No more typing reviews! Try our Samantha, our new voice AI agent.

Microsoft Defender for Endpoint vs Symantec Advanced Threat Protection comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 1, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Advanced Threat Protection (ATP)
5th
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
212
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (3rd)
Symantec Advanced Threat Pr...
Ranking in Advanced Threat Protection (ATP)
22nd
Average Rating
7.8
Reviews Sentiment
7.1
Number of Reviews
16
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Advanced Threat Protection (ATP) category, the mindshare of Microsoft Defender for Endpoint is 5.8%, down from 7.6% compared to the previous year. The mindshare of Symantec Advanced Threat Protection is 2.1%, up from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP) Mindshare Distribution
ProductMindshare (%)
Microsoft Defender for Endpoint5.8%
Symantec Advanced Threat Protection2.1%
Other92.1%
Advanced Threat Protection (ATP)
 

Featured Reviews

Robert Arbuckle - PeerSpot reviewer
Security Analyst III at a healthcare company with 10,001+ employees
Automatically isolates threats and integrates with logging to reduce response time
Overall, I would evaluate the Microsoft support level that I receive at probably about a seven, but that depends on the day. It has been spotty. We have had issues where the urgency level of the Microsoft support is not as high as ours, especially during a data breach or potential data breach situation. We have had issues with some of the offshore support being lackluster. One specific thing that comes to mind is we were on a support call with our CISO on the call, and the Microsoft agent, who did not actually work for Microsoft, is one of the vendors that Microsoft uses for support, said, "Just to set expectations, my lunch break is in an hour and I am going to go away then." For us, it was already ten o'clock at night and we had been working on this for a couple of hours, trying to get a security engineer on with us. For him to tell us that he was going to go away and have lunch, it was, "Okay, but go find somebody else if you need to." It was just the lackluster approach, and it seemed like he did not really care. We seem to get a lot of this when we get non-Microsoft support. I can identify areas for improvement with Microsoft Defender for Endpoint, as it is kind of a convoluted mess to try to take care of false positives. Especially when they have been identified as false positives but they keep going off over and over again. It is great for my pocketbook because it generates a lot of on-call action, but I would really prefer more sleep at two o'clock in the morning than dealing with false positives. I would say that the unified portal for managing Microsoft Defender for Endpoint is suitable for both teams as they are all in there. It would be great if they would stop moving things around and renaming things, which makes sense. The new XDR portal is pretty nice. Being able to have it central again inside of the regular Security Center without having to open up two windows is helpful. Overall, I think it is pretty good. There is always going to be something that could be improved, such as alerting and the ability to modify alerts would be a little bit helpful to have. Being able to add more data into the alerts and turn off alerts that are not as useful would be beneficial. It is hard to say what the quantitative impact the security exposure management feature has had on our company's security, because a lot of it is kind of subjective. I think we are sitting at around a fifty percent score still, and a lot of it is just kind of unusual circumstances that we cannot really implement without breaking the organization.
TapabrataSamanta - PeerSpot reviewer
Lead Architect at Zones
Reliable platform with effective integration capabilities
Our primary use case for the product is to provide advanced threat protection to our clients, primarily in the banking and financial sectors Symantec ATP has been beneficial in ensuring robust security for our clients. Its effectiveness in detecting and mitigating threats has improved customer…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"You get what you pay for, it's an integrated solution, and there isn't a better one on the market."
"The solution's threat protection is mostly AI and machine-learning based. That is the most important feature of the product. It also offers centralized management so I can remotely manage devices."
"There are several features that have helped to improve our security posture at the prevention level, such as the attack surface reduction controls and the exploit prevention control."
"We use Microsoft Defender for the antivirus."
"Microsoft Defender can block some viruses or malware, so it can protect my files, and it can save files on Office 365 OneDrive, where I use encryption for some files and can then recover them from OneDrive."
"Within its class I think, it has a high and decent detection rate."
"The EDR feature is most valuable."
"We had some problem and, after four hours, we had new signatures for the environment by our customers for more than a thousand clients so that we can protect and improve the new setup."
"The great advantage in using this product is it creates multiple services."
"You don't have to buy a separate email security platform. You can enable that using their endpoint, and I like that. You don't have to have two agents running on the same box."
"The most valuable feature is Click-time URL protection."
"Currently we have 800-plus nodes connected with this solution, without any issues. The solution is scalable."
"The stability is excellent."
"The Application Control code and the easy integration are valuable features."
"The most valuable feature is NetFlow threat protection."
"They have a very simple and easy implementation; they have been around for a long time, and they have been very easy to deploy, support, and manage."
 

