CyberArk Endpoint Privilege Manager vs Microsoft Defender for Endpoint comparison

You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between CyberArk Endpoint Privilege Manager and Microsoft Defender for Endpoint based on real PeerSpot user reviews.

Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed CyberArk Endpoint Privilege Manager vs. Microsoft Defender for Endpoint Report (Updated: May 2022).
655,465 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"Users can scale the solution.""The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically.""It offers great performance.""The most valuable feature is that their database is completely encrypted and protected with multiple layers.""The department management aspect of the solution is the most valuable aspect.""You can use it to strip users of their local admin rights and, at the same time, elevate applications for them.""I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them.""I have always found that CyberArk is a very tight, foolproof product compared to most other products available."

More CyberArk Endpoint Privilege Manager Pros →

"Defender should be fine for home use. It has all the basic functionality you need. I can't speak to how well it works as an enterprise solution because I'm not in the space.""It doesn't cause the slowness of the system, which is one of the reasons why I like it.""Microsoft Defender for Endpoint is beneficial because we are using Microsoft Windows and all the core solutions are made by Microsoft, such as the authentic platform, operating system, and antivirus protection. It is a heterogeneous environment. We had to use third-party solutions before and update everything separately. For example, the policy for antivirus. With Microsoft Defender for Endpoint, when Microsoft Windows receives updates it will update with it. This is one main advantage of this solution.""The best part is that it is built into Windows, whether it is a server base or a desktop base, which gives more control over the operating system. Because Defender, the operating system, and the Office solution are by Microsoft, everything is working like hand-in-glove. Its administrative overhead is less because a desktop user has already got some experience of how to handle a Microsoft Defender notification or administer it.""We use Microsoft Defender for the antivirus.""The main features of this solution are that it handles everything by itself and is well integrated.""The most valuable feature is its ability to effectively detect threats. It has the EDR feature, endpoint detection and response, and that is very good.""We like that it has a free version available."

More Microsoft Defender for Endpoint Pros →

"It is hard to deal with technical support if you are not certified.""Can be improved by allowing computers to be excluded from policies.""It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage.""CyberArk is a pretty heavy solution.""Technical support is slow to respond when we run into issues.""Performance could be better. We have a couple of problems with CyberArk right now. One of the problems is performance in our environment. Support also takes a long time to respond. If the user already has local admin rights, then I can't collect any events in the console from this device. There are also some options in CyberArk that are not working properly, and are not helpful in this case. I can't collect any information to create a proper policy for the device. I have to investigate everything manually, or even disable the local admin from the device. I can collect the events only after this, and it's very time consuming. In my case, it's a waste of resources.""Compared to other tools like Linux, this solution isn't as user-friendly.""The price of the solution should improve."

More CyberArk Endpoint Privilege Manager Cons →

"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get.""Integrating this with third-party systems has some complexity involved.""I would like to see the next generation of the tool improved to work with other operating systems, like Linux.""Its detection is not as quick. There should also be more frequent updates.""It is using a large space in your memory all the time. While an antivirus will use some of your memory, if they could reduce the load of the antivirus to some extent that would be good.""Features like device inventory continue to lack essential workstation drill-downs showing the entire device information with the least effort.""The dashboard customization could be improved.""My main issue with the tool is that there are too many menus. This causes a steep learning curve for those without training or unfamiliar with Defender for Endpoint. From an end-user perspective, the solution is there on the machine and does its job; it works seamlessly. However, as a security professional dealing with it behind the scenes, the learning curve can be steep, but not too steep. Still, it has taken some of my analysts up to a month to get familiar with the product."

More Microsoft Defender for Endpoint Cons →

Pricing and Cost Advice
  • "Pricing depends on how many devices you use. Right now, on-premise, it costs us a little, but it's worth it. It seems like the cloud solution is much more expensive. We got this solution one year ago, and it's like we bought the solution, and now they are not going to support it on-premise anymore. We are in the implementation phase, and we missed this, and we already paid for the licenses. This is wasted time from my perspective, and CyberArk should be more customer-friendly."
  • "The cost for CyberArk is very high."
  • "The price of CyberArk Endpoint Privilege Manager is expensive."
  • "The price of CyberArk Endpoint Privilege Manager is expensive. The solution is priced based on the number of accounts onboarded and the number of concurrent sessions. Everyone else is included in the price, such as support."
  • "We pay about $17 per user."
  • More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →

