A person using a mobile phone and a laptop.

Microsoft Defender for Endpoint

Threats are no match.

Microsoft Digital Defense Report

Get deep analysis of current threat trends with extensive insights on big-game ransomware, phishing, IoT threats, and nation-state activity.

Complete endpoint security

Discover and secure Windows, macOS, Linux, Android, iOS, and network devices against sophisticated threats.

Rapidly stop threats

Gain the upper hand against sophisticated threats like ransomware and nation-state attacks.

Scale your security

Put time back in the hands of defenders to prioritize risks and elevate your security posture.

Evolve your defenses

Advance beyond endpoint silos and mature your security based on a foundation for XDR and Zero Trust.

Microsoft Defender for Endpoint delivers industry-leading endpoint security for Windows, macOS, Linux, Android, iOS, and network devices and helps to rapidly stop attacks, scale your security resources, and evolve your defenses. It’s delivered at cloud scale, with built-in AI that reasons over the industry’s broadest threat intelligence. Our comprehensive solution enables discovery of all endpoints and even network devices, such as routers, in your environment. It offers vulnerability management, endpoint protection, endpoint detection and response (EDR), mobile threat defense, and managed hunting all in a single, unified platform.

Eliminate the blind spots in your environment

Discover unmanaged and unauthorized endpoints and network devices, and secure these assets using integrated workflows.

A person using a tablet connected to a keyboard and a desktop monitor.
A person using a tablet connected to a keyboard and a desktop monitor.

Microsoft Defender for Endpoint is easy to deploy, configure, and manage with a unified security management experience. It offers endpoint security for clients, servers, mobile devices, and network devices. This diagram shows Microsoft Defender for Endpoint capabilities, including risk-based vulnerability management and assessment, attack surface reduction, behavioral-based and cloud-powered next-generation protection, endpoint detection and response (EDR), automatic investigation and remediation, and managed hunting services. These capabilities are underscored with rich APIs that enable access and integration with our endpoint security platform.

Additional capabilities

Secure your mobile devices

Microsoft Defender for Endpoint offers mobile threat defense capabilities for Android and iOS.

Quickly evaluate capabilities

Fully evaluate our capabilities in a few simple steps in the Microsoft Defender for Endpoint evaluation lab.

Streamline and integrate with APIs

Integrate Microsoft Defender for Endpoint with your security solutions and streamline and automate security workflows with rich APIs.

Simplify endpoint security management

Use a single pane of glass for endpoint configuration, deployment, and management with Microsoft Endpoint Manager.

Compare flexible purchase options

Explore the comprehensive security capabilities in Microsoft Defender for Endpoint P2, coming soon with Microsoft 365 E5, and Microsoft Defender for Endpoint P1, included with Microsoft 365 E3.

Microsoft Defender for Endpoint P1

Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry leading antimalware, attack surface, and device-based conditional access.

Microsoft Defender for Endpoint P2

Microsoft Defender for Endpoint P2 offers the complete set of capabilities, including everything in P1 plus endpoint detection and response, automated investigation and incident response, and threat and vulnerability management.

Compare Microsoft Office Product features
Feature name

Microsoft Defender for Endpoint P1

Microsoft Defender for Endpoint P2

Product feature    

Unified security tools and centralized management

Feature is included

Feature is included

Next-generation antimalware

Feature is included

Feature is included

Attack surface reduction rules

Feature is included

Feature is included

Device control (such as USB)

Feature is included

Feature is included

Endpoint firewall

Feature is included

Feature is included

Network protection

Feature is included

Feature is included

Web control / category-based URL blocking

Feature is included

Feature is included

Device-based conditional access

Feature is included

Feature is included

Controlled folder access

Feature is included

Feature is included

APIs, SIEM connector, custom TI

Feature is included

Feature is included

Application control

Feature is included

Feature is included

Endpoint detection and response

Feature is not included

Feature is included

Automated investigation and remediation

Feature is not included

Feature is included

Threat and vulnerability management

Feature is not included

Feature is included

Threat intelligence (Threat Analytics)

Feature is not included

Feature is included

Sandbox (deep analysis)

Feature is not included

Feature is included

Microsoft Threat Experts6

Feature is not included

Feature is included

See what our customers are saying

Little Potato Company logo
MVP Health Care logo
thycotic logo
Petrofac logo
Virgin Atlantic logo
edotco Group logo

Microsoft Defender for Business

Elevate your security with enterprise-grade endpoint protection built for businesses with up to 300 employees in a simple and cost-effective solution.

A person working at a desk with multiple screens and laptops.
A person working at a desk with multiple screens and laptops.

Become a partner

Learn more about becoming a partner and integrating with Microsoft Defender for Endpoint. Follow this simple, step-by-step guide to start using our flexible platform and rich APIs.

[noalt]

ONE RF_IMG Module TOP

Dive deeper into the product

Get technical details on capabilities, minimum requirements, and deployment guidance.

[noalt]

ONE RF_IMG Module BTM

Additional resources

Become a Microsoft Defender for Endpoint expert

Get training for security operations and security admins, whether you’re a beginner or have experience.

Learn more about our features

Explore educational videos about Microsoft Defender for Endpoint.

Stay up to date

Get product news, configuration guidance, product how-tos, and tips.

1. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER and Magic Quadrant are registered trademarks and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
2. The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Allie Mellen, October 2021.
3. Gartner Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook | Dionisio Zumerle | Prateek Bhajanka | Lawrence Pingree | Paul Webber, 05 May 2021.
4. Forrester and Forrester Wave are trademarks of Forrester Research, Inc.
5. The Forrester Wave™: Endpoint Security Software as a Service, Q2 2021, Chris Sherman with Merritt Maxim, Allie Mellen, Shannon Fish, Peggy Dostie, May 2021.
6. Includes Targeted Attack Notifications (TAN) and Experts on Demand (EOD). Customers must apply for TAN and EOD is available for purchase as an add-on.