Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Morphisec comparison

Microsoft and Morphisec are both solutions in the Endpoint Protection Platform (EPP) category. Microsoft is ranked #1 with an average rating of 8.3, while Morphisec is ranked #56. Microsoft holds a 10.8% mindshare in EPP, compared to Morphisec’s 0.4% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 100% of Morphisec users who would recommend it.
Microsoft Defender for Endp...
Read 196 Microsoft Defender for Endpoint reviews
  • 30,707 Views
  • 24,393 Comparison Views
94% willing to recommend
Morphisec
Read 21 Morphisec reviews
  • 1,136 Views
  • 655 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Morphisec and Microsoft Defender for Endpoint compete in the endpoint security category. Morphisec leads in pricing and support, while Microsoft Defender for Endpoint has an edge in features.

Features: Morphisec is known for its lightweight agent, minimal system impact, and suitability for small to mid-sized environments. Microsoft Defender for Endpoint offers a broad range of threat detection capabilities, better integration with Microsoft environments, and is preferred for large-scale deployments.

Room for Improvement: Users of Morphisec suggest enhancements in advanced threat intelligence, expanded reporting, and possibly more scalability features. Users of Microsoft Defender for Endpoint see a need for performance optimization, lower false positives, and a more user-friendly interface.

Ease of Deployment and Customer Service: Morphisec is highlighted for its straightforward deployment process and responsive customer support. Microsoft Defender for Endpoint's deployment is more complex due to its extensive feature set, but users value the comprehensive documentation and strong support channels.

Pricing and ROI: Morphisec is considered cost-effective with a quick setup process, providing high ROI for smaller organizations. Microsoft Defender for Endpoint, though pricier, is justified by its advanced features and extensive protection capabilities, resulting in substantial ROI for larger enterprises.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Defender for Endpoint vs. Morphisec Report (Updated: April 2025).
Buyer's Guide
Microsoft Defender for Endpoint vs. Morphisec
April 2025
Download the complete report
Helped 850,671 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Advanced Threat Protection (ATP)
2nd
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
196
Ranking in other categories
Anti-Malware Tools (1st), Microsoft Security Suite (5th)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
56th
Ranking in Advanced Threat Protection (ATP)
34th
Ranking in Endpoint Detection and Response (EDR)
58th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (61st), Cloud Workload Protection Platforms (CWPP) (37th), Threat Deception Platforms (14th)
 

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Microsoft Defender for Endpoint is 10.8%, down from 14.4% compared to the previous year. The mindshare of Morphisec is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
Read full review
Islam Shaikh - PeerSpot reviewer
Lightweight, detects everything quickly, and takes corrective action
We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It was quite important to have extra security on our mobile platform because of geopolitical situations, as we are located close to some countries that represent a concern. Defender for Endpoint allows us automatic resolutions if a unit is compromised or if a user clicks a malicious link."
"The solution integrates very well with Windows applications and Microsoft endpoint products."
"Defender for Endpoint allows us automatic resolutions if a unit is compromised or if a user clicks a malicious link."
"We use Microsoft Defender for the antivirus."
"Overall, I recommend Microsoft Defender for Endpoint due to its features and capabilities, which cover more loopholes than other EDR solutions."
"We apply the DLP policies across a range of endpoints and it is very accurate when reporting vulnerabilities, including those in email attachments."
"I am using it for very simple purposes. It is perfect and quite effective. I have been using it for a while, and I have never had any virus infection, data leak, or other security breaches. It works fine for standalone purposes. If you log on to OneDrive, it has ransomware protection."
"Microsoft Defender for Endpoint is different from other security tools because we can configure it to use multiple types of scanning or archiving."
More Microsoft Defender for Endpoint pros
"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."
"We have seen it successfully block attacks that a traditional antivirus did not pick up."
"Morphisec has enabled us to become a lot less paranoid when it comes to staff clicking on things or accessing things that they shouldn't that could infect the whole system. Our original ransomware attack that happened came from someone's Google drive and then just filtered on through that. It has put our minds at ease a lot more in running it. It's also another layer of security that has been proven to be effective for us."
"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."
"What's valuable is really the whole kit and caboodle of the Morphisec agent. What it does is genius, in a way, until the bad guys get wise to it. You set it up and then you watch the dashboard. There isn't really much tinkering."
"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."
More Morphisec pros
 

