Microsoft Defender for Endpoint vs Microsoft Entra ID comparison

You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Microsoft Defender for Endpoint and Microsoft Entra ID based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Defender for Endpoint vs. Microsoft Entra ID Report (Updated: September 2023).
745,341 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"The attack surface reduction rules are the most valuable. We're able to have unattended remediation actions when the solution works side by side with a local antivirus like Microsoft Defender or Kaspersky. The attack surface reduction rules help us to proactively block and stop threats.""In my opinion, the most valuable aspects are the reporting analytics and integration with Sentinel. Defender does an excellent job of correlating the different entities that comprise threat analysis, analytics data, and log analytics. It helps to piece together investigations into any exploit or malicious activity within a specific tenant. AI and analytics tools are probably the most valuable components.""It's an enterprise solution that provides a centralized console and it supports all the platforms that we use, including Windows, Linux, Mac, iOS, and Android.""Endpoint's most valuable feature is deep analysis.""I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement.""It doesn't cause the slowness of the system, which is one of the reasons why I like it.""This solution definitely increases our security posture. When you are reviewing your existing fleet or endpoints and based on the configuration that you put out of your Defender for Endpoint, you then receive a security score from Microsoft. Depending on what rules you have configured, what policies you have deployed, and what attack surface reduction rules that you have set up and deployed, it is almost gamifying information security in the sense that you are always trying to achieve a higher score. The more hardening you perform on your endpoints, the better score you receive. This generally tends to give you a better peace of mind, but also makes you secure at the same time.""Defender works in the background monitoring the traffic for viruses."

More Microsoft Defender for Endpoint Pros →

"One of the most important is the Conditional Access. It helps affect a Zero Trust strategy positively.""The most valuable feature is the authentication platform.""My two preferred features are conditional access and privileged identity management.""It's multi-tenant, residing in multiple locations. The authentication happens quickly. Irrespective of whether I'm in Australia, the US, India, or Africa, I don't see any latency. Those are the good features that I rely on.""Privileged Identity Management (PIM), managed identities, dynamic groups, and extension and security attributes are all great features.""The single sign-on across multiple platforms is really the true advantage here. That gives you one ID and password for access to all your systems. You don't need to manage a plethora of different user IDs and passwords to all the systems that you're going to access.""The two-factor authentication provides an additional layer of security for our organizational data, so Microsoft Authenticator plays a crucial role in making our confidential data more secure.""The most valuable feature is the ease with which a person can log in remotely using only a password or pin without creating a profile or policy."

More Microsoft Entra ID Pros →

"Threat intelligence has the potential for improvement, particularly by integrating more sources.""The dashboard customization could be improved.""Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed.""Microsoft Defender for Endpoint is not as robust, and you cannot customize it much, so that's a challenge.""It should support non-Windows products better. Microsoft is now one of the leading vendors in the security area. So, they should be product-independent.""I would like MDE to have the ability to isolate a certain amount of time on the timeline.""Microsoft support could be more knowledgeable.""Defender's cloud integration could be improved."

More Microsoft Defender for Endpoint Cons →

"Many people believe that the Azure Active Directory is overly complicated and antiquated.""I had some issues with the Azure Active Directory on Windows XP. However, it worked well on Windows 7.""The custom role creation function could be improved as it's somewhat tricky to use.""Azure AD provides two types of features. One is Azure AD Excel and is already B2C. Out of both versions, Azure B2C requires some improvement, in terms of user management and role management, et cetera.""The only improvement would be for everything to be instant in terms of applying changes and propagating them to systems.""Technical support could be better.""I want to see more features to improve security, such as integrated user behavior analysis.""I hope, in the roadmap, Microsoft eventually offers the same features as Okta. It will take some more time to mature."

More Microsoft Entra ID Cons →

Pricing and Cost Advice
  • "We pay a yearly license for Microsoft Defender. We also have a support contract with them."
  • "The solution is free with Windows."
  • "You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection."
  • "The solutions price could be cheaper."
  • "Microsoft has different plans for buying this product. The price depends on the configuration of the full set of products that you buy and on the licensing program in your contract."
  • "Licensing models of Microsoft are renowned for being complex. We just purchased the whole E5 stack. With E5 licenses for users, we get access to a bunch of features that are not just related to security. I would rate them a three out of five in terms of pricing."
  • "This solution is part of an enterprise license we have."
  • "Compared to ESET, the pricing for Microsoft Defender for Endpoint is on the higher side."
  • More Microsoft Defender for Endpoint Pricing and Cost Advice →

  • "For you to make use of some of the security features, you need to upgrade your licenses. If it is possible, could they just make some features free? For instance, for the Condition Access policy, you need to set that up and be on Azure AD P2 licensing. So if they could make it free or reduce the licensing for small businesses, that would be cool, as I believe security is for everyone."
  • "It is a packaged license. We have a Premium P1 subscription of Office 365, and it came with that."
  • "It's relatively inexpensive in comparison with third-party solutions. It's highly available and supported by Microsoft Azure in our enterprise agreements. With the addition of their B2C tenants, it's hard to beat from a cost perspective now."
  • "The solution has three types of tiers: E1 has very basic features. You get limited stuff in E2 and cannot have Office 360 associated with it. E3 is on the costly side and has all the features."
  • "We don't really have a choice. It's the one shop in town. If you want this, you have to pay for it."
  • "The price of the solution's license is good."
  • "The price is fine. It's a good value for the money compared with other solutions."
  • "We have a yearly license."
  • More Microsoft Entra ID Pricing and Cost Advice →

    Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
    745,341 professionals have used our research since 2012.
    Answers from the Community
    Ronald Chavez
    Thomas Naylor - PeerSpot reviewerThomas Naylor
    Real User

    In recent years Microsoft has really upped its game with Defender and Intune.  As core cyber-security for an SME, keeping just to Microsoft is now a real option.  The challenge is understanding the gaps / cyber security service weaknesses (if they exist) in comparison with other vendors such as ESET, Malwarebytes, Trend Micro, etc.

