Skip to main content
TrustRadius
Microsoft Defender for Endpoint

Microsoft Defender for Endpoint
Formerly Microsoft Defender ATP

Overview

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation…

Read more

Learn from top reviewers

Ensure security of the applications

Rating: 10 out of 10
March 18, 2025
Vetted ReviewVerified User
We are using this service from last 3 years for protecting our applications from the attacks or ransomware. It has AI capabilities that detects and block immediately. It is ea...
Continue reading
Sonali Arora
Engineer - Information Technology
Staff Engineer
Nagarro
Microsoft Defender for Endpoint3 years of experience

Securing Your Organization With the Help of Microsoft Defender for Endpoint

Rating: 8 out of 10
March 18, 2025
Vetted ReviewVerified User
We use Microsoft Defender for Endpoint for phishing emails where we have installed the endpoint as well as all other users endpoint laptops where we use it to monitor all thre...
Continue reading
Gaurav Sharma
Account Manager - Sales
Sales Head
Lenovo
Microsoft Defender for Endpoint4 years of experience

Microsoft Defender for Endpoint: A Comprehensive enterprise security solution

Rating: 10 out of 10
March 6, 2025
IncentivizedVetted ReviewVerified User
We are using Microsoft Defender for Endpoint in our project for 6 years this tool is one of best solution for security operations in organization. Microsoft Defender for Endpo...
Continue reading
Shital Ulagadde
Engineer - Information Technology
Senior Cyber Security Consultant
LTIMindtree
Microsoft Defender for Endpoint3 years of experience

Enhancing Enterprise Security with Microsoft Defender for Endpoint

Rating: 9 out of 10
March 4, 2025
IncentivizedVetted ReviewVerified User
We have integrated our endpoints with Defender. As we are using it as XDR it is working really great in terms of action taker when the threat observed and it is having good ca...
Continue reading
Verified user
Administrator
Microsoft Defender for Endpoint3 years of experience

Microsoft Defender for Endpoint the best security solution for endpoints.

Rating: 8 out of 10
December 31, 2024
Vetted ReviewVerified User
In our organization we use Microsoft Defender for Endpoint to manage endpoint security across different regions and states. Before Microsoft Defender for Endpoint, we manually...
Continue reading
Verified user
Analyst
Microsoft Defender for Endpoint2 years of experience
Log in with LinkedIn to see content from your network

How Microsoft Defender for Endpoint Differs From Its Competitors

Components

We do use features like Endpoint Activity, Anomaly Detection and File Sensitivity, Active Background Scanning and Threat Management, etc. These help in keeping our organization and data secure and protected.
Continue reading

Components

There are multiple features offered by Microsoft Defender for Endpoint which we are using our project like Endpoint Detection and Response, Vulnerability management, Automated investigation and remediation, advanced threat analysis, attack surface reduction rules. these features Protects endpoints …
Continue reading

Protection Scope

Microsoft Defender for Endpoint has designed to secure platforms like windows, windows servers,MACOS,Linux. it secures Windows desktops and laptops also it Secures Linux servers and workstations. It provides security for iOS devices like iPhones and iPads. and secures mobile devices against …
Continue reading

Components

We are using it as Centralized Configuration and Administration for managing the security policies from one console. This is really good as admin while creating for large environment.Next generation protection for anitvirus and malware is also we are using to have the actions and it is helping to …
Continue reading

Protection Scope

The number will be in hundreds and if we talk about OS we do have all the supported OS covered and I can't share more details as security perspective of the organization.But we have many of the devices mentioned in the list are covered as till now and will be having more to go.
Continue reading

Components

We are using Defender for servers which includes security on SQL servers and other system. We using the AIR, automated Investigation and response using this we can automate basic remidiation like malware removal on detection etc. We also have exchange security which we manage on the single …
Continue reading

Protection Scope

We are protecting around 5,000 + enpoints manily Windows and windows servers, with around hundreds Android/iOS and bunch of Linux servers. We have recently trying to deboard the macOS devices to Jamf as defender for endpoints is not working as expected.
Continue reading

Components

Next-Generation Protection, real-time threat protection using behavior-based methods.

Microsoft Threat Experts we use the advice, threat context, and incident response support.

Endpoint Analytics which Offers insights into the health and performance of endpoints.