Cons

"One thing that was lacking in Defender was web filtering. Its web filtering wasn't as comprehensive. Sophos was a little bit better than Defender for blocking URLs or installing programs."
"Sometimes it's complicated. It's not intuitive in terms of installation and deployment."
"I have accounts for administrators and corporate employees, but I also have accounts for students. I can't split these types of accounts. I need a separate configuration for both... I need to research how I can get alerts for only the administrative machines."
"The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened."
"We encountered some misbehavior between Microsoft Office Suite and Defender. We had issues of old macros being blocked and some stuff going around the usage of Win32 APIs. There is some improvement between the Office products and Defender, and there is a bunch of stuff that you can configure in your antivirus solutions, but you have several baselines, such as security baselines for Edge, security baselines for Defender, and security baselines for MDM. You have configuration profiles as well. So, there a lot of parts where we can configure our antivirus solution, and we're getting conflicting configurations. This is the major part with which we're struggling in this solution. We are having calls and calls with Microsoft for getting rid of all configuration conflicts that we have. That's really the part that needs to be improved."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"In terms of improvements for their technical support, a focus on enhancing response times could be beneficial."
"More hooks and more reporting would be beneficial. More proactive reporting would be ideal."
"Not ideal for advanced threat protection."
"They could enhance the solution to work across all devices, including Android, iOS, and Mac, and make it more user-friendly."
"One area for improvement could be the pricing model."
"It should be able to collect information if the agent is disabled."
"The support team that Symantec offers didn't know how to solve issues even though they referred to themselves as "engineers"."
"It's a strange situation where the infrastructure of the consumer or customer is behind some kind of firewall and they have always used some kind of customized proxy. In this situation, the ATP has a very tough time to pass the information to the cloud and back. To fix, it requires a more elaborate and complex configuration for that particular case."
"There are limits with respect to blocking files by hash value or blocking IP addresses, and these limits should be removed."
"The administration interface needs a lot of improvement. It should be UI-based and simple."
 

Pricing and Cost Advice

"The pricing is competitive."
"It is free."
"Buying individual point products would've cost us a lot more money than one integrated solution that also capitalizes on Teams Voice and things of that nature. Given our size, buying individual products would have easily cost us a million dollars."
"I recently switched from education to private business, and all I can say is that private business licensing from Microsoft is not cheap until you hit certain quantities or scale. That does not mean that it is not comparable to other industries. It is similar pricing, but it is still crazy to me how much you pay for a client. I feel it is high, but it is in line with other vendors."
"It is so expensive. It isn't cheaper than McAfee or other solutions."
"Most people don't realize M365/E5 licenses are an amazing deal. They think "Oh, it's expensive," and I'll ask, "Compared to what?" If you don't have it you will have to buy licenses for multiple products to fill the same security space that you would have gotten with the Microsoft product. Go figure out how much it costs you per product, per user, and then come back and tell me how things add up financially."
"Pricing can always be lower."
"I don't know the standalone costs. It is my understanding that the M365 E5 is $56 a month or something close to that pricing. That would be for the full suite. Just Defender might be $8 a month. I can't say for sure."
"The price is quite expensive."
"Pricing is good. It is nice to have a great product at a fair price."
"Symantec Endpoint Protection has an average price."
"Symantec Advanced Threat Protection's pricing is comparable."
"The pricing of this solution is inexpensive and affordable."
report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
10%
Financial Services Firm
10%
Computer Software Company
9%
Comms Service Provider
8%
Manufacturing Company
11%
Financial Services Firm
11%
Marketing Services Firm
9%
University
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business82
Midsize Enterprise45
Large Enterprise96
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise3
Large Enterprise13
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
What needs improvement with Symantec Advanced Threat Protection?
One area for improvement could be the pricing model. Future releases could further enhance integration capabilities with other platforms and simplify the licensing model to compete more with Micros...
What is your primary use case for Symantec Advanced Threat Protection?
Our primary use case for the product is to provide advanced threat protection to our clients, primarily in the banking and financial sectors.
What advice do you have for others considering Symantec Advanced Threat Protection?
Symantec ATP has proven to be a reliable and effective solution. I rate it a nine out of ten.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
No data available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
ECI
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Symantec Advanced Threat Protection and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.