Microsoft Defender for Endpoint Reviews and Ratings

Rating: 8.9 out of 10

Score

8.9 out of 10

Community insights

TrustRadius Insights for Microsoft Defender for Endpoint are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

Centralized Reporting: Users have consistently praised the product's centralized reporting feature as the best they have encountered, making it easy to develop punch lists, prioritize tasks, and efficiently tackle issues.

Endpoint Activity Detection: Reviewers find the product's capability in detecting endpoint activities excellent, especially in tracking user actions and identifying malicious programs that interact with email accounts.

Anomaly Detection and File Sensitivity: The anomaly detection and sensitivity to files being sent outside the company are highly valued by users for providing valuable intelligence. Smooth Operations: Users appreciate the product for being simple to install, responsive, and non-intrusive to end-user experience, ensuring smooth operations.

Reviews

137 Reviews

Microsoft Defender for Endpoint should just be enabled by default

Rating: 9 out of 10

Incentivized

December 31, 2025

Use Cases and Deployment Scope

[...] is a manufacturing company headquartered in Montreal. We have offices across Canada and the United States. Microsoft Defender for Endpoint is deployed across our entire organization. Having a cloud based solution with a single pane of glass to manage all our assets is of the highest importance to us. Being able to receive immediate alerts when suspicious activity occurs has been extremely helpful in keeping our risks at a minimum. Microsoft Defender for Endpoint management is also smart enough to not send several alerts when an attack could be hitting multiple targets within a certain time frame or it's the same attack multiple times.

Pros

Consolidate alerts so you are not overwhelmed
Integrates with Microsoft products
Already licensed if you're using Office Premium or higher enterprise licenses

Cons

Management Interface needs work
Digging through analysis is not always informative
Constant clicking around to find all the relevant information

Likelihood to Recommend

Microsoft Defender for Endpoint is easy to deployed across the entire organization. Having a cloud based solution with a single pane of glass to manage all assets is a real no-brainer. Being able to receive immediate alerts when suspicious activity occurs is extremely helpful in keeping risks at a minimum. Microsoft Defender for Endpoint management is also smart enough to not send several alerts when an attack could be hitting multiple targets within a certain time frame or when it's the same attack multiple times. However, be prepared to click through multiple pages all over the site to figure out what happened when an attack occurs.

John Lee

IT Director in Information Technology at Fleurco Products Inc. (51-200 employees)

Vetted Review

5 years of experience

Defend your Endpoints with Ease

Rating: 9 out of 10

Incentivized

December 11, 2025

Use Cases and Deployment Scope

We implemented Microsoft Defender for Endpoints as a replacement for two other antivirus products. MS Defender provides a great interface to track down individual user issues, email threats, and provides each user a great tool to conduct scans on removable media. The additional benefit of MS Defender is that we are no longer flipping between different products for audits and security.

Pros

Doesn't take up a lot of system resources on endpoints
Provides the user an easy way to scan media
Provides security information about the endpoints

Cons

It would be good to continue to minimize the amount of resources needed during a scan
Provide more integration with Outlook to scan attachments with a notification that everything is good
Provide a Click to Fix option when listing issues or high-risk problems on systems

Likelihood to Recommend

It is well integrated with the Microsoft Admin center providing a quick way to find everything you're looking for. However, if there is a problem that needs addressed, you may have to click through a few more pages to find the solution. It will definitely let you know what's going on in your environment.

Verified User

Manager in Information Technology (51-200 employees)

Vetted Review

5 years of experience

My Insights on Microsoft Defender.

Rating: 9 out of 10

Incentivized

November 10, 2025

Use Cases and Deployment Scope

We use the Microsoft Defender for Endpoint protection and threat response. It helps protect our organization's servers and cloud from any attacks, thus keeping our data secure. The tool helps to ensure that our endpoints are secure from any threat through threat detection and elimination automation.

