Microsoft Defender for Endpoint

Threats are no match.

Learn more Start free trial

Microsoft Digital
MicrosoftDefense Report
is conducting an online survey to understand
Get deep analysis of current threatoftrends
your opinions with extensive
the Microsoft Security website. If you
choose to participate, the online
insights on big-game ransomware, phishing, IoT threats, survey will be
presented to you
and nation-state when you leave the website.
activity.
Would
Read the you like to
report !
participate?

Yes No

Privacy Statement

Complete endpoint security

Discover and secure Windows, macOS, Linux, Android, iOS, and network devices against sophisticated threats.

Rapidly stop threats Scale your security Evolve your defenses

Gain the upper hand against Put time back in the hands of Advance beyond endpoint silos
sophisticated threats like defenders to prioritize risks and and mature your security based
ransomware and nation-state elevate your security posture. on a foundation for XDR and
attacks. Zero Trust.

Industry recognition
Forrester Gartner Forrester
Microsoft Defender is named a Leader Gartner® names Microsoft a Leader in Microsoft Defender for Endpoint is
in The Forrester New Wave™: the 2021 Magic Quadrant™ for named a Leader in The Forrester
Extended Detection and Response Endpoint Protection Platforms. 1,3 Wave™: Endpoint Security Software
(XDR) Providers, Q4 2021. 2,4 a Service, Q2 2021. 4,5
Read more !
Read the blog ! Read the blog !
 Industry recognition

Forrester
Microsoft Defender is named a Leader in The Forrester New Wave™: Extended Detection
and Response (XDR) Providers, Q4 2021. 2,4

Read the blog !

Gartner
Gartner® names Microsoft a Leader in the 2021 Magic Quadrant™ for Endpoint
Protection Platforms. 1,3

Read more !

Forrester
Microsoft Defender for Endpoint is named a Leader in The Forrester Wave™: Endpoint
Security Software as a Service, Q2 2021. 4,5

Read the blog !

MITRE
Microsoft leads in real-world detection in MITRE ATT&CK evaluation.

Read more !

Industry antivirus tests

Our antimalware capabilities consistently achieve high scores in independent tests.

Read more !
 " View full size More about this diagram

Microsoft Defender for Endpoint delivers industry-leading endpoint

security for Windows, macOS, Linux, Android, iOS, and network
devices and helps to rapidly stop attacks, scale your security
resources, and evolve your defenses. It’s delivered at cloud scale,
with built-in AI that reasons over the industry’s broadest threat
intelligence. Our comprehensive solution enables discovery of all
endpoints and even network devices, such as routers, in your
environment. It offers vulnerability management, endpoint
protection, endpoint detection and response (EDR), mobile threat
defense, and managed hunting all in a single, unified platform.

Eliminate the blind spots in your environment

Learn more !

Capabilities

Discover vulnerabilities and Get expert-level threat monitoring

misconfigurations in real time and analysis
Bring security and IT together with threat and Empower your security operations centers with
vulnerability management to quickly discover, Microsoft Threat Experts. Get deep knowledge,
prioritize, and remediate vulnerabilities and advanced threat monitoring, analysis, and support
misconfigurations. to identify critical threats in your unique
environment.
Learn more !
Read the blog ! Watch the video !
 Explore the interactive guide !

Quickly go from alert to Block sophisticated threats and

remediation at scale with malware
automation Defend against never-before-seen, polymorphic
Automatically investigate alerts and remediate and metamorphic malware and fileless and file-
complex threats in minutes. Apply best practices based threats with next-generation protection.
and intelligent decision-making algorithms to
Learn about next-gen protection !
identify active threats and determine what action to
take. Learn about behavioral blocking and
Watch the video !
containment !

Learn why you should turn on automation

today !

Detect and respond to advanced Eliminate risks and reduce your

attacks with behavioral monitoring attack surface
Spot attacks and zero-day exploits using advanced Use attack surface reduction to minimize the areas
behavioral analytics and machine learning. where your organization could be vulnerable to
threats.
Learn how to investigate incidents !
Learn about attack surface reduction !
Watch the advanced hunting webinar !
Learn about web protection !

Integrated threat protection with SIEM &

XDR

Microsoft empowers your organization’s defenders by putting the right tools and
intelligence in the hands of the right people. Combine SIEM and XDR to increase
 efficiency and effectiveness while securing your digital estate.

Learn more about threat protection

Microsoft 365 Defender Microsoft Sentinel Microsoft Defender for Cloud

Microsoft 365 Defender

Prevent and detect attacks across your Microsoft 365 workloads with built-in XDR capabilities.

Learn more about Microsoft 365 Defender !

