Try our new research platform with insights from 80,000+ expert users
Microsoft Defender for Endpoint Logo

Microsoft Defender for Endpoint Reviews

Vendor: Microsoft
4.1 out of 5
Badge Ranked 1
Leave a review

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

Get the Microsoft Defender for Endpoint Buyer's Guide and find out what your peers are saying about Microsoft Defender for Endpoint, CrowdStrike Falcon, Microsoft Intune and more!
Microsoft Defender for Endpoint is the #1 ranked solution in endpoint security software, #1 ranked solution in top Anti-Malware Tools, #3 ranked solution in EDR tools, #4 ranked solution in top Advanced Threat Protection (ATP) solutions, and #5 ranked solution in top Microsoft Security Suite solutions. PeerSpot users give Microsoft Defender for Endpoint an average rating of 8.2 out of 10. Microsoft Defender for Endpoint is most commonly compared to CrowdStrike Falcon: Microsoft Defender for Endpoint vs CrowdStrike Falcon. Microsoft Defender for Endpoint is popular among the large enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.
Buyer's Guide
Microsoft Defender for Endpoint
August 2025
Get the report
Helped 865,985 peers since 2012

Featured Microsoft Defender for Endpoint reviews

Read more reviews

Microsoft Defender for Endpoint mindshare

Product category:
Endpoint Protection Platform (EPP)
As of August 2025, the mindshare of Microsoft Defender for Endpoint in the Endpoint Protection Platform (EPP) category stands at 10.2%, down from 13.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Microsoft Defender for Endpoint10.2%
CrowdStrike Falcon10.5%
HP Wolf Security6.3%
Other73.0%
Endpoint Protection Platform (EPP)

PeerResearch reports based on Microsoft Defender for Endpoint reviews

TypeTitleDate
CategoryEndpoint Protection Platform (EPP)Aug 27, 2025Download
ProductReviews, tips, and advice from real usersAug 27, 2025Download
ComparisonMicrosoft Defender for Endpoint vs CrowdStrike FalconAug 27, 2025Download
ComparisonMicrosoft Defender for Endpoint vs SentinelOne Singularity CompleteAug 27, 2025Download
ComparisonMicrosoft Defender for Endpoint vs Check Point Harmony EndpointAug 27, 2025Download
Suggested products
TitleRatingMindshareRecommending
CrowdStrike Falcon4.310.5%96%132 interviewsAdd to research
Microsoft Intune4.1N/A94%298 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Microsoft Defender for Endpoint's most valuable features include robust malware detection, auto-remediation, ransomware protection, and threat intelligence. Its deep integration with Windows and Microsoft services like Azure and Office 365 provides strong protection with minimal impact on performance. The centralized management, automation of responses, and extensive threat visibility make it a comprehensive EDR solution. Users value its ease of use, quick updates, and the ability to prioritize and manage threats efficiently.
  • "One of the best features of Microsoft Defender for Endpoint is called Threat and Vulnerability Management, TVM, which provides real-time visibility of vulnerabilities and misconfiguration at our endpoint level and helps prioritize and remediate based on risk information."
  • "Microsoft Defender for Endpoint has significantly impacted our security posture."
  • "The feature I find most valuable in Microsoft Defender for Endpoint is that it blocks the process and keeps the endpoint from getting infected with malware."

Room for Improvement

Microsoft Defender for Endpoint users report concerns with slow customer service and performance issues, including computer slowdowns and internet connectivity problems after installation. Users find the interface complex and desire better reporting, customization, and pricing. They want improved ransomware protection, deeper integrations with third-party tools, and better behavior-based analytics. Some users struggle with licensing complexity and require enhanced engagement from support. More security features and consistent updates are needed to address evolving cybersecurity threats.
  • "Regarding the pricing of Microsoft Defender for Endpoint, during the last three years, we set up the product and sold it, but we faced difficulties because Microsoft pricing is always the same."
  • "I don't think it's scalable at this moment. It is doing what it's supposed to do, but Microsoft Defender for Endpoint isn't there yet."
  • "The log searches for Microsoft Defender for Endpoint are pretty difficult to navigate. It needs a better UI or more intuitive search and filter mechanisms to make it easy to get through and filter through all the data logs."

ROI

Many users report a positive return on investment from Microsoft Defender for Endpoint due to its integration and elimination of third-party costs. Savings come from reduced expenses on antivirus, centralized management, and increased efficiency. Although some have not yet realized full financial benefits, the comprehensive security features and threat protection offer substantial cost advantages over potential ransomware or malware impacts, and users appreciate the time-saving aspects, which enhance overall operations.

