Skip to main content
Microsoft Security

Microsoft 365 Defender

Help stop attacks with automated, cross-domain threat protection and built-in AI for your enterprise.

A person smiling while using a laptop.

Get industry-leading endpoint protection—for 50% less

For a limited time, save 50 percent on comprehensive endpoint security for devices across platforms and clouds. Terms apply.

Stop attacks across Microsoft 365 services

As threats become more complex, help secure your users with integrated threat protection, detection, and response across endpoints, email, identities, applications, and data.


Manage and secure hybrid identities and simplify employee, partner, and customer access.


Use leading threat detection, post-breach detection, automated investigation, and response for endpoints.

Cloud apps

Get visibility, control data, and detect threats across cloud services and apps.

Email and documents

Protect all of Office 365 against advanced threats, such as phishing and business email compromise.

Be more efficient

Save up to 60 percent by using Microsoft Security rather than multiple point solutions.1

Reduce your security and compliance costs with Microsoft Security by up to 60%. Microsoft Security costs USD$24/user versus that from other vendors costs USD$63/user.


Prevent cross-domain attacks and persistence

Automatically prevent threats from breaching your organization and stop attacks before they happen. Understand attacks and context across domains to eliminate lie-in-wait and persistent threats and protect against current and future breaches.

Reduce signal noise

View prioritized incidents in a single dashboard to reduce confusion, clutter, and alert fatigue. Use automated investigation capabilities to spend less time on threat detection and focus on triaging critical alerts and responding to threats.

Auto-heal affected assets

Handle routine and complex remediation with automatic threat detection, investigation, and response across asset types. Then return affected resources to a safe state and automatically remediate isolated attacks.

Hunt threats across domains

Search across all your Microsoft 365 data with custom queries to proactively hunt for threats. Use your organizational expertise and knowledge of internal behaviors to investigate and uncover the most sophisticated breaches, root causes, and vulnerabilities.

Back to Tabs

Microsoft 365 E5, A5, F5, and G5 customers can save on Microsoft Sentinel

Integrated threat protection with SIEM and XDR

Microsoft empowers your organization’s defenders by putting the right tools and intelligence in the hands of the right people. Combine security information and event management (SIEM) and extended detection and response (XDR) to increase efficiency and effectiveness while securing your digital estate.

The homepage on Microsoft 365 Defender showing active threats and more.

Microsoft 365 Defender

Prevent and detect attacks across your Microsoft 365 workloads with built-in XDR capabilities.

A high priority investigation dashboard on Microsoft Sentinel.

Microsoft Sentinel

Aggregate security data and correlate alerts from virtually any source with cloud-native SIEM from Microsoft.

An overview in Microsoft Defender for Cloud.

Microsoft Defender for Cloud

Protect your multicloud and hybrid cloud workloads with built-in XDR capabilities.

Back to tabs

The Total Economic Impact™ Of Microsoft 365 Defender

A 2022 study found an ROI of 242% over 3 years and a net present value of USD$17M with Microsoft 365 Defender – also a “Leader” in The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021.

Four people seated in a conference room having a meeting.

Industry recognition

Forrester logo.

Forrester XDR Wave

Microsoft Defender is named a Leader in The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021.2 3

Mitre Att&ck logo.

Leader in MITRE ATT&CK

Microsoft 365 Defender demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations.

Related products

Use best-in-class Microsoft security products to prevent and detect attacks across your Microsoft 365 workloads.

Documentation and training for Microsoft 365 Defender


Microsoft XDR datasheet

Get an overview of the Microsoft XDR: the next evolution in protection, detection, and response.


Understand your plan options

Microsoft 365 Defender is included with some Microsoft 365 and Office 365 Security and Enterprise licenses.


Microsoft 365 Defender Blog

Learn best practices, get updates, and engage with product teams in the Microsoft 365 Defender tech community.


Evaluate and pilot Microsoft 365 Defender

Use technical guidance to get started and pilot Microsoft 365 Defender.

Protect everything

Make your future more secure. Explore your security options today.

2. Forrester and Forrester Wave are trademarks of Forrester Research, Inc.

3. The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Allie Mellen, October 2021.

MITRE Engenuity ATT&CK® Evaluations, Wizard Spider + Sandworm Enterprise Evaluation 2022, The MITRE Corporation and MITRE Engenuity.

Follow Microsoft