Microsoft Defender for Endpoint
Discover and secure endpoint devices across your multiplatform enterprise.
The epicenter for comprehensive endpoint security
Rapidly stop attacks, scale security resources, and evolve defenses across operating systems and network devices.
Rapidly stop threats
Gain the upper hand against sophisticated threats such as ransomware and nation-state attacks.
Scale your security
Put time back in the hands of defenders to prioritize risks and elevate your security posture.
Evolve your defenses
Advance beyond endpoint silos and mature your security based on a foundation for extended detection and response (XDR) and Zero Trust.
Defender for Endpoint capabilities
Gain a holistic view into your environment, mitigate advanced threats, and respond to alerts from a single, unified platform.
Eliminate the blind spots in your environment
Discover unmanaged and unauthorized endpoints and network devices, and secure these assets using integrated workflows.
Discover vulnerabilities and misconfigurations in real time
Bring security and IT together with threat and vulnerability management to quickly discover, prioritize, and remediate vulnerabilities and misconfigurations.
Quickly go from alert to remediation at scale with automation
Automatically investigate alerts and remediate complex threats in minutes. Apply best practices and intelligent decision-making algorithms to identify active threats and determine what action to take.
Block sophisticated threats and malware
Defend against never-before-seen polymorphic and metamorphic malware, and fileless and file-based threats with next-generation protection.
Detect and respond to advanced attacks with deep threat monitoring and analysis
Empower your security operations center with deep knowledge, advanced threat monitoring, and analysis. Spot attacks and zero-day exploits using advanced behavioral analytics and machine learning.
Eliminate risks and reduce your attack surface
Use attack surface reduction to minimize the areas where your organization could be vulnerable to threats.
Secure your mobile devices
Get mobile threat defense capabilities for Android and iOS with Microsoft Defender for Endpoint.7
Simplify endpoint security management
View endpoint configuration, deployment, and management.
Integrated threat protection with SIEM and XDR
Empower your defenders to effectively secure your digital estate by combining extended detection and response (XDR) and security information and event management (SIEM).
Microsoft 365 Defender
Get unified security and visibility across endpoints, identities, emails, and cloud apps with an industry-leading XDR solution.
Microsoft Sentinel
Aggregate security data and correlate alerts from virtually any source with cloud-native SIEM from Microsoft.
Microsoft Defender for Cloud
Protect your multicloud and hybrid cloud workloads with built-in XDR capabilities.
Industry recognition
Microsoft Security is a recognized industry leader.
Gartner
Microsoft is named a Leader in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms.1
See what our customers are saying
Compare flexible purchase options
Explore the comprehensive security capabilities in Microsoft Defender for Endpoint P1, included with Microsoft 365 E3, and Microsoft Defender for Endpoint P2, included with Microsoft 365 E5.
Microsoft Defender for Endpoint P1
Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry-leading antimalware, attack surface reduction, and device-based conditional access.
-
Unified security tools and centralized management
-
Next-generation antimalware
-
Attack surface reduction rules
-
Device control (such as USB)
-
Endpoint firewall
-
Network protection
-
Web control / category-based URL blocking
-
Device-based conditional access
-
Controlled folder access
-
APIs, SIEM connector, custom threat intelligence
-
Application control
Microsoft Defender for Endpoint P2
Microsoft Defender for Endpoint P2 offers all the capabilities in P1, plus endpoint detection and response, automated investigation and incident response, and threat and vulnerability management.
-
Includes everything in Endpoint P1, plus:
-
Endpoint detection and response
-
Automated investigation and remediation
-
Threat and vulnerability management
-
Threat intelligence (threat analytics)
-
Sandbox (deep analysis)
-
Microsoft Threat Experts5
Related Microsoft Defender products
Defend against cyberthreats with best-in-class security from Microsoft.
Microsoft 365 Defender
Get integrated threat protection across devices, identities, apps, email, data, and cloud workloads.
Microsoft Defender Vulnerability Management
Reduce risk with continuous vulnerability assessment, risk-based prioritization, and remediation.
Microsoft Defender for Business
Discover enterprise-grade endpoint protection for small and medium businesses that's cost effective and easy to use.
Microsoft Defender for individuals
Get online security protection for individuals and families with one easy-to-use app.6
Additional resources
Become a Microsoft Defender for Endpoint expert
Get training for security operations and security admins, whether you’re a beginner or have experience.
Watch episode one of The Defender’s Watch
Learn how to strengthen your security with evidence-based insights from experts defending against modern threats.
Stay up to date
Get product news, configuration guidance, product tutorials, and tips.
Dive deeper into the product
Get technical details on capabilities, minimum requirements, and deployment guidance.
Protect everything
Make your future more secure. Explore your security options today.
-
[1]
Gartner is a registered trademark and service mark and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook, Chris Silva, 31 December 2022. - [2] Forrester and Forrester Wave are trademarks of Forrester Research, Inc.
- [3] The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022, Allie Mellen, April 2022.
- [4] The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Allie Mellen, October 2021.
- [5] Includes Targeted Attack Notifications (TAN) and Experts on Demand (EOD). Customers must apply for TAN and EOD is available for purchase as an add-on.
- [6] App is available on Windows, macOS, Android™, and iOS in select Microsoft 365 Family or Personal billing regions.
- [7] Availability of mobile apps varies by country/region.
Follow Microsoft