Pricing

Microsoft Defender for Endpoint pricing varies significantly depending on licensing and organizational needs. Many users find it affordable since it's bundled with Windows, while others highlight costs associated with advanced features like centralized management using E5 or Office 365 plans. Monthly or yearly licensing options offer flexibility, and enterprise agreements can reduce costs. Despite perceptions of high costs for standalone purchases, integrating Defender as part of Microsoft packages generally enhances cost-effectiveness.
  • "It's all pretty easy. For some clients, it's an easier sell because it's just an add-on to their existing Microsoft licensing and Office 365 licensing."
  • "It isn't cheap, but it's reasonable and fair."
  • "Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs."

Popular Use Cases

Organizations primarily utilize Microsoft Defender for Endpoint to protect against viruses, malware, and ransomware. It serves as an antivirus solution, aids in threat detection, endpoint protection, and ensures data security. Users appreciate its integration with Windows systems for seamless cybersecurity management. It is also employed for endpoint detection and response (EDR), safeguarding against phishing attacks, and monitoring potential vulnerabilities.

Service and Support

The customer service and support for Microsoft Defender for Endpoint receive mixed feedback. Many users find the technical support responsive and knowledgeable, with ratings often between seven and ten. However, some users experience delays and inconsistent support quality, particularly with lower-tier levels. Level of satisfaction frequently depends on the support package purchased, with premium packages offering faster and better service. Users appreciate the availability of resources and documentation, which help in resolving issues independently.

Deployment

Microsoft Defender for Endpoint's initial setup is generally straightforward and simple, often pre-installed with Windows. Many users find the installation process quick, with minimal configuration required. For some, setup integration with existing infrastructures can be complex, especially in larger networks or when additional third-party tools are involved. Users appreciate that once deployed, maintenance is minimal. Initial configuration varies in complexity depending on network size, existing solutions, and specific organizational needs.

Scalability

Microsoft Defender for Endpoint is recognized for its scalability, with many organizations noting its ability to accommodate a diverse range of users and devices. Cloud-based infrastructure supports effortless expansion and integration with other services, enabling seamless growth from small to enterprise levels. Users appreciate its adaptability across various environments and its capacity for increasing user endpoints. While some have concerns, most agree it's efficient in managing large-scale deployments and evolves to meet dynamic needs effectively.

Stability

Microsoft Defender for Endpoint is widely regarded as stable, performing well without affecting system resources. Many users find it reliable and comparable to other security solutions, with few experiencing issues like CPU overload or memory consumption, particularly in low-resource environments. Rare minor problems, such as visual glitches or syncing issues, are reported but typically resolved. Stability often aligns with correct configuration and up-to-date Windows systems, though frequent updates occasionally introduce temporary bugs.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Microsoft Defender for Endpoint Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business73
Midsize Enterprise31
Large Enterprise76
By reviewers
By visitors reading reviews
Company SizeCount
Small Business2131
Midsize Enterprise1245
Large Enterprise3593
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
14%
Manufacturing Company
8%
Financial Services Firm
8%
Government
8%
Comms Service Provider
7%
Educational Organization
5%
University
5%
Retailer
5%
Healthcare Company
4%
Construction Company
3%
Energy/Utilities Company
3%
Real Estate/Law Firm
3%
Insurance Company
3%
Non Profit
3%
Legal Firm
2%
Media Company
2%
Hospitality Company
2%
Wholesaler/Distributor
2%
Outsourcing Company
2%
Performing Arts
2%
Transportation Company
1%
Recreational Facilities/Services Company
1%
Aerospace/Defense Firm
1%
Pharma/Biotech Company
1%
Consumer Goods Company
1%

Compare Microsoft Defender for Endpoint with alternative products

Go!

Learn more about Microsoft Defender for Endpoint

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft Defender for Endpoint was previously known as Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus.

Product Demo

Play interactive demo

Microsoft Defender for Endpoint customers

Petrofrac, Metro CSG, Christus Health

Related questions

  • 13
Compare Microsoft Windows Defender and Symantec Endpoint Protection. How Do I Choose?
  • 77
Which product would you choose: Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks?
  • 124
What do you think of the integration of Azure AD Services, Defender for Endpoint, and Intune as comprehensive security solutions?
  • 18
CrowdStrike Falcon vs Microsoft Defender ATP: Comparison of features and performance
  • 84
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
  • 101
Running Carbon Black Defense Along with Windows Defender
  • 101
How is Cortex XDR compared with Microsoft Defender?
  • 26
Which offers better endpoint security - Symantec or Microsoft Defender?
  • 47
How does Microsoft Defender for Endpoint compare with Carbon Black CB Defense?
  • 28
How would you compare between Microsoft Defender for Endpoint and Tanium EDR?