Centralized Management and Reporting …
Continue reading

Protection Scope

I think about 1500 endpoints. The vast majority of them are Windows 10. We're going to be migrating to 11 soon. We've got about a hundred servers. We've got about six Linux servers. The rest of them are either 2016, 2019 servers and probably about 80 Mac systems.
Continue reading

Components

Basically we are using the feature in which we come to know about the systems and what kind of access they're getting onto the system or how they are connected to other networks. And about how many times they connect to the other network. That is something that we keep monitoring using the …
Continue reading

Protection Scope

The number of endpoints can be a very approximate value. Yeah, it can be around 50 to 80 computers, that's what I believe because I'm in the admissions department. There are other departments involved too. That's the IT and the other one. So they might have a different number too. So we basically …
Continue reading

Components

We have been using real-time protection, automated investigation and remediation, endpoint behavior analysis, and with these functionalities we monitor and secure our network in real time, for example, automated remediation quickly addresses any potential threats without manual intervention of IT …
Continue reading

Protection Scope

We protect approximately 50 endpoints within our organization, securing a diverse range of platforms, including windows, windows server, macOS, Linux Servers, Android and iOS devices, this coverage ensures that all our devices regardless of operating systems, are protected against all threats, and …
Continue reading

Components

Microsoft Defender for Endpoint-Microsoft's EPP and EDR offering primarily built into Windows 10 but has been ported to other operating systems such as Mac & Linux , For Mac they use Bitdefender as OEM & Linux for AV engine. We also use Threat experts for Microsoft's threat hunting services, which …
Continue reading

Components

We are using the following components / features of Microsoft Defender for Endpoint in our organization:
1. Centralised deployment of antivirus agent
2. Centralised monitoring of security alerts
3. Vulnerability management
4. Antivirus and anti malware
5. Integration with Microsoft Intune
6. Device …
Continue reading

Components

We write our own analytics, so we're querying the telemetry. The defender for endpoint is generating the query functionality.
Continue reading

Components

Device Response Function: Perform AV ScanFile response functions: collect files, analyze in depth, block files, stop and quarantine programs
Continue reading

Components

It's a good question. As someone who doesn't have access into that administrative view, I'm not sure as far as what I would assume everything's turned on, but I can't accurately speak to what else might not be. Yeah, I mean using those capabilities just as an end user, just to know that whatever …
Continue reading

Protection Scope

I mean, assuming every employee has at least well across both Mac and Windows, I would say upwards of 400,000 assuming it's deployed everywhere. From a employee device perspective? Windows machines and Macintosh machines. I'm not personally sure where the server side of the conversation …
Continue reading

Components

Well, we're tying it to Sentinel and via Sentinel. We're actually using Logic apps, playbooks, and books. We're using advanced investigation, threat analytics, and many others. But really, the fact that it can integrate with Sentinel in a single pane of glass is a game changer for us.
Continue reading

Protection Scope

Probably about five. Well actually no, let's make that four because one of them is solely a Linux guy and he'd use it. So we've got one Linux and four Windows. We're all kinds of end users.
Continue reading

Components

I mostly have just gone into the alert analysis functions and then pivoted through the data sets in relation to the original security alerts that we have from our other systems that we have set up. We use it kind of as a backup, but that's mostly the only thing that I've done with it in terms of …
Continue reading

Components

The Advanced Star Protection is what we're using. And again, we're using that for all of our servers and all of our computers and laptops and things like that.
Continue reading

Components

Microsoft Defender for Endpoint works on user logins, malware, unwanted software, phishing, and provides remediations or playbooks for the automatic or user initiated response to issues arising from the incidents. In conjunction with MFA/Conditional Access, we have reduced the number of …
Continue reading

Protection Scope

4500 Windows 10 devices, 200 Windows Servers. Integrated with the rest of the the Microsoft Defender for Endpoint eco-system it protects 60000 user accounts, email addresses/exchange accounts, Cloud App access, and general security duties across over 100 distributed sites, and including off …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Return to navigation

Pricing

View all pricing

Academic

$2.50

On Premise
per user/per month

Standalone

$5.20

On Premise
per user/per month

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

Microsoft Defender for Endpoint Overview

YouTube
Return to navigation

Features

Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

8.3
Avg 8.6
Return to navigation

Product Details

What is Microsoft Defender for Endpoint?

Presented as an epicenter for comprehensive endpoint security, Microsoft Defender for Endpoint helps users rapidly stop attacks, scale security resources, and evolve defenses across operating systems and network devices.

Rapidly stops threats: Protects against sophisticated threats such as ransomware and nation-state attacks.

Scales security: Puts time back in the hands of defenders to prioritize risks and elevate the organization's security posture.

