Microsoft Defender for Endpoint

Microsoft Defender for Endpoint
Formerly Microsoft Defender ATP

Score 8.8 out of 10
Microsoft Defender for Endpoint

Overview

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation...
Read more

Recent Reviews

Read all reviews

Popular Features

View all 7 features
  • Endpoint Detection and Response (EDR) (6)
    9.6
    96%
  • Centralized Management (6)
    9.6
    96%
  • Anti-Exploit Technology (6)
    9.3
    93%
  • Infection Remediation (6)
    9.3
    93%

Reviewer Pros & Cons

View all pros & cons
AM
Ali Marandi
Senior Manager-Cyber Security
Brookfield Renewable (Environmental Services, 1001-5000 employees)

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Microsoft Defender for Endpoint, and make your voice heard!

Record a review
Return to navigation

Pricing

View all pricing

Academic

$2.50

On Premise
per user/per month

Standalone

$5.20

On Premise
per user/per month

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services
Return to navigation

Features

Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

9.5Avg 8.7
Return to navigation

Product Details

What is Microsoft Defender for Endpoint?

Presented as an epicenter for comprehensive endpoint security, Microsoft Defender for Endpoint helps users rapidly stop attacks, scale security resources, and evolve defenses across operating systems and network devices.

Microsoft Defender for Endpoint Screenshots

Screenshot of BlocksophisScreenshot of Detect & respondScreenshot of discover vulnerabilityScreenshot of Eliminate blind spotsScreenshot of Eliminate risks

Microsoft Defender for Endpoint Video

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

Frequently Asked Questions

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.

Reviewers rate Endpoint Detection and Response (EDR) and Centralized Management and Vulnerability Management highest, with a score of 9.6.

The most common users of Microsoft Defender for Endpoint are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

 (71)

Attribute Ratings

Reviews

(1-1 of 1)
Popular Filters
Companies can't remove reviews or game the system. Here's why
October 20, 2021

Holistic approach to Cybersecurity

Joe Aldeguer | TrustRadius Reviewer
Joe Aldeguer
IT Director
Society of American Florists (Non-profit Organization Management, 11-50 employees)
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
MDE is Microsoft's latest cybersecurity tool which takes a holistic approach to protect my organization from known and zero-day threats. I love the fact that I don't need to stitch together a diverse solution to increase my organization's security posture. I only have to use one login to manage my dashboard. MDE is compatible with all endpoints in my organization. I have macOS, iOS, Windows server, Windows 10, and Ubuntu Linux on-boarded. It is an EDR, XDR that is mapped against the MITRE ATT&CK framework.
Pros and Cons
  • Compatible with macOS, iOS, Android, Windows Server, Windows 10 and Linux
  • It runs natively on Windows it is not a bolted on solution. Once you have the correct license it is easy enough to light up the application to protect the endpoint
  • Integrated with Microsoft Intune
  • It is designed to detect and remediate adversary tactics from the MITRE knowledge base.
  • Microsoft analyzes billions of signals daily to detect attacks against O365 tenants these same signals are fed into ML to further fine-tune MDE. How many other solutions out there will have access to this vast amount of data to analyze to train their ML?
  • Automated detection and remediation of threats with a graphical timeline view of how the treat got into the device and was stopped
  • It has its own vulnerability scanner to feed data into the dashboard so you can see daily which endpoints need to be patch first based on its value
  • It comes with an advanced hunting tool using the kusto query language to search your tenant for threats
  • It can keep 180 days of log data
  • From one bundled license I can protect Exchange online email, Sharepoint, Microsoft Teams, One Drive, Azure identities, AD, endpoints
  • Web filtering on the macOS it not available yet
  • They recently made it easier to on-board macOS endpoints using Microsoft Intune by deploying it as an app. It used to take a lot of more configuration profiles to set up. For older macOS Sierra using the older extensions it will still require the multiple steps to on-board to MDE
  • They need to integrate Microsoft Cloud app into the new dashboard of MDE
  • Reduce the memory overhead of the mdatp agent running on Linux
Likelihood to Recommend
Small or large organizations will benefit from using MDE. They need to provide a way to buy MDE as a standalone add-on product not only make it a bundled feature in Microsoft 365 E5. I wish it had the ability to deploy updates to 3rd party apps when the vulnerability scanner discovers a vulnerability. Currently, I have to use a 3rd party tool to address this gap.
Most Important Features
  • Holistic cybersecurity tool
  • Compatibility with all of my OS
  • It is like having my own SOC for my small organization
Microsoft Defender for Endpoint Feature Ratings
Endpoint Security (7)
100%
10.0
Anti-Exploit Technology
100%
10.0
Endpoint Detection and Response (EDR)
100%
10.0
Centralized Management
100%
10.0
Hybrid Deployment Support
100%
10.0
Infection Remediation
100%
10.0
Vulnerability Management
100%
10.0
Malware Detection
100%
10.0
Return on Investment
  • You will have to move up to Microsoft 365 E5
  • You can get rid of other 3rd party security tools and just use the Microsoft ecosystem
Alternatives Considered
MDE is a complete solution from one vendor.
Products Replaced
Yes
I was using Avast Business edition to protect my macOS endpoints. I decided to go with Microsoft Defender for Endpoint to get deeper protection. I don't like the idea of having to log in to different portals to manage my endpoint protection.
Key Differentiators
  • Product Features
  • Product Reputation
The cross-platform solution providing protection to all of the operating systems we used at work.
Support Rating
9
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session.
Premium Support
No. Tech support through phone or email comes with Microsoft 365 E5 license.
Bug Resolution
No
Return to navigation