Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Open EDR comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
197
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Microsoft Security Suite (4th)
Open EDR
Ranking in Endpoint Detection and Response (EDR)
35th
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Microsoft Defender for Endpoint is 10.5%, down from 13.4% compared to the previous year. The mindshare of Open EDR is 1.0%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

John Rallo - PeerSpot reviewer
Offers excellent visibility into vulnerabilities and the attack surface itself
Attack surface reduction and limiting attack surface vectors are valuable features. It's helpful to isolate specific devices and get super granular with the features they offer. The visibility into the attack surface is good. It gets highly granular. I don't work on that side, but the people who do tell me they get more visibility.
Timothy Muriithi - PeerSpot reviewer
I also like the ability to remotely manage update packages on your systems, and the fact that there is an open source version
Setting OpenEDR was challenging at first, but I got it done by following their documentation and online videos. You need to install the client and configure it to work with their online open platform. Next, you have to configure it on the device if it's a phone. You input a cloud link to the EDR, so you can monitor it from the cloud. There isn't any maintenance aside from updating the client. It's mostly on the cloud.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We can run the virus scan across our entire environment."
"Web filtering is the most valuable feature of Microsoft Defender for Endpoint because it effectively maintains security for website access."
"Defender for Endpoint provides good visibility into threats and has favorable threat intelligence."
"We are a Microsoft shop, and Defender is a Microsoft solution that provides some security at a reasonable cost."
"It's absolutely free to use."
"The threat hunting service is very useful for a security professional."
"Technical support has been great."
"Defender provides useful alerts and groups them. It sends an alert to your portal if it detects any malicious activity, and you can group multiple alerts to form an incident."
"Comodo includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your systems. Comodo can even find a lost device and secure it remotely."
 

Cons

"The integration and effectiveness of email security could be better. It's already built-in to the solution and checks emails, scans the links they contain etc."
"Some of the integrations that Defender should include involve the use of the web app."
"The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads."
"They should bring back the feature of a dedicated proxy device for communication to the cloud. As of now, all the agents are required to send the logs directly to the cloud. There should be a solution where you can put a proxy and all the logs are consolidated, like a forwarder."
"It should support non-Windows products better. Microsoft is now one of the leading vendors in the security area. So, they should be product-independent."
"More integration with different platforms is an area for improvement for this product, and should be included in its next release."
"If you have multi-cloud like Google and AWS, the native solutions are better for those particular cases."
"There is a need for improvement in reducing false positives."
"Comodo includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your systems. Comodo can even find a lost device and secure it remotely."
 

Pricing and Cost Advice

"The solution is included with Microsoft Windows."
"The license for Microsoft Windows covers Microsoft Defender for Endpoint."
"The price for Microsoft Defender for Endpoint is about three euros, which is considered reasonably priced."
"Its price at the moment is very good because you get a lot of value for your money, especially with the subscriptions. If you have the E1, E3, or E5 enterprise subscription, you pay per month per user, and you get almost an infinite number of solutions. If you compare the price to the number of solutions that you get, it is a very good deal."
"It is built into Windows 10. If our clients are using Microsoft Defender, the cost goes away for them."
"I do not have to purchase antivirus solutions anymore because Microsoft Defender for Endpoint is integrated into Windows and comes free."
"The license cost is around $35 per machine, which is not expensive compared to other products."
"The price is higher than others because it is doing more than what the others are doing."
Information not available
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
862,499 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Government
8%
Financial Services Firm
8%
Manufacturing Company
8%
Computer Software Company
20%
Government
8%
Comms Service Provider
8%
Retailer
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
Ask a question
Earn 20 points
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
No data available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Information Not Available
Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.
862,499 professionals have used our research since 2012.