Darktrace vs Microsoft Defender for Endpoint comparison

You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Darktrace and Microsoft Defender for Endpoint based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Proofpoint, TitanHQ and others in Email Security.
To learn more, read our detailed Email Security Report (Updated: November 2023).
745,341 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"Microsoft Defender for Office 365 is a stable solution.""Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack.""I like its investigation capabilities, as that is what is most important to me. It is fairly simple with a user-friendly interface.""It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the e-mail to the workstation itself.""The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance.""The basic features are okay and I'm satisfied with the Defender.""The initial setup was easy.""Does a thorough job of examining email and URLs for malicious content."

More Microsoft Defender for Office 365 Pros →

"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.""Provides great network protection.""The most valuable feature of Darktrace is the AI that detects abnormal network activity.""The initial setup is simple.""The NDR is good in their solution and they have NTG for email.""The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff.""The platform has many modules, and each module examines a different situation in the behavior.""Technical support is helpful and responsive."

More Darktrace Pros →

"The integration of Defender, Security Center, and the Microsoft compliance score, is the feature we use most to share the results with our clients and to create a roadmap together.""It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool.""You have endpoint security to keep your devices safe. That's the feature that we're interested in.""The ransomware and malware protection is the most valuable feature.""Because it has been integrated with the OS, we get the entire software inventories, and we even get access to the registries. Those are the primary features.""This solution definitely increases our security posture. When you are reviewing your existing fleet or endpoints and based on the configuration that you put out of your Defender for Endpoint, you then receive a security score from Microsoft. Depending on what rules you have configured, what policies you have deployed, and what attack surface reduction rules that you have set up and deployed, it is almost gamifying information security in the sense that you are always trying to achieve a higher score. The more hardening you perform on your endpoints, the better score you receive. This generally tends to give you a better peace of mind, but also makes you secure at the same time.""The performance of Microsoft Defender for Endpoint has been a valuable feature.""In my opinion, the most valuable aspects are the reporting analytics and integration with Sentinel. Defender does an excellent job of correlating the different entities that comprise threat analysis, analytics data, and log analytics. It helps to piece together investigations into any exploit or malicious activity within a specific tenant. AI and analytics tools are probably the most valuable components."

More Microsoft Defender for Endpoint Pros →

"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically.""They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.""Several simulation options are available within 365, and the phishing simulation could be better.""The UI needs to be more user-friendly.""There is room for improvement in terms of reporting.""Too many false positives and lacks an accurate capability to detect malicious SharePoint sites.""One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration.""We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."

More Microsoft Defender for Office 365 Cons →

"The main portal needs improvement as it is difficult to use.""It's quite expensive to have.""I think there is some MSSP missing.""It's a very complex platform.""They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity.""There aren't so many third-party vendor platforms natively integrated with the platform.""I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets.""The initial setup is more complex and time-consuming than some solutions."

More Darktrace Cons →

"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management.""If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help.""I have accounts for administrators and corporate employees, but I also have accounts for students. I can't split these types of accounts. I need a separate configuration for both... I need to research how I can get alerts for only the administrative machines.""The time it takes to implement policies has room for improvement.""The integration and effectiveness of email security could be better. It's already built-in to the solution and checks emails, scans the links they contain etc.""The UI for Microsoft Defender for Endpoint needs to be better. Integration with client dashboards is also lacking in this product, e.g. client dashboards shouldn't just be viewable from the cloud, because when the client's computer is offline, you won't be able to see the client dashboard.""If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us.""I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."

