Skip to main content
TrustRadius
Microsoft Defender for Endpoint

Microsoft Defender for Endpoint
Formerly Microsoft Defender ATP

Overview

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation…

Read more
Recent Reviews

Secure workstations with MDE

8 out of 10
November 03, 2023
Microsoft Defender for Endpoint offers exceptional threat insight and protection. Its KQL powered Advanced Hunting provides deep analysis. …
Continue reading
Read all reviews

How Microsoft Defender for Endpoint Differs From Its Competitors

Components

We utilize everything relates endpoint and network issues. The AI integration is actually my favorite component because it comes in handy in vulnerability scanning through scanning our networks and alert us Incase of any exposure. Remediation and blocking of advanced threats are also a plus.
Continue reading

Protection Scope

We have currently installed Microsoft Defender for Endpoint on 1573 endpoint devices on our main network. This includes Windows and Apple desktops, laptops, and servers. We also do scan our routers and switches and have rolled out installation on some of our mobile devices. The goal is to secure …
Continue reading

Components

We are using everything related to the endpoint and to network devices. We have installed Microsoft Defender for Endpoint on our desktops and laptops. We have also implemented the network vulnerability scanning functionality that scans our network appliances and alerts us of any vulnerabilities.
Continue reading

Protection Scope

We currently have the Microsoft Defender for Endpoint agent installed on about 1600 endpoint devices on our network. These include Windows and Apple laptops and desktops. We are also scanning Cisco routers and switches. We are looking for a way to roll out the installation on mobile devices, in …
Continue reading

Components

- We use Endpoint detection and response for proactive detection and remediation.
- Attack Surface Reduction helps us proactively block commonly used attack methods by malware (scripts).
- We use Microsoft Defender for Endpoint as a layered approach with other security tools.
Continue reading

Components

  • Vulnerability Management
  • Baseline Assessments
  • Device Discovery
  • Endpoint Security Policies
  • Automated Remediation
  • Dynamic Device Tagging
  • Endpoint DLP
  • Web Content Filtering
  • Live Response
  • Unified integration with Defender for Cloud
  • Always remediate PUA
  • Device Deception (Preview)
  • Download quarantined files
  • Evaluatio…
Continue reading

Protection Scope

We currently have more than 200 active devices across the organization. We are a 'Windows' only organization when it comes to internal end user deployments. When it comes to server count, we have a small environment of less than 20 servers containing both Windows and Linux servers deployed in …
Continue reading

Components

Antivirus and Malware protection are features we are using by have them installed in endpoint devices that associated with our users that are in M365 group, once the user is eligible for M365, we will install the application and remove the other antivirus (if any), which then will bring us to the …
Continue reading

Components

We are using the following components / features of Microsoft Defender for Endpoint in our organization:
1. Centralised deployment of antivirus agent
2. Centralised monitoring of security alerts
3. Vulnerability management
4. Antivirus and anti malware
5. Integration with Microsoft Intune
6. Device …
Continue reading

Components

Admin portal : Enables endpoint monitoring, security incident identification, and response.
Endpoint Detection and Response (EDR) : Organizations can investigate security incidents, collect pertinent data, and implement the necessary remediation activities to eliminate and contain threats by using …
Continue reading

Protection Scope

Microsoft Defender for Endpoint offers comprehensive protection for Windows endpoints and Windows Server environments.
We are protecting over 30 Windows devices for our company, as well as more than 50 Windows and macOS devices for one of our customers. We also use Microsoft Intune to manage over …
Continue reading

Components

1. Endpoint Detection and Response
2. Advanced Threat Protection
3. Attack Surface Reduction
Continue reading

Protection Scope

More than 1000 devices are configured with Microsoft Defender for Endpoint. We are using this in Windows 10, 11 and Windows Servers
Continue reading

Components

EDR, Auto investigation & remediation Threat & Vulnerability Management Attack Service Reduction rules Secure Score for Devices Network Discovery. Basically, all features for clients are managed with Intune as MDM; Servers are managed with Azure Policy and GPO. Linux machines have custom scripting …
Continue reading

Components

Endpoint Protection
Threat & Vulnerability Management
Intune Integration
Microsoft Defender Antivirus
Microsoft Defender SmartScreen
Attack Surface Reduction
Continue reading

Components

Advanced threat detection, automated incidence response, integration, endpoint detection and response, and threat intelligence. All the features come together in investigation and response to threats enhancing the general security of our small organization.
Continue reading

