Microsoft Defender for Endpoint
Get industry-leading endpoint protection— for 50% less
The epicenter for comprehensive endpoint security
Rapidly stop attacks, scale security resources, and evolve defenses across operating systems and network devices.
Be more efficient
Save up to 60 percent by using Microsoft Security rather than multiple point solutions.1
Defender for Endpoint capabilities
Gain a holistic view into your environment, mitigate advanced threats, and respond to alerts from a single, unified platform.
Microsoft Defender for Endpoint empowers your enterprise to rapidly stop attacks, scale your security resources, and evolve your defenses by delivering best-in-class endpoint security across Windows, macOS, Linux, Android, iOS, and network devices. Feel confident in your security approach knowing Microsoft Defender for Endpoint provides the tools and insight necessary to gain a holistic view into your environment, mitigate advanced threats, and immediately respond to alerts all from a single unified platform.
Industry recognition

Gartner
Microsoft is named a Leader in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms.2

Forrester
Microsoft Defender for Endpoint is named a leader in The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022. 3,4

Forrester
Microsoft Defender is named a Leader in The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021.3,5
Compare flexible purchase options
Endpoint protection focused on prevention
Microsoft Defender for Endpoint P1
Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry-leading antimalware, attack surface reduction, and device-based conditional access.
- Unified security tools and centralized management
- Next-generation antimalware
- Attack surface reduction rules
- Device control (such as USB)
- Endpoint firewall
- Network protection
- Web control / category-based URL blocking
- Device-based conditional access
- Controlled folder access
- APIs, SIEM connector, custom threat intelligence
- Application control
Endpoint protection with advanced detection and response
Microsoft Defender for Endpoint P2
Microsoft Defender for Endpoint P2 offers all the capabilities in P1, plus endpoint detection and response, automated investigation and incident response, and threat and vulnerability management.
Includes everything in Endpoint P1, plus:
- Endpoint detection and response
- Automated investigation and remediation
- Threat and vulnerability management
- Threat intelligence (threat analytics)
- Sandbox (deep analysis)
- Microsoft Threat Experts6
Related Microsoft Defender products

Microsoft 365 Defender
Get integrated threat protection across devices, identities, apps, email, data and cloud workloads.

Microsoft Defender Vulnerability Management
Reduce risk with continuous vulnerability assessment, risk-based prioritization, and remediation.

Microsoft Defender for Business
Discover enterprise-grade endpoint protection for small and medium businesses that's cost effective and easy to use.

Microsoft Defender for individuals
Get online security protection for individuals and families with one easy-to-use app.7
Additional resources
Blog
Become a Microsoft Defender for Endpoint expert
Get training for security operations and security admins, whether you’re a beginner or have experience.
Webcast
Watch episode one of The Defender’s Watch
Learn how to strengthen your security with evidence-based insights from experts defending against modern threats.
News
Stay up to date
Get product news, configuration guidance, product tutorials, and tips.
Documentation
Dive deeper into the product
Get technical details on capabilities, minimum requirements, and deployment guidance.
2. Gartner is a registered trademark and service mark and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook, Chris Silva, 31 December 2022.
3. Forrester and Forrester Wave are trademarks of Forrester Research, Inc.
4. The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022, Allie Mellen, April 2022.
5. The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Allie Mellen, October 2021.
6. Includes Targeted Attack Notifications (TAN) and Experts on Demand (EOD). Customers must apply for TAN and EOD is available for purchase as an add-on.
7. App is available on Windows, macOS, Android™, and iOS in select Microsoft 365 Family or Personal billing regions.