Microsoft Defender for Endpoint
Microsoft Digital Defense Report
A complete endpoint security solution
Unparalleled optics
Automated security
Industry recognition
A diagram of Microsoft Defender for Endpoint capabilities. Microsoft Defender for Endpoint is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, and managed hunting services. These capabilities are underscored with rich APIs that enable access and integration with our platform. Microsoft Defender for Endpoint is easily deployed, configured, and managed with a unified security management experience.
Capabilities
Discover vulnerabilities and misconfigurations in real time
Bring security and IT together with Microsoft Threat & Vulnerability Management to quickly discover, prioritize, and remediate vulnerabilities and misconfigurations.
Get expert-level threat monitoring and analysis
Empower your security operations centers with Microsoft Threat Experts. Get deep knowledge, advanced threat monitoring, analysis, and support to identify critical threats in your unique environment.
Quickly go from alert to remediation at scale with automation
Automatically investigate alerts and remediate complex threats in minutes. Apply best practices and intelligent decision-making algorithms to determine whether a threat is active and what action to take.
Block sophisticated threats and malware
Defend against never-before-seen polymorphic and metamorphic malware and fileless and file-based threats with next-generation protection.
Detect and respond to advanced attacks with behavioral monitoring
Spot attacks and zero-day exploits using advanced behavioral analytics and machine learning.
Eliminate risks and reduce your attack surface
Use attack surface reduction to minimize the areas where your organization could be vulnerable to threats.
Learn about our partners
-
ArcSight
Pull Microsoft Defender for Endpoint detections into the ArcSight Security Information Event Management (SIEM) solution.
-
Demisto
Enable your security team to orchestrate and automate endpoint security monitoring by integrating Demisto with Microsoft Defender for Endpoint.
-
SafeBreach
Gain visibility into the types of attacks Microsoft Defender for Endpoint is blocking with insight from correlations with SafeBreach attack simulations.
-
Morphisec
Integrate forensics data to help prioritize alerts, determine machine at-risk score, and visualize the full attack timeline.
-
ThreatConnect
Alert or block on custom threat intelligence from ThreatConnect Playbooks using Microsoft Defender for Endpoint indicators.
-
Palo Alto Networks
Enrich your endpoint protection by extending Autofocus and other threat feeds to Microsoft Defender for Endpoint using MineMeld.
-
Dell Technologies Advanced Threat Protection
Professional monitoring service for malicious behavior and anomalies with round-the-clock capability.
-
CSIS Managed Detection and Response
Continuous monitoring and analysis of security alerts giving companies actionable insights into what, when, and how security incidents have taken place.
-
InSpark
InSpark's Cloud Security Center is an uninterrupted managed service that delivers protect, detect, and respond capabilities.
-
Red Canary
Red Canary is a security operations partner for modern teams, MDR deployed in minutes.
-
Cyren
Seamlessly integrate advanced web content filtering into Microsoft Defender Security Center.
-
Learn about our partners
-
ArcSight
Pull Microsoft Defender for Endpoint detections into the ArcSight Security Information Event Management (SIEM) solution.
-
Demisto
Enable your security team to orchestrate and automate endpoint security monitoring by integrating Demisto with Microsoft Defender for Endpoint.
-
SafeBreach
Gain visibility into the types of attacks Microsoft Defender for Endpoint is blocking with insight from correlations with SafeBreach attack simulations.
-
Morphisec
Integrate forensics data to help prioritize alerts, determine machine at-risk score, and visualize the full attack timeline.
-
ThreatConnect
Alert or block on custom threat intelligence from ThreatConnect Playbooks using Microsoft Defender for Endpoint indicators.
-
Palo Alto Networks
Enrich your endpoint protection by extending Autofocus and other threat feeds to Microsoft Defender for Endpoint using MineMeld.
-
Dell Technologies Advanced Threat Protection
Professional monitoring service for malicious behavior and anomalies with round-the-clock capability.
-
CSIS Managed Detection and Response
Continuous monitoring and analysis of security alerts giving companies actionable insights into what, when, and how security incidents have taken place.
-
InSpark
InSpark's Cloud Security Center is an uninterrupted managed service that delivers protect, detect, and respond capabilities.
-
Red Canary
Red Canary is a security operations partner for modern teams, MDR deployed in minutes.
-
Cyren
Seamlessly integrate advanced web content filtering into Microsoft Defender Security Center.
-
CriticalStart
Reduce your alerts by 99 percent with the Zero Trust Analytics Platform.
More on Microsoft Security
1. Microsoft Defender for Endpoint is built into Windows 10 1703 and up and Windows Server 2019. It does not require any agents to be installed on these versions.
TM Forrester is a registered trademark and service mark of Forrester, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.