different vendors and that …
The security ones, the endpoint protections, the ones that are related to email protection, with the CM, all the security ones. Well, normally we select the products more than that, because the customer already has. And in some cases, they have it because they buy a contract, a …
We integrate with all the other identity providers. For me, as a consultant and engineer, it's very important to embrace the modern features and functionalities being made available in 2026, especially when it comes to platform SSO. And I've been working with Microsoft on that …
My dad was a sales engineer for a competitor, which is SalePoint Identity IQ or whatever they're calling it this year. They complement each other well. It's just that with each new year, with each new iteration, there are more duplicative capabilities. So I've seen some …
It is a lot easier to administer Microsoft Entra ID compare to Ping. Microsoft Entra ID is a lot more intuitive and easy to understand. Microsoft Entra ID is more flexible when integrating SaaS solutions. Implementing passwordless and conditional access policies to add an …
Microsoft Entra ID is really the only solution for a full Microsoft shop. I've had some experience with Google Workspace, and although it has it's advantages, Microsoft Entra ID really feels like a true business solution.
We have enjoyed Entra ID more, due to its ability to store password hashes and not need a persistent connection to our on-prem servers. If the connection goes down, users can no longer reset passwords, but they can still log in. With Duo, they could not log in if the on-prem …
Microsoft Entra ID offers the same or very similar services to the other products but in a package that is familiar and recognizable to everyone. It enjoys better community support and world-class security and reliability.
Microsoft Entra ID is not as stand-alone product as competitors like Okta. It may lack some of the features that competing products have but on the other hand it integrates both technically and license wise with other Microsoft cloud services and is easy to deploy. It is also …
Only used Active Directory before and Microsoft Entra ID does the same job that we use use AD for but in a centralized cloud based environment. This makes it easier to manage from anywhere and it also saves us the cost of having to buy a physical server to put onsite.
Xporter is more of a basic data interchange tool compared to Microsoft Entra ID which by far more superior with it's out of the box options and we find isn't as complex to setup. Microsoft Entra ID is far more scalable too, allowing us to control synchronization schedules and …
I can definitely tell you where it’s more suited, because we haven’t come across any less appropriate scenarios. But definitely in regard to how we centrally manage our user space and our endpoints, it’s been beneficial from an API perspective and is really transferable, with strong collaboration with our Azure stack. It works very well.
That one is tough. It's just easy to integrate the sign-on portion with other products from other companies. Like BluePoint or Podint. It's very easy to integrate the user information with others. Using Android ID to register an application with other companies' applications.
It really protects our endpoints. We've used other antivirus programs in the past, and they haven't had that full confidence in those products compared to what Microsoft Defender for Endpoint does for us.
Another pro is that it's easy to manage the management console through Intune to see Microsoft Defender for Endpoint up in the cloud and see the state of our devices.
Another pro is we haven't had an incident since we installed it.
The first thing is that it's a really good platform to make a whole inventory of your hardware and software that you already have in the organization. It's very simple. It's very easy to look at what you have in the whole organization. And after that, start applying, for instance, some policies, some solutions in terms of zero trust access using MFA as a second form of authentication. So, these are the ways we use the MTIV platform.
The only area I would suggest is the name change. Microsoft rebrands a lot, but the apps do the same things, and it gets confusing. If you spend five years learning Microsoft Entra ID or its previous name, and then they change it, you have to adjust. Rebranding app names inside Microsoft Entra ID can be confusing, and the migration is slow. They're trying to upgrade things, but communication has improved a little.
Microsoft Defender is closely catching -up in market with existing competitors they have added DLP endpoint & DLP Network and Cloud DLP solution last year with OCR capabilities. I would say Microsoft Defender is not legacy Vendor in end point security, the need to learn from other vendors in market and focus on new XDR technologies, which is going to be new battle for all vendors
Entra ID is a vital part of our Identity management/administration. With the integrations it has to other Microsoft products, setup and configuration is a breeze. Additionally, Microsoft has been around a long time and have the resources to ensure this product is stable and secure for many years to come. We know it will evolve with time to provide us what we need as technology changes.
Microsoft Defender for Endpoint is a great EDR to have that works quickly and silently in the background and it integrates well with other Microsoft services. As an IT manager, I can appreciate that I do not get bombarded by alerts for every small detail. On the flipside, the management site can use some work in being more clear and should be more streamlined so I'm not clicking through multiple pages to figure out what happened
Simply because of what I mentioned earlier, the feature set sort of keeps changing and they do a lot of, they integrated with a lot of the other tools and so for users who are not as well seasoned, it may be a little bit more complicated for them to begin working within the tool.
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
Overall support is really good for this product. Since it's a Microsoft product, you will get good support from a number of different resources, including knowledgebase articles on the web, support from Microsoft technicians, and documentation (which tends to very thorough). Also, there is a vast user support community for this product, so user support forums would also be another valuable channel to get help if needed. I don't envision too many people will have issues/problems with the product, as it tends to run good overall.
Microsoft has offered Azure Active Directory as a solution for a couple of decades now, so they have seen and anticipated almost any issue that an organization may face and can therefore help. The cloud offering of Azure Active Directory offers some additional "self healing" or monitoring services that can minimize the need for a service call. However, as with most large companies supporting a fast growing market, there may be some gaps in service knowledge (and particularly processing) from the front line / tier one staff as they follow a corporate script at first contact.
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
I've used Sophos, Bitdefender, SentinelOne, and, of course, Microsoft Defender for Endpoint. We chose this at the time because we were such a Microsoft shop that it just seemed to integrate well with all the other things that we had set up with Microsoft.
My dad was a sales engineer for a competitor, which is SalePoint Identity IQ or whatever they're calling it this year. They complement each other well. It's just that with each new year, with each new iteration, there are more duplicative capabilities. So I've seen some organizations saying, "Well, now I can do things like access reviews, onboarding, offboarding, and identity workflows, all within just Microsoft Entra ID." The solution is that you get out of it what you put into it. If an organization is willing to invest in SalePoint, there are more granular capabilities that I've seen success with, but I would say the core, like 70- 80%, Microsoft Entra ID is able to cover it with not nearly as much identity investment performance. I think you get to functional capabilities faster with something like Microsoft Entra ID.
Another positive impact is that Microsoft Defender for Endpoint is built into the Windows OS. So naturally, it is much easier to load it out and manage it, rather than acquiring it through party ER, deploying it, and managing it separately. So that's definitely on the positive side that we observe there's a byproduct of changing Microsoft Defender for Endpoint.
I don't know. I think we could not do without it. Also, because we have limitations in other systems, like our HR system, which cannot store externals. So for us, Microsoft Entra ID is the master data where we keep everyone connecting to our network. So it's difficult to quantify. It's simply indispensable.