Pros

Proactive threat detection and protection.
Offers comprehensive endpoint security.
Offers advanced threat protection.

Cons

Sometimes it gives false positives.

Likelihood to Recommend

Our organization is medium-sized, and we find the tool to be applicable. I would recommend the tool to organization that requires Endpoint security of any size, as the tool is flexible and scalable. With the automated threat detection and elimination, you are sure of your Endpoint security.

Piero Biglione

IT Technician in Information Technology at Arkios (51-200 employees)

Vetted Review

5 years of experience

A strong endpoint solutions for microsoft ecosystem.

Rating: 9 out of 10

Incentivized

October 16, 2025

Use Cases and Deployment Scope

In our organization, we use Microsoft Defender for Endpoint to protect against malware, phishing, and other advanced threats. It provides real-time threat detections and automated remediations. This application assists us in improving endpoint compliance and centralized control.

Pros

Endpoint detection and response.
Real time threat detection.
Centralized dashboard.
Role-based access.

Cons

High CPU usage, the application should be lighter.
Improvement needs in UI.
Rules customization in limited.
Mobile support is not as good as a desktop application.

Likelihood to Recommend

Microsoft Defender for Endpoint works very well in the Microsoft ecosystem, especially in the Windows environment, with integrated tools like Intune policy management and Enterprise ID. It has some compatibility issues on MAC and Linux OS.

Verified User

Consultant in Information Technology (10,001+ employees)

Vetted Review

2 years of experience

Defender is a more than viable antivirus protection solution.

Rating: 10 out of 10

Incentivized

July 30, 2025

Use Cases and Deployment Scope

We used Defender to replace Sophos. Being included as part of the Microsoft 365 package saved us the entirety of the cost of the previous provider. It also provides significantly more detailed security insights into our devices. Dashboard scores are used to help proactively respond to threats. The software also includes threat assessment to see all of the vectors an attacker would use.

Pros

Dashboard for threats.
Ease of installation.
Rapid response to threats.

Cons

PC reporting often lags behind, so scores remain unchanged longer than desired.
The portal interface changes regularly, moving objects and menus.
It needs a more defined client interface to resemble a traditional third-party antivirus.

Likelihood to Recommend

Because of its integration with Windows, it is very easy to deploy and manage. Any IT department should be able to leverage the software and interface. The admin portal provides weighted recommendations that comprise the Secure Store, offering admins, security teams, and business owners valuable insights into their security footprint without requiring a strong security background. The software would be ideal for small and mid-sized businesses that cannot dedicate resources to security. Larger enterprises would also benefit, but may require the enhanced license.

Michael Miller

IT Engineer in Information Technology at Carolina West Wireless (51-200 employees)

Vetted Review

18 years of experience

Microsoft Defender for Endpoint Review

Rating: 7 out of 10

Incentivized

July 25, 2025

Use Cases and Deployment Scope

We use Microsoft Defender for Endpoint as an antivirus to protect our systems from different types of malware. It helps us uncover attacks which are happening on our machines. Also, it is useful in getting timely alerts for such attacks.

Pros

Detect attacks
Prevent infection from malware
Provide alerts

Cons

Easy to use management interface

Likelihood to Recommend

It is well suited for organisations who already use Office 365 as their mail and cloud storage. It is less appropriate for organisations which have lower budget.

Danny Nagdev

Founder in Corporate at LetsReflect (1-10 employees)

Vetted Review

2 years of experience

View profile

A simple no-nonsense EDR solution.

Rating: 10 out of 10

Incentivized

July 24, 2025

Use Cases and Deployment Scope

We use Microsoft Defender for Endpoint to help secure our endpoints and monitor our computer systems for potential threats. With the myriad vulnerabilities and malicious actors casting wide nets to threaten any computer indiscriminately, it is paramount to have a system in place to monitor and respond to these attacks actively. Microsoft Defender for Endpoint provides us the tools to monitor and react to incoming threats actively.