Product Categories

Product Categories
Endpoint Protection Platform (EPP)
Advanced Threat Protection (ATP)
Anti-Malware Tools
Endpoint Detection and Response (EDR)
Microsoft Security Suite

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Microsoft Defender for Endpoint Logo
CrowdStrike Falcon vs Microsoft Defender for Endpoint
Microsoft Intune vs Microsoft Defender for Endpoint Logo
Microsoft Intune vs Microsoft Defender for Endpoint
Fortinet FortiEDR vs Microsoft Defender for Endpoint Logo
Fortinet FortiEDR vs Microsoft Defender for Endpoint
Microsoft Defender for Office 365 vs Microsoft Defender for Endpoint Logo
Microsoft Defender for Office 365 vs Microsoft Defender for Endpoint
Microsoft Sentinel vs Microsoft Defender for Endpoint Logo
Microsoft Sentinel vs Microsoft Defender for Endpoint
Microsoft Entra ID vs Microsoft Defender for Endpoint Logo
Microsoft Entra ID vs Microsoft Defender for Endpoint
Microsoft Defender for Cloud vs Microsoft Defender for Endpoint Logo
Microsoft Defender for Cloud vs Microsoft Defender for Endpoint
SentinelOne Singularity Complete vs Microsoft Defender for Endpoint Logo
SentinelOne Singularity Complete vs Microsoft Defender for Endpoint
Microsoft Defender XDR vs Microsoft Defender for Endpoint Logo
Microsoft Defender XDR vs Microsoft Defender for Endpoint
Microsoft Purview Data Governance vs Microsoft Defender for Endpoint Logo
Microsoft Purview Data Governance vs Microsoft Defender for Endpoint
Cortex XDR by Palo Alto Networks vs Microsoft Defender for Endpoint Logo
Cortex XDR by Palo Alto Networks vs Microsoft Defender for Endpoint
HP Wolf Security vs Microsoft Defender for Endpoint Logo
HP Wolf Security vs Microsoft Defender for Endpoint
Fortinet FortiClient vs Microsoft Defender for Endpoint Logo
Fortinet FortiClient vs Microsoft Defender for Endpoint
Elastic Security vs Microsoft Defender for Endpoint Logo
Elastic Security vs Microsoft Defender for Endpoint
WatchGuard Firebox vs Microsoft Defender for Endpoint Logo
WatchGuard Firebox vs Microsoft Defender for Endpoint
See all alternatives
 
Microsoft Defender for Endpoint Reviews Summary
Author infoRatingReview Summary
Team manager of it department at a financial services firm with 501-1,000 employees4.0We transitioned from Carbon Black and Symantec to Microsoft Defender for Endpoint due to our existing license. It provides strong multi-platform security and automatic threat resolutions but needs better integration with managed service providers. We’re yet to fully realize the ROI.
Consultant at ACT4SERVICES4.5I use Microsoft Defender for Endpoint for threat hunting in Azure environments, employing KQL for analysis. While it offers robust real-time protection against zero-day and malware attacks, new users could benefit from more video guidance on its features.
Information Security at a government with 10,001+ employees4.0I use Microsoft Defender for Endpoint primarily for its integrated MD, EDR, and valuable features like the cloud app and phishing simulation. While the vulnerability assessment is useful, it lacks accuracy, and adding a sandbox would enhance its effectiveness.
Systems engineers at Delta Dental of Colorado4.5We use Microsoft Defender for Endpoint for vulnerability tracking and compliance with SOC 2. Its reporting and notifications enhance efficiency and visibility. Despite some mobile endpoint limitations, its integration with our E5 license surpasses competitors like CrowdStrike.
IT Infosys Security Analyst at Infosys4.5I use Microsoft Defender for Endpoint for both EDR and vulnerability management. Its integration and logging capabilities are excellent, though reporting could be improved. Automation simplifies threat detection, and transitioning from Symantec and Trend Micro was due to a merger.
Solution Consultant at BIM Group of Companies5.0I've used Microsoft Defender for Endpoint for over three years to secure client systems, appreciating its built-in agent and strong threat management, though I find the pricing inflexible and believe long-term discounts could improve competitiveness.
IT CONSULTANT at a tech company with 10,001+ employees5.0We use Microsoft Defender for Endpoint as a safety solution in hospitality. It's user-friendly, reliable, and aids compliance. While it requires more AI enhancements, it optimizes labor and shows a solid ROI. Previous solutions are now forgotten.
Office 365 Subject Expert at a government with 10,001+ employees4.0We primarily use Microsoft Defender for Endpoint for desktop security. Its web filtering is valuable, but improvements are needed to reduce false positives and enhance GUI navigation. Despite some support challenges, it offers a good return on investment.