  • "I got it with the Microsoft Windows license."
  • "It is within the same range as other products. It is not too expensive, and it is also not cheap. Its price can be better, but, well, it is Microsoft."
  • "Currently, for us, Windows Defender is free with the purchase of Windows Server. Pricing is an important point for us when we are looking at the competitors of this solution. If we choose to go with another vendor, we will have to pay some license fees."
  • "The solution is an open source version and was free with a paid version of Windows 10."
  • "This is an expensive product and licensing for all Microsoft products is a big issue."
  • "Licensing options vary. Some customers buy it as an enterprise agreement and pay yearly. Others buy it as a CSP, so they pay per month. It completely depends on the customer's needs."
  • "It's included with the Windows Operating System, I don't pay for any licensing fees."
  • "You need a license to use this solution."
  • More Microsoft Defender for Endpoint Pricing and Cost Advice →

    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    655,465 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpoint… more »
    Top Answer:The department management aspect of the solution is the most valuable aspect.
    Top Answer:I'm more on the technical side. I don't typically deal with the pricing of products. I can't speak to the licensing, how it works, or how much it costs. That's handled by a different team.
    Top Answer:Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-based… more »
    Top Answer:We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature but… more »
    Average Words per Review
    Average Words per Review
    Also Known As
    Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
    Learn More

    What is CyberArk Endpoint Privilege Manager?

    CyberArk Endpoint Privilege Manager enables organizations to enforce least privilege policies for business and administrative users, as well as control applications to reduce the attack surface on Windows, Mac and Linux platforms. The solution helps organizations revoke everyday local administrator privileges from business users while seamlessly elevating privileges when required by trusted applications. CyberArk Endpoint Privilege Manager also enables security teams to enforce granular least privilege policies for IT administrators, helping organizations effectively segregate duties on Windows and Linux servers. Complementing these privilege controls, the solution also delivers comprehensive protection from credential theft, actively defending operating system, browser and management application credential stores and defusing critical TTPs that routinely enable large-impact breaches. Easy-to-configure anti-ransomware policy prevents malicious data encryption and exfiltration.

    CyberArk Endpoint Privilege Manager is 100% SaaS solution. It offers out-of-the-box configurations that can be applied with a single click, instantly closing security gaps and delivering value. It also offers integrations with third-party security solutions, such as SIEMs, identity providers, threat intelligence providers and others.

    Microsoft Defender for Endpoint is a complete endpoint security solution that delivers preventative protection, post-breach detection, automated investigation, and response. With Defender for Endpoint, you have: 

    Agentless, cloud powered - No additional deployment or infrastructure. No delays or update compatibility issues. Always up to date. 

    Unparalleled optics - Built on the industry’s deepest insight into Windows threats and shared signals across devices, identities, and information. 

    Automated security - Take your security to a new level by going from alert to remediation in minutes—at scale. 

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
    Learn more about CyberArk Endpoint Privilege Manager
    Learn more about Microsoft Defender for Endpoint
    Sample Customers
    Petrofrac, Metro CSG, Christus Health
    Top Industries
    Manufacturing Company29%
    Energy/Utilities Company14%
    Security Firm14%
    Computer Software Company14%
    Computer Software Company17%
    Financial Services Firm12%
    Comms Service Provider7%
    Insurance Company7%
    Financial Services Firm20%
    Computer Software Company16%
    Energy/Utilities Company7%
    Manufacturing Company7%
    Computer Software Company19%
    Comms Service Provider10%
    Financial Services Firm8%
    Company Size
    Small Business56%
    Midsize Enterprise6%
    Large Enterprise39%
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise71%
    Small Business40%
    Midsize Enterprise17%
    Large Enterprise43%
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    Buyer's Guide
    CyberArk Endpoint Privilege Manager vs. Microsoft Defender for Endpoint
    May 2022
    Find out what your peers are saying about CyberArk Endpoint Privilege Manager vs. Microsoft Defender for Endpoint and other solutions. Updated: May 2022.
    655,465 professionals have used our research since 2012.

    CyberArk Endpoint Privilege Manager is ranked 8th in Privileged Access Management (PAM) with 9 reviews while Microsoft Defender for Endpoint is ranked 1st in EPP (Endpoint Protection for Business) with 123 reviews. CyberArk Endpoint Privilege Manager is rated 7.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of CyberArk Endpoint Privilege Manager writes "An endpoint security solution with a useful admin rights management feature, but performance could be better". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Enables ingestion of events directly into your SIEM/SOAR, but requires integration with all Defender products to work optimally". CyberArk Endpoint Privilege Manager is most compared with CrowdStrike Falcon, BeyondTrust Endpoint Privilege Management, Tanium, Carbon Black CB Defense and SentinelOne, whereas Microsoft Defender for Endpoint is most compared with Sophos Intercept X, CrowdStrike Falcon, Symantec Endpoint Security, Cortex XDR by Palo Alto Networks and SentinelOne. See our CyberArk Endpoint Privilege Manager vs. Microsoft Defender for Endpoint report.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.