Complete endpoint security
Discover and secure Windows, macOS, Linux, Android, iOS, and network devices against sophisticated threats.

Eliminate the blind spots in your environment

Microsoft Defender for Endpoint is easy to deploy, configure, and manage with a unified security management experience. It offers endpoint security for clients, servers, mobile devices, and network devices. This diagram shows Microsoft Defender for Endpoint capabilities, including risk-based vulnerability management and assessment, attack surface reduction, behavioral-based and cloud-powered next-generation protection, endpoint detection and response (EDR), automatic investigation and remediation, and managed hunting services. These capabilities are underscored with rich APIs that enable access and integration with our endpoint security platform.
Capabilities

Discover vulnerabilities and misconfigurations in real time
Bring security and IT together with threat and vulnerability management to quickly discover, prioritize, and remediate vulnerabilities and misconfigurations.

Get expert-level threat monitoring and analysis
Empower your security operations centers with Microsoft Threat Experts. Get deep knowledge, advanced threat monitoring, analysis, and support to identify critical threats in your unique environment.

Quickly go from alert to remediation at scale with automation
Automatically investigate alerts and remediate complex threats in minutes. Apply best practices and intelligent decision-making algorithms to identify active threats and determine what action to take.

Block sophisticated threats and malware
Defend against never-before-seen, polymorphic and metamorphic malware and fileless and file-based threats with next-generation protection.

Detect and respond to advanced attacks with behavioral monitoring
Spot attacks and zero-day exploits using advanced behavioral analytics and machine learning.

Eliminate risks and reduce your attack surface
Use attack surface reduction to minimize the areas where your organization could be vulnerable to threats.
Compare flexible purchase options
Explore the comprehensive security capabilities in Microsoft Defender for Endpoint P2, coming soon with Microsoft 365 E5, and Microsoft Defender for Endpoint P1, included with Microsoft 365 E3.
Microsoft Defender for Endpoint P1
Microsoft Defender for Endpoint P1
Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry leading antimalware, attack surface, and device-based conditional access.
Microsoft Defender for Endpoint P2
Microsoft Defender for Endpoint P2
Microsoft Defender for Endpoint P2 offers the complete set of capabilities, including everything in P1 plus endpoint detection and response, automated investigation and incident response, and threat and vulnerability management.
Feature name | Microsoft Defender for Endpoint P1 |
Microsoft Defender for Endpoint P2 |
---|---|---|
Product feature | ||
Unified security tools and centralized management |
Feature is included |
Feature is included |
Next-generation antimalware |
Feature is included |
Feature is included |
Attack surface reduction rules |
Feature is included |
Feature is included |
Device control (such as USB) |
Feature is included |
Feature is included |
Endpoint firewall |
Feature is included |
Feature is included |
Network protection |
Feature is included |
Feature is included |
Web control / category-based URL blocking |
Feature is included |
Feature is included |
Device-based conditional access |
Feature is included |
Feature is included |
Controlled folder access |
Feature is included |
Feature is included |
APIs, SIEM connector, custom TI |
Feature is included |
Feature is included |
Application control |
Feature is included |
Feature is included |
Endpoint detection and response |
Feature is not included |
Feature is included |
Automated investigation and remediation |
Feature is not included |
Feature is included |
Threat and vulnerability management |
Feature is not included |
Feature is included |
Threat intelligence (Threat Analytics) |
Feature is not included |
Feature is included |
Sandbox (deep analysis) |
Feature is not included |
Feature is included |
Microsoft Threat Experts7 |
Feature is not included |
Feature is included |