Microsoft Defender for Endpoint
Get industry-leading endpoint protection— for 50% less
The epicenter for comprehensive endpoint security
Rapidly stop attacks, scale security resources, and evolve defenses across operating systems and network devices.
Be more efficient
Save up to 60 percent by using Microsoft Security rather than multiple point solutions.1
Defender for Endpoint capabilities
Gain a holistic view into your environment, mitigate advanced threats, and respond to alerts from a single, unified platform.
Microsoft Defender for Endpoint empowers your enterprise to rapidly stop attacks, scale your security resources, and evolve your defenses by delivering best-in-class endpoint security across Windows, macOS, Linux, Android, iOS, and network devices. Feel confident in your security approach knowing Microsoft Defender for Endpoint provides the tools and insight necessary to gain a holistic view into your environment, mitigate advanced threats, and immediately respond to alerts all from a single unified platform.
Industry recognition
Compare flexible purchase options
Endpoint protection focused on prevention
Microsoft Defender for Endpoint P1
Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry-leading antimalware, attack surface reduction, and device-based conditional access.
- Unified security tools and centralized management
- Next-generation antimalware
- Attack surface reduction rules
- Device control (such as USB)
- Endpoint firewall
- Network protection
- Web control / category-based URL blocking
- Device-based conditional access
- Controlled folder access
- APIs, SIEM connector, custom threat intelligence
- Application control
Endpoint protection with advanced detection and response
Microsoft Defender for Endpoint P2
Microsoft Defender for Endpoint P2 offers the complete set of capabilities, including everything in P1, plus endpoint detection and response, automated investigation and incident response, and threat and vulnerability management.
Includes everything in Endpoint P1, plus:
- Endpoint detection and response
- Automated investigation and remediation
- Threat and vulnerability management
- Threat intelligence (threat analytics)
- Sandbox (deep analysis)
- Microsoft Threat Experts5
Related Microsoft Defender products

Microsoft 365 Defender
Get integrated threat protection across devices, identities, apps, email, data and cloud workloads.

Microsoft Defender Vulnerability Management
Reduce risk with continuous vulnerability assessment, risk-based prioritization, and remediation.

Microsoft Defender for Business
Enterprise-grade endpoint protection for small and medium businesses, that's cost effective and easy to use.

Microsoft Defender for individuals
Get online security protection for individuals and families with one easy-to-use app.6
Additional resources
Blog
Become a Microsoft Defender for Endpoint expert
Get training for security operations and security admins, whether you’re a beginner or have experience.
Partnerships
Find a partner
The Microsoft Intelligent Security Association (MISA) is an ecosystem of independent software vendors and managed security service providers.
News
Stay up to date
Get product news, configuration guidance, product tutorials, and tips.
Documentation
Dive deeper into the product
Get technical details on capabilities, minimum requirements, and deployment guidance.
2. Forrester and Forrester Wave are trademarks of Forrester Research, Inc.
3. The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022, Allie Mellen, April 2022.
4. The Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Allie Mellen, October 2021.
5. Includes Targeted Attack Notifications (TAN) and Experts on Demand (EOD). Customers must apply for TAN and EOD is available for purchase as an add-on.
6. App is available on Windows, macOS, Android™, and iOS in select Microsoft 365 Family or Personal billing regions.