Components

We are using the following features of Microsoft defender Unified security tools and centralized management.Next-generation antimalware. Attack surface reduction rules.Device control (such as USB)Endpoint firewall.Network protection.Web control/category-based URL blocking.Device-based conditional …
Continue reading

Protection Scope

We have around 4000 endpoints, including workstations and servers that vary from Windows workstations, windows servers, Linux servers, Android devices, and iOS devices. Etc.
Continue reading

Components

Vulnerability management to identify issues and review recommendations. Configuration management and monitoring. Endpoint detection and response to identify potential threats and shut them down before the prove to be an issue. Incident reporting and root cause remediation research when issues are …
Continue reading

Components

Threat Protection: Microsoft Defender for Endpoint provides real-time protection against a wide range of threats, including malware, viruses, ransomware, and phishing attacks. It uses advanced threat detection algorithms and machine learning to identify and block malicious activities.Endpoint …
Continue reading

Protection Scope

5,000 Endpoints we're currently managing through Microsoft Defender for Endpoint protection. We only use it for Microsoft Servers as it doesn't support macOS, Linux servers, Android, iOS, etc).
Continue reading

Components

Microsoft Defender for Endpoint-Microsoft's EPP and EDR offering primarily built into Windows 10 but has been ported to other operating systems such as Mac & Linux , For Mac they use Bitdefender as OEM & Linux for AV engine. We also use Threat experts for Microsoft's threat hunting services, which …
Continue reading

Components

For our organization, we found the device inventory, which helps us to find discover, track, and manage our devices. Along with the log management is very useful; we can investigate what's happened. The management console is well done, useful, and helps in managing our environment. That's a great …
Continue reading

Components

The main components we are using are:
  • Attack Surface Reduction (ASR).
  • Next-generation Protection.
  • Microsoft Secure Score for Devices.
  • Automated Investigation and Remediation (AIR).
Continue reading

Components

We are utilising a mix of P1 and P2 versions of Defender for Endpoint. The P2 version includes Endpoint Detection and Response as an extension, as well as automatic investigation adn remediation, making it a full competitor to other XDR tools on the market.
Continue reading

Components

Device Response Function: Perform AV ScanFile response functions: collect files, analyze in depth, block files, stop and quarantine programs
Continue reading

Components

Currently we have deployed all features available to us, but mostly we use, at least on a day to day basis, the endpoint protection in the form of antivirus / antimalware protection. The anti-exploit feature is used and it is has been very eye opening to get reports of potential threats that have …
Continue reading

Protection Scope

Our environment consists of mostly Windows systems. We have both workstations and servers in the form of virtual machines and a virtual desktop infrastructure. We have roughly two thousand systems and of those, about five hundred of them are a part of our virtual desktop infrastructure for end …
Continue reading

Components

For the secured remote access of the multiple production machines through browser, the Microsoft Defender is utilized at the office machines (endpoints). With the advanced vulnerability management and auto threat detection, it can detect weather the access is secured and authorized or not. It …
Continue reading

Protection Scope

Depending upon the project size and number of production machines it depends. Currently depending upon the bots (3-5), production machines are managed with concurrency. All the machines work on the Widows platform and these machines are accessed by the 3-4 agents.
It manages the endpoint weaknesses …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Malware Detection (52)
    8.5
    85%
  • Infection Remediation (51)
    8.2
    82%
  • Anti-Exploit Technology (50)
    8.0
    80%
  • Centralized Management (51)
    7.9
    79%

Reviewer Pros & Cons

View all pros & cons
Abdul Ayub | TrustRadius Reviewer
Abdul Ayub
Executive Engineer Transmission
Sui Northen Gas Pipelines Ltd (Oil & Energy, 10,001+ employees)
Conrad Nyamache | TrustRadius Reviewer
Conrad Nyamache
Computer Technician Specialist
Utility (Program Development, 51-200 employees)
Return to navigation

Pricing

View all pricing

Academic

$2.50

On Premise
per user/per month

Standalone

$5.20

On Premise
per user/per month

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

Microsoft Defender for Endpoint Overview

YouTube
Return to navigation

Features

Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

8.2
Avg 8.5
Return to navigation

Product Details

What is Microsoft Defender for Endpoint?

Presented as an epicenter for comprehensive endpoint security, Microsoft Defender for Endpoint helps users rapidly stop attacks, scale security resources, and evolve defenses across operating systems and network devices.