    Russell Rothstein - PeerSpot reviewerRussell Rothstein

    Azure AD Services, Defender for Endpoint, and Intune are all Microsoft products, but it is important to understand how each product works as they may not be compatible and there may be some limitations.

    Devices managed through Intune may not have all of the Defender for Endpoint features. Some advanced features such as automated investigation and remediation may only be available for devices that are enrolled in Defender for Endpoint standalone. 

    In addition, Azure AD and Intune have different requirements for device enrollment and management. Intune requires devices to be enrolled and managed through an MDM solution, while Azure AD provides basic device management capabilities but may not support all of the features available in Intune. 

    Lastly, there may be limitations to how user identities and access are managed between Azure AD and Intune. Some features that are available in Azure AD, such as conditional access policies, may not suit Intune, and additional configuration may be required to ensure that user identities and access are properly managed across both services.

    If anyone out there has other experiences, please let me know!

    Gaurav Chandola - PeerSpot reviewerGaurav Chandola
    Real User

    It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.       

    1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.       

    2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.        

    3. You can still use autopilot using both of these approaches. 

    James OConnor - PeerSpot reviewerJames OConnor (Hypertec Direct)

    I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.  

    There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...  

    But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations.

    Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...

    Questions from the Community
    Top Answer:Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-based… more »
    Top Answer:We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution Microsoft Defender for Endpoint is a cloud-delivered endpoint security… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature but… more »
    Top Answer:We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier Duo Security is easy to configure and… more »
    Top Answer:Microsoft Entra ID Protection and Microsoft Sentinel are both excellent monitoring features for Microsoft Entra ID.
    Top Answer:Entra ID's pricing is comprehensive and affordable. The prices are easy to understand, and the licenses include a variety of security monitoring and additional features.
    Average Words per Review
    Average Words per Review
    Also Known As
    Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
    Azure Active Directory (Azure AD), Azure Active Directory, Microsoft Authenticator
    Learn More

    Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

    With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

    Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

    Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

    Secure access to any app or resource from anywhere

    Take advantage of adaptive identity and network access controls to secure access to any app or resource for every user or digital workload across your entire environment.

    Protect and verify every identity

    Implement consistent security policies for every user—employees, frontline workers, customers, partners—as well as apps, devices, and workloads across multicloud and hybrid.

    Provide only the access necessary

    Discover and right-size permissions, manage access lifecycles, and ensure least privilege access for any identity.

    Simplify the user experience

    Reduce IT friction and improve the hybrid workforce experience with seamless access to any resource, single sign-on, user self-service management, and automated lifecycle workflows.

    Learn more about Microsoft Defender for Endpoint
    Learn more about Microsoft Entra ID
    Sample Customers
    Petrofrac, Metro CSG, Christus Health
    Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak,, and more.
    Top Industries
    Financial Services Firm19%
    Computer Software Company16%
    Energy/Utilities Company7%
    Comms Service Provider7%
    Educational Organization20%
    Computer Software Company13%
    Financial Services Firm7%
    Financial Services Firm14%
    Computer Software Company14%
    Non Profit6%
    Educational Organization5%
    Educational Organization24%
    Computer Software Company12%
    Financial Services Firm10%
    Company Size
    Small Business40%
    Midsize Enterprise17%
    Large Enterprise43%
    Small Business23%
    Midsize Enterprise31%
    Large Enterprise47%
    Small Business33%
    Midsize Enterprise14%
    Large Enterprise54%
    Small Business19%
    Midsize Enterprise32%
    Large Enterprise50%
    Buyer's Guide
    Microsoft Defender for Endpoint vs. Microsoft Entra ID
    September 2023
    Find out what your peers are saying about Microsoft Defender for Endpoint vs. Microsoft Entra ID and other solutions. Updated: September 2023.
    745,341 professionals have used our research since 2012.

    Microsoft Defender for Endpoint is ranked 6th in Microsoft Security Suite with 92 reviews while Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 101 reviews. Microsoft Defender for Endpoint is rated 8.2, while Microsoft Entra ID is rated 8.8. The top reviewer of Microsoft Defender for Endpoint writes "You can access all your security data and telemetry from a single pane of glass". On the other hand, the top reviewer of Microsoft Entra ID writes "Saves time, creates a single pane of glass, and offers good conditional access features". Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, Symantec Endpoint Security, CrowdStrike Falcon, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks, whereas Microsoft Entra ID is most compared with Google Cloud Identity, Auth0, Yubico YubiKey, Microsoft Intune and Cisco Duo. See our Microsoft Defender for Endpoint vs. Microsoft Entra ID report.

    See our list of best Microsoft Security Suite vendors.

    We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.