Microsoft Defender for Endpoint

Threats are no match.

Microsoft Digital Defense Report

Get deep analysis of current threat trends with extensive insights on big-game ransomware, phishing, IoT threats, and nation-state activity.

Complete endpoint security

Discover and secure Windows, macOS, Linux, Android, iOS, and network devices against sophisticated threats.

Rapidly stop threats

Gain the upper hand against sophisticated threats like ransomware and nation-state attacks.

Scale your security

Put time back in the hands of defenders to prioritize risks and elevate your security posture.

Evolve your defenses

Advance beyond endpoint silos and mature your security based on a foundation for XDR and Zero Trust.

The umbrella of the types of threat protection included within Microsoft Defender for Endpoint.

Microsoft Defender for Endpoint delivers industry-leading endpoint security for Windows, macOS, Linux, Android, iOS, and network devices and helps to rapidly stop attacks, scale your security resources, and evolve your defenses. It’s delivered at cloud scale, with built-in AI that reasons over the industry’s broadest threat intelligence. Our comprehensive solution enables discovery of all endpoints and even network devices, such as routers, in your environment. It offers vulnerability management, endpoint protection, endpoint detection and response (EDR), mobile threat defense, and managed hunting all in a single, unified platform.

Eliminate the blind spots in your environment

A person using a tablet connected to a keyboard and a desktop monitor.
A person using a tablet connected to a keyboard and a desktop monitor.

Microsoft Defender for Endpoint is easy to deploy, configure, and manage with a unified security management experience. It offers endpoint security for clients, servers, mobile devices, and network devices. This diagram shows Microsoft Defender for Endpoint capabilities, including risk-based vulnerability management and assessment, attack surface reduction, behavioral-based and cloud-powered next-generation protection, endpoint detection and response (EDR), automatic investigation and remediation, and managed hunting services. These capabilities are underscored with rich APIs that enable access and integration with our endpoint security platform.

Additional capabilities

Secure your mobile devices

Microsoft Defender for Endpoint offers mobile threat defense capabilities for Android and iOS.

Quickly evaluate capabilities

Fully evaluate our capabilities in a few simple steps in the Microsoft Defender for Endpoint evaluation lab.

Streamline and integrate with APIs

Integrate Microsoft Defender for Endpoint with your security solutions and streamline and automate security workflows with rich APIs.

Simplify endpoint security management

Use a single pane of glass for endpoint configuration, deployment, and management with Microsoft Endpoint Manager.

Compare flexible purchase options

Explore the comprehensive security capabilities in Microsoft Defender for Endpoint P2, coming soon with Microsoft 365 E5, and Microsoft Defender for Endpoint P1, included with Microsoft 365 E3.

Microsoft Defender for Endpoint P1

Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry leading antimalware, attack surface, and device-based conditional access.

Microsoft Defender for Endpoint P2

Microsoft Defender for Endpoint P2 offers the complete set of capabilities, including everything in P1 plus endpoint detection and response, automated investigation and incident response, and threat and vulnerability management.

Compare Microsoft Office Product features
Feature name

Microsoft Defender for Endpoint P1

Microsoft Defender for Endpoint P2

Product feature    

Unified security tools and centralized management

Feature is included

Feature is included

Next-generation antimalware

Feature is included

Feature is included

Attack surface reduction rules

Feature is included

Feature is included

Device control (such as USB)

Feature is included

Feature is included

Endpoint firewall

Feature is included

Feature is included

Network protection

Feature is included

Feature is included

Web control / category-based URL blocking

Feature is included

Feature is included

Device-based conditional access

Feature is included

Feature is included

Controlled folder access

Feature is included

Feature is included

APIs, SIEM connector, custom TI

Feature is included

Feature is included

Application control

Feature is included

Feature is included

Endpoint detection and response

Feature is not included

Feature is included

Automated investigation and remediation

Feature is not included

Feature is included

Threat and vulnerability management

Feature is not included

Feature is included

Threat intelligence (Threat Analytics)

Feature is not included

Feature is included

Sandbox (deep analysis)

Feature is not included

Feature is included

Microsoft Threat Experts7

Feature is not included

Feature is included

Microsoft Defender for Business

Elevate your security with enterprise-grade endpoint protection built for businesses with up to 300 employees in a simple and cost-effective solution.

A person working at a desk with multiple screens and laptops.
A person working at a desk with multiple screens and laptops.
[noalt]

ONE RF_IMG Module TOP

Dive deeper into the product

Get technical details on capabilities, minimum requirements, and deployment guidance.

[noalt]

ONE RF_IMG Module BTM