More Microsoft Defender for Endpoint Cons →

Pricing and Cost Advice
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • "Defender for 365 comes in various plans and licenses, along with other Microsoft security solutions. Purchasing this kind of package or security bundle gives good value for money, and that's what I recommend."
  • "The pricing is normal. Considering its popularity, it's not overpriced."
  • "The solution could be better by simplifying the business model of their licensing. It was hard to figure out how to get the licensing done for the environment, initially."
  • "It is much more expensive than using another solution because we have had to include some options and upgrade our license."
  • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "It's an expensive solution."
  • "It is pretty expensive, but it is worth it. Its licensing is yearly."
  • "The cost of the solution is expensive for smaller businesses. They will not be able to afford it or might not need this type of security solution."
  • "If you consider the features and the cost of market leaders, we are satisfied with the pricing."
  • "All of the other modules, such as the licensing modules, are on par. It's one for one."
  • "The pricing is expensive. It costs over $100,000 a year."
  • "Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year."
  • "It is expensive."
  • More Darktrace Pricing and Cost Advice →

  • "We pay a yearly license for Microsoft Defender. We also have a support contract with them."
  • "The solution is free with Windows."
  • "You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection."
  • "The solutions price could be cheaper."
  • "Microsoft has different plans for buying this product. The price depends on the configuration of the full set of products that you buy and on the licensing program in your contract."
  • "Licensing models of Microsoft are renowned for being complex. We just purchased the whole E5 stack. With E5 licenses for users, we get access to a bunch of features that are not just related to security. I would rate them a three out of five in terms of pricing."
  • "This solution is part of an enterprise license we have."
  • "Compared to ESET, the pricing for Microsoft Defender for Endpoint is on the higher side."
  • More Microsoft Defender for Endpoint Pricing and Cost Advice →

    Use our free recommendation engine to learn which Email Security solutions are best for your needs.
    745,341 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The two main features that prove most beneficial for us are URL scanning and attachment scanning.
    Top Answer:For small and medium organizations, the pricing might not be affordable. Although Microsoft Defender for Office 365 is a… more »
    Top Answer:Microsoft Defender for Office 365 should be more proactive. As a major global player, Microsoft possesses the platform… more »
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Top Answer:One thing I appreciate is Antigena Email, which is for email protection.
    Top Answer:Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface… more »
    Top Answer:We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Also Known As
    MS Defender for Office 365
    Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
    Learn More

    Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.

    With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.

    This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.

    Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.

    Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.

    Darktrace (DARK.L), a global leader in cyber security artificial intelligence, delivers complete AI-powered solutions in its mission to free the world of cyber disruption. Breakthrough innovations from the Darktrace Cyber AI Research Centre in Cambridge, UK and its R&D centre in The Hague, The Netherlands have resulted in over 135 patent applications filed and significant research published to contribute to the cyber security community. Darktrace’s technology continuously learns and updates its knowledge of 'you' for an organization and applies that understanding to achieve an optimal state of cyber security. It is delivering the first ever Cyber AI Loop, fuelling a continuous end-to-end security capability that can autonomously prevent, detect, and respond to novel, in-progress threats in real time. Darktrace employs over 2,200 people around the world and protects over 8,400 organizations globally from advanced cyber-threats. It was named one of TIME magazine’s ‘Most Influential Companies’ in 2021.


    Darktrace Cyber AI Loop™

    The first-ever, adaptive feedback system with a deep, interconnected understanding of the enterprise. The Darktrace Cyber AI Loop represents a first-mover innovation, creating a virtuous cycle in which each capability interacts to strengthen and harden the entire security ecosystem. It allows organizations to not just prevent, detect, respond, and heal from cyber-attacks – but to do all of these all at once.

    ● Empowers bespoke and continuously evolving security solutions based on mathematical models unique to each organization, regardless of size or complexity.

    ● Delivers an end-to-end solution accessing the core Self-Learning AI technology, which provides visibility into the entire, ever-changing digital ecosystem.

    ● Integrates AI engines in each product family to augment all others as the organization changes. The whole is at all times greater than the sum of the parts.

    ● Continually learns and updates its knowledge of how an organization operates, enabling it to spot zero days, insider threats, and novel threats that get through most defenses.

    ● Lifts up security teams by elevating decisions and delivering threat analysis as always-on solutions work autonomously in the background to deliver at the scale of the enterprise.

    Darktrace PREVENT™️

    Proactive AI engine to predict and pre-empt the highest priority cyber-attacks, working inside the organization
    and outside on the attack surface. Part of the Darktrace Cyber AI Loop™.

