Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Tanium comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
197
Ranking in other categories
Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Microsoft Security Suite (4th)
Tanium
Ranking in Endpoint Protection Platform (EPP)
31st
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
7.6
Reviews Sentiment
6.8
Number of Reviews
18
Ranking in other categories
Server Monitoring (5th), Vulnerability Management (21st)
 

Mindshare comparison

As of July 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Microsoft Defender for Endpoint is 10.4%, down from 14.0% compared to the previous year. The mindshare of Tanium is 2.5%, up from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Q&A Highlights

 

Featured Reviews

Sudhen Swami - PeerSpot reviewer
Easy to update with good protection and a useful cloud portal
We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.
NitinKushwaha - PeerSpot reviewer
Stable product with an ability to build complex roles
We use Tanium as an EDR solution for managing end-user devices and servers The product is granular and can build complex roles compared to other EDR vendors. Tanium's dashboard UI could be similar to CrowdStrike. We have been using Tanium for two and a half years. The product is stable. I rate…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution integrates very well with Windows applications and Microsoft endpoint products."
"Microsoft Defender for Endpoint is extremely stable."
"This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them."
"I've started to test it from the security point of view. There are plenty of features that are interesting, but at this time, the XDR functionality is most valuable. It is endpoint security on steroids."
"We have very good visibility on our endpoints. The level of information it throws back is helpful."
"The EDR feature is most valuable."
"The most valuable aspect lies in its automation capabilities, particularly within security automation."
"The investigation aspect is the most useful. It's user friendly and has a good user interface."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"Tanium has made the process of detecting threats more proactive with its detection. So, the process is easier and more efficient."
"I like the tool's incident response and security patching."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"I would say Tanium is the best tool for vulnerability management."
"The product is granular and can build complex roles compared to other EDR vendors."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
 

Cons

"Integrating this with third-party systems has some complexity involved."
"Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."
"Where we stand right now, compared to other products that are there in the market, they still have to work on their threat intelligence and the overall maturity of detecting the malware."
"There's a lot of manual effort involved to configure what we need."
"A single dashboard would be a significant improvement."
"Microsoft Defender for Endpoint could improve by providing more user-friendly dashboards. They may be complicated for some."
"With regards to the interface, a challenge I found was that there was not enough documentation on how to tune it. I had to read multiple sources on the internet to learn how to configure the tool appropriately."
"I would like to see improvements made to how it secures activities on web pages."
"We had some issues with the solution's OS upgrade."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"They could improve the UI."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
"Tanium required local admin or root rights on Mac devices, which did not comply with our security policies. This made the solution less suitable for our restrictive environment."
"The solution can give a lot of false positives."
 

Pricing and Cost Advice

"The solution comes as a part of Windows 10 and it is covered under its license."
"AV solutions are pretty expensive because they are necessary, not just for protection, but many businesses need them to comply with regulatory bodies and receive accreditation. We recently purchased an E5 license, which gives us access to the entire Microsoft suite. I would say the pricing is competitive; most tools of this kind are similarly priced. There are minor differences between the competitors, but they aren't spectacularly different. Defender for Endpoint makes sense because all our solutions are in the same place, paid for with a single license. The subscription price is around £50 per user per month, though it may have increased slightly."
"There is not a license required for this particular solution."
"Microsoft Defender for Endpoint is more affordable compared to some other endpoint solutions."
"It is free. It is included in Windows 10."
"We went for Microsoft Defender once we were informed that it would be part of our Office 365 package. So, we combined the licensing for the OS with Office 365. Yeah. We thought it was a good bargain."
"The solution is included with Microsoft Windows."
"Microsoft Defender for Endpoint is included with a Microsoft E5 license."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"The solution offers value for money."
"It is higher than some competitors in the market."
"The solution is expensive but it's a good investment."
"There is an annual license required to use this solution."
"It's an expensive solution. It would be nice if the cost were lower."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
14%
Computer Software Company
13%
Government
8%
Financial Services Firm
8%
Financial Services Firm
16%
Government
12%
Computer Software Company
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
What do you like most about Tanium?
Tanium’s linear-chain architecture is valuable.
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the core functions.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
No data available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Tanium and other solutions. Updated: May 2025.
859,687 professionals have used our research since 2012.