Evolves the organization's defenses: Goes beyond endpoint silos and mature the organization's security based on a foundation for extended detection and response (XDR) and Zero Trust.

Microsoft Defender for Endpoint Features

Endpoint Security Features

  • Supported: Anti-Exploit Technology
  • Supported: Endpoint Detection and Response (EDR)
  • Supported: Centralized Management
  • Supported: Infection Remediation
  • Supported: Vulnerability Management
  • Supported: Malware Detection

Microsoft Defender for Endpoint Screenshots

Screenshot of blocked activitiesScreenshot of Detects & respondsScreenshot of discovers vulnerabilityScreenshot of Eliminates blind spotsScreenshot of Risk management

Microsoft Defender for Endpoint Video

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint Competitors

Microsoft Defender for Endpoint Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo

Frequently Asked Questions

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.

CrowdStrike Falcon, Symantec Endpoint Security, and Sophos Intercept X are common alternatives for Microsoft Defender for Endpoint.

Reviewers rate Endpoint Detection and Response (EDR) highest, with a score of 8.8.

The most common users of Microsoft Defender for Endpoint are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

View all reviews
Companies can't remove reviews or game the system. Here's why
(1-5 of 103)

Securing Your Organization With the Help of Microsoft Defender for Endpoint

Rating: 8 out of 10
March 18, 2025
GS
Gaurav Sharma
Sales Head
Lenovo (Business Supplies & Equipment, 51-200 employees)
Vetted Review
Verified User
Microsoft Defender for Endpoint
4 years of experience
Pros
  • Great threat detection and management.
  • No major impact on performance of the device.
  • Securing our buisness in and out.
Cons
  • User Interface can be worked upon.
  • Improving Capabilities with non windows environment.
  • Latest Security updates timely.

Ensure security of the applications

Rating: 10 out of 10
March 18, 2025
SA
Sonali Arora
Staff Engineer
Nagarro (Information Technology & Services, 1001-5000 employees)
Vetted Review
Verified User
Microsoft Defender for Endpoint
3 years of experience
View profile
Pros
  • Seamless integration with other Microsoft services.
  • Ensure security and compliance.
  • Reduce risks very efficiently.
Cons
  • Cost and licensing is high for small businesses.
  • Slow the network performance sometimes.

Microsoft Defender for Endpoint: A Comprehensive enterprise security solution

Rating: 10 out of 10
Incentivized
March 06, 2025
SU
Shital Ulagadde
Senior Cyber Security Consultant
LTIMindtree (Information Technology & Services, 5001-10,000 employees)
Vetted Review
Verified User
Microsoft Defender for Endpoint
3 years of experience
Pros
  • Incident and Alert Monitoring
  • Vulnerability Management
  • Antivirus scan on end devices
  • On and off-boarding of devices/servers
  • Email Phishing investigation and remediation
Cons
  • Sometimes users experience alert fatigue due to large volume of alerts
  • while Microsoft Defender for Endpoint supports multiple platforms, its mobile management capabilities could be better
  • Reports sometimes feels it should be more customized and detailed
  • Sometimes while working it feels slowness of platform

Enhancing Enterprise Security with Microsoft Defender for Endpoint

Rating: 9 out of 10
Incentivized
March 04, 2025
Verified User
Administrator in Information Technology
Information Technology & Services Company, 10,001+ employees
Vetted Review
Verified User
Microsoft Defender for Endpoint
3 years of experience
Pros
  • The feature which we are using for centralized management for configuring and managing security policies across all endpoints.
  • Automated investigation and remediation is really helping us for time saving.
  • Custom rules as per our need and also the advanced rules are making it really good.
Cons
  • Pricing for using some of the services
  • Complications on some of the GUI features.
  • Integration in small scale industry and some time may be difficult

Microsoft Defender for Endpoint the best security solution for endpoints.

Rating: 8 out of 10
December 31, 2024
Verified User
Analyst in Information Technology
Hospital & Health Care Company, 1001-5000 employees
Vetted Review
Verified User
Microsoft Defender for Endpoint
2 years of experience
Pros
  • Microsoft Defender for Endpoint UI is very human friendly and one can easily use it.
  • Microsoft Defender for endpoint agent is very light weight and don't imapct the machine.
Cons
  • Microsoft defender for Endpoints doesn't support Linux system very well.
  • Sometimes defender agent doesn't install properly, which leaves endpoints at risk or unsecure.
Return to navigation