Pros

Fast detection of incoming threats.
Automatic response and disabling.
Alerting system.

Cons

Incident reporting.
Vulnerability assessments.
Automating deployment.

Likelihood to Recommend

You are probably already using Microsoft products, and Defender is already built into your Windows PC. Take a further step forward and add Defender for Endpoint to your Microsoft subscription. Get real-time cloud-based advanced detection and response, and a single pane of glass to see the reports and monitoring of all your devices.

Verified User

Director in Information Technology (51-200 employees)

Vetted Review

3 years of experience

Microsoft Defender for Endpoint a great option for budget savvy firms

Rating: 9 out of 10

Incentivized

July 17, 2025

Use Cases and Deployment Scope

We have Microsoft Defender for Endpoint deployed on our workstations, laptops, and other devices.

Pros

Detects bad links
spotting Malware in attachment

Cons

Updates need to be more frequent
access to logs on events

Likelihood to Recommend

It’s great for end user protection, with less interaction the user end

Matt Cox

Computer Systems Enginner II in Information Technology at Superior Court of San Francisco (501-1000 employees)

Vetted Review

5 years of experience

View profile

Microsoft Defender for Endpoint Delivers Great Value

Rating: 8 out of 10

Incentivized

July 17, 2025

Use Cases and Deployment Scope

Microsoft Defender for Endpoint or the primary endpoint protection suite coupled with our M365 and Intune. It is solving our endpoint protection use case and integrates nicely into 3rd party monitoring and SIEM products. Microsoft Defender for Endpoint, with the right M365 licensing level, is a very capable solution to solve endpoint security needs and is cost effective.

Pros

Cost Effective
Good Protection
Non-instrusive

Cons

Management isn't super intuitive
Insight split between Intune and Security Admin Center
Not all controls translate from Intune

Likelihood to Recommend

If you or your organization are using Microsoft 365 E3 licensing or higher, it's a very cost effective and smart solution to take advantage of Microsoft Defender for Endpoint. While the solution is dependent on Intune enrollment for easy management, once setup, it works great. It's fairly easy to manage once you get the hang of it, although it is split between Intune and Security Admin center for insights.

Verified User

Director in Information Technology (51-200 employees)

Vetted Review

3 years of experience

One of the best EDRs available.

Rating: 10 out of 10

Incentivized

July 15, 2025

Use Cases and Deployment Scope

We utilize Microsoft Defender for Endpoint to provide EDR detection, and protection for our endpoints (laptops/desktops/servers) running Microsoft Windows OS's. This information is integrated with our SIEM to ensure visibility for the Security Operations team.

We also leverage the agent to pull vulnerability data on locally installed applications and browser extensions.

Pros

Strong EDR detection and prevention capabilities
Excellent integration with the Microsoft Defender suite of products
Lightweight agent with easy deployment options

Cons

Provide more granularity for detect vs prevent configurations.
Consider moving the device control from Purview into Defender for Endpoint

Likelihood to Recommend

For companies that are already using Microsoft products; Defender for Endpoint is an excellent choice and is recognized as an industry leader. If organizations already have the E5 license, Microsoft Defender for Endpoint is included at no additional cost making it a strong choice based on features and cost effectiveness.

Verified User

Director in Information Technology (201-500 employees)

Vetted Review

4 years of experience

Loading Reviews List....

Microsoft Defender for Endpoint should just be enabled by default

Rating: 9 out of 10

Incentivized

December 31, 2025

Use Cases and Deployment Scope

Pros

Consolidate alerts so you are not overwhelmed
Integrates with Microsoft products
Already licensed if you're using Office Premium or higher enterprise licenses

Cons

Management Interface needs work
Digging through analysis is not always informative
Constant clicking around to find all the relevant information

Likelihood to Recommend

John Lee

IT Director in Information Technology at Fleurco Products Inc. (51-200 employees)

Vetted Review

5 years of experience