Cons

"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"Some of the integrations that Defender should include involve the use of the web app."
"Microsoft Defender for Endpoint can use more advertising to promote their features."
"Microsoft Defender for Endpoint can improve by making the reporting faster. It takes some time to reflect back to the administration portal of what has been updated. For example, out of 100 Computers, approximately 90 computers received updates, but when you check the administration portal over one or two days, you will only see 75, even though 90 were updated."
"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."
"Phishing and Malware detection could be better."
"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management."
"We encountered some issues when we were trying to enable automatic updates from our group policy."
More Microsoft Defender for Endpoint cons
"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."
"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."
"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."
"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."
More Morphisec cons
 

Pricing and Cost Advice

"Its price at the moment is very good because you get a lot of value for your money, especially with the subscriptions. If you have the E1, E3, or E5 enterprise subscription, you pay per month per user, and you get almost an infinite number of solutions. If you compare the price to the number of solutions that you get, it is a very good deal."
"Microsoft Defender for Endpoint is included with a Microsoft E5 license."
"If we are acquiring everything in a single place, the front end becomes cost-effective."
"Microsoft has different plans for buying this product. The price depends on the configuration of the full set of products that you buy and on the licensing program in your contract."
"There is not a license required for this particular solution."
"The cost is competitive and reasonable because most of the expense is log analytics, storage, and data consumption and ingestion. These things can be throttled and controlled, so they are highly flexible. Defender has a lot of advantages over competing products."
"They are now doing it on an endpoint basis. It is based on the number of endpoints, which is good."
"Microsoft Defender ATP is expensive."
More Microsoft Defender for Endpoint pricing and cost advice
"The pricing is definitely fair for what it does."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
More Morphisec pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
850,671 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
24%
Computer Software Company
12%
Government
7%
Financial Services Firm
7%
Outsourcing Company
14%
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
See all answers
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
See all answers
Ask a question
Earn 20 points
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender for Endpoint Logo
CrowdStrike Falcon vs Microsoft Defender for Endpoint
Compared 8% of the time
Microsoft Intune vs Microsoft Defender for Endpoint Logo
Microsoft Intune vs Microsoft Defender for Endpoint
Compared 5% of the time
Symantec Endpoint Security vs Microsoft Defender for Endpoint Logo
Symantec Endpoint Security vs Microsoft Defender for Endpoint
Compared 5% of the time
F-Secure Total vs Microsoft Defender for Endpoint Logo
F-Secure Total vs Microsoft Defender for Endpoint
Compared 4% of the time
HP Wolf Security vs Microsoft Defender for Endpoint Logo
HP Wolf Security vs Microsoft Defender for Endpoint
Compared 4% of the time
More Microsoft Defender for Endpoint Competitors
CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 33% of the time
Halcyon vs Morphisec Logo
Halcyon vs Morphisec
Compared 15% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 12% of the time
Hyver vs Morphisec Logo
Hyver vs Morphisec
Compared 7% of the time
More Morphisec Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender for Endpoint
April 2025
Microsoft Defender for Endpoint reportDownload Microsoft Defender for Endpoint product report
Buyer's Guide
Morphisec
April 2025
Morphisec reportDownload Morphisec product report
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
Morphisec, Morphisec Moving Target Defense
 

Interactive Demo

Microsoft
Demo not available
Morphisec
 

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

  • Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
  • Memory Morphing: Hides processes to reduce attack surfaces
  • Signatureless Protection: Prevents threats without impacting performance
  • Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
  • Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

  • Quick Deployment: Fast setup without disrupting operations
  • Enhanced Protection: Provides an additional defense layer against advanced threats
  • Cost-Effectiveness: Works with existing licenses, minimizing extra investments
  • Improved Compatibility: Integrates smoothly with current antivirus systems
  • Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec
 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Buyer's Guide
Microsoft Defender for Endpoint vs. Morphisec
April 2025
Free Report: Microsoft Defender for Endpoint vs. Morphisec
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Morphisec and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,671 professionals have used our research since 2012.
See our Microsoft Defender for Endpoint vs. Morphisec report.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.