Additional capabilities

Secure your mobile Quickly evaluate Streamline and Simplify endpoint

devices
Microsoft Defender for
Endpoint offers mobile
threat defense capabilities
for Android and iOS.
Learn more ! workflows with rich APIs.
capabilities
Fully evaluate our
capabilities in a few simple
steps in the Microsoft
Defender for Endpoint
evaluation lab.
Learn more !
integrate with APIs security
Integrate Microsoft management
Defender for Endpoint Use a single pane of glass
with your security for endpoint configuration,
solutions and streamline deployment, and
and automate security management with
Microsoft Endpoint
Manager.
Connect with APIs !

Learn about endpoint

security management !
 Compare flexible purchase options
Explore the comprehensive security capabilities in Microsoft Defender for Endpoint P2, coming soon with Microsoft
365 E5, and Microsoft Defender for Endpoint P1, included with Microsoft 365 E3.

Swipe to view more plans

# !
See what our
customers are
saying
Read their stories !
 Microsoft Defender for Business

Learn more !

Learn about our partners

ArcSight Demisto SafeBreach

Pull Microsoft Defender for Endpoint
detections into the ArcSight Security
Information Event Management
(SIEM) solution.
Learn more !
Enable your security team to Gain visibility into the types of attacks
orchestrate and automate endpoint Microsoft Defender for Endpoint is
security monitoring by integrating blocking using insight from
Demisto with Microsoft Defender for correlations with SafeBreach attack
Endpoint. simulations.
Learn more ! Learn more !

Learn about our partners

ArcSight
Pull Microsoft Defender for Endpoint detections into the ArcSight Security Information Event
Management (SIEM) solution.

Learn more !

Demisto
Enable your security team to orchestrate and automate endpoint security monitoring by
integrating Demisto with Microsoft Defender for Endpoint.

Learn more !

SafeBreach
Gain visibility into the types of attacks Microsoft Defender for Endpoint is blocking using insight
from correlations with SafeBreach attack simulations.

Learn more !

Morphisec
Integrate forensics data to help prioritize alerts, determine machine at-risk score, and visualize the
full attack timeline.

Learn more !

ThreatConnect
Alert or block based on custom threat intelligence from ThreatConnect Playbooks using Microsoft
Defender for Endpoint indicators.

Learn more !

Palo Alto Networks

Enrich your endpoint protection by extending Autofocus and other threat feeds to Microsoft
Defender for Endpoint using MineMeld.

Learn more !

Dell Technologies Advanced Threat Protection

Identify malicious behavior and anomalies with the round-the-clock capabilities of this
professional monitoring service.

Learn more !

CSIS Managed Detection and Response

Gain actionable insights into what, when, and how security incidents have taken place with
continuous monitoring and security alert analysis.

Learn more !
 Learn more !

InSpark
Help protect, detect, and respond to threats with the uninterrupted, managed service capabilities
of InSpark's Cloud Security Center.

Learn more !

Red Canary
Deploy managed detection and response in minutes with Red Canary, a security operations
partner for modern teams.

Learn more !

Cyren
Seamlessly integrate advanced web content filtering into Microsoft Defender Security Center.

Learn more !

CriticalStart
Reduce your alerts by 99 percent with the Zero Trust Analytics Platform.

Learn more !

Become a partner
Learn more about becoming a partner and integrating with
Microsoft Defender for Endpoint. Follow this simple, step-by-step
guide to start using our flexible platform and rich APIs.

Get started !

Dive deeper into the product

Get technical details on capabilities, minimum
requirements, and deployment guidance.

Read the documentation !

 Additional resources

Become a Microsoft Learn more about our Stay up to date

Defender for Endpoint features Get product news, configuration
expert Explore educational videos about guidance, product how-tos, and
Microsoft Defender for Endpoint. tips.
Get training for security
operations and security admins,
Watch the videos ! Read the blogs !
whether you’re a beginner or
have experience.

Access training resources !

1. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to
select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s
research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect
to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER and Magic Quadrant are registered trademarks and service mark of Gartner, Inc. and/or its affiliates in the U.S. and
internationally and are used herein with permission. All rights reserved.
2. The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Allie Mellen, October 2021.
3. Gartner Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook | Dionisio Zumerle | Prateek Bhajanka | Lawrence Pingree |
Paul Webber, 05 May 2021.
4. Forrester and Forrester Wave are trademarks of Forrester Research, Inc.
5. The Forrester Wave™: Endpoint Security Software as a Service, Q2 2021, Chris Sherman with Merritt Maxim, Allie Mellen, Shannon Fish,
Peggy Dostie, May 2021.
6. Includes Targeted Attack Notifications (TAN) and Experts on Demand (EOD). Customers must apply for TAN and EOD is available for
purchase as an add-on.

Follow Microsoft