Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Microsoft Entra ID comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.2
Users report positive ROI from Microsoft Defender for Endpoint, citing cost savings, improved security, and effective system integration.
Sentiment score
7.6
Microsoft Entra ID reduces costs and enhances security by streamlining authentication and integrating seamlessly with Azure for improved efficiency.
The return on investment is primarily in time savings and better observability of what's happening.
We leverage existing licensing, like Windows Server or SQL, and hybrid benefits, and our sales and marketing teams benefit from co-selling and partnership advantages.
We get a return from not needing to pay other vendors to do what we already had from Microsoft, which was better than the competition.
The return on investment comes from not needing as many IT staff to manage and verify user identity and ensuring seamless device connection without needing to administer device compliance manually.
 

Customer Service

Sentiment score
6.6
Microsoft Defender for Endpoint's support is generally reliable, with mixed reviews on response time and resolution quality.
Sentiment score
6.7
Microsoft Entra ID support varies, with mixed satisfaction due to expertise inconsistency, but premier support and response times praised.
The level-one support seems disconnected from subject matter experts.
I rate Microsoft support 10 out of 10.
Due to our size, we don't have access to direct technical support, but the knowledge base, Microsoft Learn, and the articles available are really good.
The actual support when you get to that level is a ten out of ten.
There are immediate answers to any issues that arise with great knowledge and a deep understanding of the product and business needs.
It's not timely or professional.
 

Scalability Issues

Sentiment score
7.6
Microsoft Defender for Endpoint offers scalable integration and cloud-based management, but customization may need extra tools in complex settings.
Sentiment score
7.9
Microsoft Entra ID provides seamless scalability and reliability, effortlessly managing vast user numbers with flexible, automated resource adjustments.
We managed to scale it out in a short amount of time, with two months of planning and three months of implementation on 10,000 computers.
It's pretty easy to scale with Microsoft, as they make it easy if you look into the documentation.
Defender's scalability is phenomenal, and it's going to be one of the keys to resolving issues for the SOC.
We experienced no scalability issues with Microsoft Entra ID.
Its scalability is impressive, aided by Microsoft's efforts to expand its data centers.
When dealing with tens of thousands of objects, it requires proper management and best practices to retrieve only necessary data.
 

Stability Issues

Sentiment score
7.9
Microsoft Defender for Endpoint is stable, integrates well with Windows, but occasionally has configuration and memory issues.
Sentiment score
7.9
Microsoft Entra ID offers high reliability with minimal outages, swift issue resolution, and strong stability, earning user trust.
I haven't seen any outages with Microsoft.
I rate Defender 10 out of 10 for stability.
Defender for Endpoint is extremely stable.
It's a critical solution that we can't do without.
The stability of the solution is very high at 99.999%.
We rarely had significant problems or crashes.
 

Room For Improvement

Users criticize Microsoft Defender for Endpoint's complex interface, limited integration, and request enhancements in analytics, protection, and support.
Users urge improvements in Entra ID documentation, integration, price transparency, support, user interface, authentication, and licensing clarity.
Repeated interactions are necessary due to Level One's lack of tools and knowledge, hindering efficient problem-solving and negatively impacting our experience with Microsoft support.
We use Microsoft partners to help govern the platform, and as part of an alliance, we want to gather data from each tenant and combine them for a complete view.
You have to go through tons of documentation to find what you want.
A recent incident we dealt with took four months to resolve with a seven-day deadline, which was quite frustrating.
There is a need for better transformation support from on-premises Active Directory policies to the cloud, as Entra ID doesn't cover this sufficiently yet.
The frequent changes in branding cause confusion among customers who struggle to keep track of product names and functions.
 

Setup Cost

Microsoft Defender for Endpoint offers flexible, cost-effective pricing, especially in E5 bundles, adapting to various enterprise licensing needs.
Microsoft Entra ID offers affordable tiered pricing with discounts, featuring user-based costs tailored for enterprises with various security levels.
Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs.
The pricing, setup, and licensing were very easy and simple.
We are getting our money's worth.
Most features of Entra ID are part of Microsoft's ecosystem and included in Microsoft 365 bundles, which means there are no additional costs associated with pricing and licensing.
Compared to other Microsoft products, the cost is not too expensive.
 

Valuable Features

Microsoft Defender for Endpoint provides comprehensive cybersecurity with seamless integration, robust threat analytics, and efficient management across platforms without performance impact.
Microsoft Entra ID excels in user identity management with secure features, scalability, and seamless integration into the Microsoft ecosystem.
Defender for Endpoint's coverage across different platforms in our environment is pretty good. We have devices running Linux, Mac OS, Windows, iOS, and Android. It covers all of them.
Web filtering is the most valuable feature of Microsoft Defender for Endpoint because it effectively maintains security for website access.
Attack surface reduction and limiting attack surface vectors are valuable features.
We can secure the applications that we are building and make sure that if the application were to be compromised, there is no full access to a customer's environment causing issues and other security concerns.
It's integrated with Microsoft technologies like Authenticator, SSO, and MFA, streamlining operations and creating a seamless environment.
The granular control, such as preventing logins from specific locations, enhances security significantly.
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Microsoft Security Suite
6th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
190
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (2nd)
Microsoft Entra ID
Ranking in Microsoft Security Suite
3rd
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
218
Ranking in other categories
Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Identity and Access Management as a Service (IDaaS) (IAMaaS) (1st), Access Management (1st)
 

Mindshare comparison

As of February 2025, in the Microsoft Security Suite category, the mindshare of Microsoft Defender for Endpoint is 9.0%, up from 6.1% compared to the previous year. The mindshare of Microsoft Entra ID is 9.0%, up from 6.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Microsoft Security Suite
 

Featured Reviews

AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
Aaron Liang - PeerSpot reviewer
Has significantly improved secure access to applications and resources in our environment
Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment. The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users. Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.
report
Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
833,108 professionals have used our research since 2012.
 

Answers from the Community

Ronald Chavez - PeerSpot reviewer
Feb 20, 2023
Feb 20, 2023
In recent years Microsoft has really upped its game with Defender and Intune. As core cyber-security for an SME, keeping just to Microsoft is now a real option. The challenge is understanding the gaps / cyber security service weaknesses (if they exist) in comparison with other vendors such as ESET, Malwarebytes, Trend Micro, etc.
2 out of 4 answers
James OConnor - PeerSpot reviewer
Feb 15, 2023
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.   There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...   But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations. Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...
Gaurav Chandola - PeerSpot reviewer
Feb 16, 2023
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.        1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.        2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.         3. You can still use autopilot using both of these approaches. 
 

Top Industries

By visitors reading reviews
Educational Organization
28%
Computer Software Company
12%
Government
7%
Financial Services Firm
7%
Educational Organization
33%
Computer Software Company
10%
Financial Services Firm
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
How does Duo Security compare with Microsoft Authenticator?
We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...
What do you like most about Azure Active Directory?
It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
What is your experience regarding pricing and costs for Azure Active Directory?
We are an enterprise customer with an enterprise agreement in place with many of our partner companies, so there are no special questions or issues about pricing, setup cost, or licensing.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
 

Interactive Demo

 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Microsoft Entra ID and other solutions. Updated: January 2025.
833,108 professionals have used our research since 2012.