Rapidly stops threats: Protects against sophisticated threats such as ransomware and nation-state attacks.

Scales security: Puts time back in the hands of defenders to prioritize risks and elevate the organization's security posture.

Evolves the organization's defenses: Goes beyond endpoint silos and mature the organization's security based on a foundation for extended detection and response (XDR) and Zero Trust.

Microsoft Defender for Endpoint Features

Endpoint Security Features

  • Supported: Anti-Exploit Technology
  • Supported: Endpoint Detection and Response (EDR)
  • Supported: Centralized Management
  • Supported: Infection Remediation
  • Supported: Vulnerability Management
  • Supported: Malware Detection

Microsoft Defender for Endpoint Screenshots

Screenshot of blocked activitiesScreenshot of Detects & respondsScreenshot of discovers vulnerabilityScreenshot of Eliminates blind spotsScreenshot of Risk management

Microsoft Defender for Endpoint Video

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint Competitors

Microsoft Defender for Endpoint Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

Frequently Asked Questions

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.

CrowdStrike Falcon, Symantec Endpoint Security, and Sophos Intercept X are common alternatives for Microsoft Defender for Endpoint.

Reviewers rate Endpoint Detection and Response (EDR) and Malware Detection highest, with a score of 8.5.

The most common users of Microsoft Defender for Endpoint are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(173)

Attribute Ratings

Reviews

(1-25 of 59)
Companies can't remove reviews or game the system. Here's why
March 21, 2024

Perfect Endpoint Security, Exposure Detection and Management Tool.

Conrad Nyamache | TrustRadius Reviewer
Conrad Nyamache
Computer Technician Specialist
Utility (Program Development, 51-200 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Protection Scope
We have currently installed Microsoft Defender for Endpoint on 1573 endpoint devices on our main network. This includes Windows and Apple desktops, laptops, and servers. We also do scan our routers and switches and have rolled out installation on some of our mobile devices. The goal is to secure each and every device with this top-notch solution.
February 07, 2024

Microsoft Defender for Endpoint Review

KL
Kevin Lee
Network Security Analyst
A.T. Still University (Higher Education, 1001-5000 employees)
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Protection Scope
We currently have the Microsoft Defender for Endpoint agent installed on about 1600 endpoint devices on our network. These include Windows and Apple laptops and desktops. We are also scanning Cisco routers and switches. We are looking for a way to roll out the installation on mobile devices, in the future.
November 21, 2023

The one stop security shop for the endpoints

Yash Mudaliar | TrustRadius Reviewer
Yash Mudaliar
Associate Lead Security Admin
Atidan (Information Technology & Services, 201-500 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Protection Scope
We currently have more than 200 active devices across the organization. We are a 'Windows' only organization when it comes to internal end user deployments. When it comes to server count, we have a small environment of less than 20 servers containing both Windows and Linux servers deployed in Microsoft Azure.
November 03, 2023

"Microsoft Defender for Endpoint One of the best tool to manage threat, Vulnerability and Compliance of the endpoints."

Verified User
Consultant in Engineering
Information Technology & Services Company, 11-50 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Protection Scope
Microsoft Defender for Endpoint offers comprehensive protection for Windows endpoints and Windows Server environments.
We are protecting over 30 Windows devices for our company, as well as more than 50 Windows and macOS devices for one of our customers. We also use Microsoft Intune to manage over 50 Android devices, Also manage IOS devices.
September 25, 2023

Microsoft Defender for Microsoft Endpoint.

RK
RUSHABH KADCHHUD
Associate Director - Practice Lead, Network and Systems Engineering
Arcadis (Computer & Network Security, 10,001+ employees)
Score 5 out of 10
Vetted Review
Verified User
Incentivized
Protection Scope
5,000 Endpoints we're currently managing through Microsoft Defender for Endpoint protection. We only use it for Microsoft Servers as it doesn't support macOS, Linux servers, Android, iOS, etc).
September 21, 2023

Easy and Reliable to Use

Verified User
Administrator in Information Technology
Higher Education Company, 201-500 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Protection Scope
Our environment consists of mostly Windows systems. We have both workstations and servers in the form of virtual machines and a virtual desktop infrastructure. We have roughly two thousand systems and of those, about five hundred of them are a part of our virtual desktop infrastructure for end users. Probably another two hundred are virtual servers. The remaining are a handful of physical servers and the rest are mostly thin clients used to connect to our VDI.
Return to navigation