    ● Harden defenses proactively

    ● Identify and prioritize risks

    ● Conduct continuous around-the-clock testing

    ● Emulate attacks to test vulnerabilities

    ● Continuously communicate outcomes to the AI Loop

    Darktrace DETECT™ + RESPOND™

    Built on patented AI that learns you, using the unique footprints of your everyday operations to identify any unusual behavior that could indicate an attack. Responds instantly to contain any attacks detected. Part of the Darktrace Cyber AI Loop™.

    ● Works across entire digital ecosystem

    ● Protect from known and unknown attacks

    ● Gets stronger as it learns

    ● Feeds insight into the AI Loop

    Darktrace Email

    Darktrace/Email defends the network against malicious emails that evade the email gateway, introducing intelligent autonomous response into the flow of email traffic. Darktrace’s rich understanding of user relationships, communications, and network activity allows Darktrace/Email to quickly contextualize events, and respond only to genuine threats, stopping them before they reach the user.

    Darktrace Endpoint

    Darktrace’s endpoint capability extends Darktrace Detect and Respond to those devices which have left the network, protecting them from known and novel attackers as well as mitigating the risk of accidental or intentional data theft, compliance issues, use of non-approved software etc.

    Darktrace Apps

    Darktrace/Apps stops insider threats, account takeovers, and critical misconfigurations. As a cloud-native solution powered by AI, it can continuously analyse behaviours and relationships across diverse cloud platforms and services, from AWS and Azure, to Salesforce, Dropbox, and Office 365. This enterprise-wide context enables the system to only act on high-confidence threats as they emerge within ephemeral workloads and diverse multi-cloud environments.

    Darktrace Heal

    Coming 2023

    Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

    With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

    Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

    Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

    Learn more about Microsoft Defender for Office 365
    Learn more about Darktrace
    Learn more about Microsoft Defender for Endpoint
    Sample Customers
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
    Petrofrac, Metro CSG, Christus Health
    Top Industries
    Computer Software Company17%
    Manufacturing Company17%
    Comms Service Provider13%
    Financial Services Firm7%
    Computer Software Company17%
    Financial Services Firm8%
    Manufacturing Company7%
    Financial Services Firm20%
    Computer Software Company13%
    Healthcare Company7%
    Manufacturing Company7%
    Computer Software Company16%
    Financial Services Firm7%
    Comms Service Provider7%
    Financial Services Firm19%
    Computer Software Company16%
    Energy/Utilities Company7%
    Comms Service Provider7%
    Educational Organization20%
    Computer Software Company13%
    Financial Services Firm7%
    Company Size
    Small Business43%
    Midsize Enterprise14%
    Large Enterprise43%
    Small Business29%
    Midsize Enterprise19%
    Large Enterprise52%
    Small Business50%
    Midsize Enterprise21%
    Large Enterprise29%
    Small Business29%
    Midsize Enterprise18%
    Large Enterprise52%
    Small Business40%
    Midsize Enterprise17%
    Large Enterprise43%
    Small Business23%
    Midsize Enterprise31%
    Large Enterprise47%
    Buyer's Guide
    Email Security
    November 2023
    Find out what your peers are saying about Microsoft, Proofpoint, TitanHQ and others in Email Security. Updated: November 2023.
    745,341 professionals have used our research since 2012.

    Darktrace is ranked 13th in Email Security with 39 reviews while Microsoft Defender for Endpoint is ranked 1st in EPP (Endpoint Protection for Business) with 92 reviews. Darktrace is rated 8.4, while Microsoft Defender for Endpoint is rated 8.2. The top reviewer of Darktrace writes "A stable, scalable, and valuable tool that provides excellent network monitoring". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "You can access all your security data and telemetry from a single pane of glass". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cisco Secure Network Analytics and Cortex XDR by Palo Alto Networks, whereas Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, Symantec Endpoint Security, CrowdStrike Falcon, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks.

    We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.