Microsoft Security
Solutions
Products
Services
Partners
Resources
Search
Contact Sales
Strengthen your Zero Trust posture—a new, unified approach to security is here
Read the blog
Microsoft Defender for
Endpoint
Help secure endpoints with industry-leading, multiplatform detection and
response.
Disrupt ransomware on any platform
Apply AI-powered endpoint security across Windows, macOS, Linux, Android, iOS, and IoT
devices.
Outmaneuver sophisticated adversaries
with AI
Stop cyberattacks such as ransomware and move at
machine speed with industry-transforming AI that
amplifies your security team’s strengths.
Boost prevention with global threat
intelligence
Minimize vulnerabilities with a clear view of your
cyberattack surface and adversaries, along with best
practices for cyberthreat prevention.
Secure devices end to end
Help protect your multiplatform and IoT devices with a
comprehensive, industry-leading next-generation antivirus,
detection, and response solution at the core of Microsoft
Defender XDR.
Watch the video
Learn how to secure your devices and disrupt ransomware across all platforms with
Defender for Endpoint.
Defender for Endpoint key capabilities
Microsoft Security Copilot
Auto-deployed deception
Global threat intelligence
Prioritized security posture
recommendations
Flexible enterprise controls
Network detection and response
Simplified endpoint management
Automatic attack disruption
Back to tabs
Disrupt ransomware early in the cyberattack chain
Automatically disrupt ransomware cyberattacks by blocking lateral movement and remote encryption in a decentralized way across all
your devices.
Learn more
Microsoft Security Copilot is now generally available
Use natural language queries to investigate incidents with Copilot,
now with integrations across the Microsoft Security suite of
products.
Read the announcement
Learn more about Copilot
Unified security operations platform
Secure your digital estate with the only security operations (SecOps) platform that unifies
the full capabilities of extended detection and response (XDR) and security information
and event management (SIEM).
Back to tabs
Unified portal
Detect and disrupt cyberthreats in near real time and streamline investigation and response.
Learn more about Microsoft unified XDR and SIEM
Industry recognition
Microsoft Security is a recognized industry leader.
Learn more
Gartner
Microsoft is named a Leader in the 2024 Gartner®
Magic Quadrant™ for Endpoint Protection
Platforms.
1
Read the blog
Forrester
Microsoft Defender for Endpoint is named a leader
in The Forrester Wave™: Endpoint Security, Q4
2023.
2, 3
Read the report
IDC
Microsoft is named a Leader in the IDC MarketScape
reports for Worldwide Modern Endpoint Security
across Enterprise, Midsize, and Small Businesses,
2024.
4
Read the blog
See what our customers are saying
Back to tabs
PeerSpot
Microsoft Defender for Endpoint is
named a 2023 Tech Leader for
Endpoint Detection and Response.
Read the reviews
PeerSpot
Microsoft Defender for Endpoint is
named a 2023 Tech Leader for
Endpoint Protection for Business.
Read the reviews
G2
Microsoft Defender for Endpoint is
ranked number one in the Endpoint
Detection & Response Software
category.
Read the reviews
G2
Microsoft Defender for Endpoint is
ranked number one in the Endpoint
Protection Platforms category.
Read the reviews
Compare flexible purchase options
Explore the comprehensive security capabilities in Microsoft Defender for Endpoint P1,
included with Microsoft 365 E3, and Microsoft Defender for Endpoint P2, included with
Microsoft 365 E5, including versions of these suites that do not include Microsoft Teams.
Microsoft Defender
for Endpoint P1
Included with Microsoft 365
E3
Microsoft Defender for Endpoint P1
offers a foundational set of capabilities,
including industry-leading antimalware,
cyberattack surface reduction, and
device-based conditional access.
Unified security tools and
centralized management
Next-generation antimalware
Cyberattack surface reduction rules
Device control (such as USB)
Endpoint firewall
Network protection
Web control/category-based URL
blocking
Device-based conditional access
Controlled folder access
APIs, SIEM connector, custom threat
intelligence
Application control
Microsoft Defender
for Endpoint P2
Included with Microsoft 365
E5
Microsoft Defender for Endpoint P2
offers all the capabilities in P1, plus
endpoint detection and response,
automated investigation and incident
response, and cyberthreat and
vulnerability management.
Includes everything in Endpoint P1, plus:
Endpoint detection and response
Deception techniques
Automated investigation and
remediation
Cyberthreat and vulnerability
management
Threat intelligence (cyberthreat
analytics)
Sandbox (deep analysis)
Endpoint attack notifications
6
Related Microsoft Defender products
Protect against cyberthreats with best-in-class security from Microsoft.
Learn more
Microsoft Defender XDR
Get integrated threat protection
across devices, identities, apps,
email, data, and cloud workloads.
Learn more
Microsoft Defender
Vulnerability Management
Reduce risk with continuous
vulnerability assessment, risk-based
prioritization, and remediation.
Learn more
Microsoft Defender for
Business
Discover enterprise-grade endpoint
protection for small and medium
businesses that's cost effective and
easy to use.
Learn more
Microsoft Defender for
individuals
Get online security protection for
individuals and families with one
easy-to-use app.
7
Learn more
Additional resources
Become a Microsoft
Defender for Endpoint
expert
Get training for security operations
and security admins, whether you’re
a beginner or have experience.
Read the blog
Watch episode one of The
Defender’s Watch
Learn how to strengthen your
security with evidence-based
insights from experts protecting
against modern threats.
Watch now
Stay up to date
Get product news, configuration
guidance, product tutorials, and tips.
Read the blogs
Dive deeper into the
product
Get technical details on capabilities,
minimum requirements, and
deployment guidance.
Read documentation
Frequently asked questions
|
Expand all
Collapse all
What is Microsoft Defender for Endpoint?
How does the Defender for Endpoint antivirus capability work?
Does Defender for Endpoint only support the latest versions of Windows, iOS, and Linux?
Do I need to use multiple consoles and agents to manage Microsoft Defender for Endpoint?
What is the difference between Microsoft Defender for Endpoint and Microsoft Defender for Office 365?
How does Microsoft Defender for Endpoint deploy updates without impacting productivity?
Protect everything
Make your future more secure. Explore your security options
today.
[1] Gartner Magic Quadrant for Endpoint Protection Platforms, Evgeny Mirolyubov, Franz Hinner, Deepak Mishra, Satarupa Patnaik, Chris Silva, 23 September 2024.
Gartner is a registered trademark and service mark and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights
reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation.
Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to
this research, including any warranties of merchantability or fitness for a particular purpose.
[2] Forrester, Forrester New Wave, and Forrester Wave are trademarks of Forrester Research, Inc.
[3] The Forrester Wave™: Endpoint Security, Q4 2023. Paddy Harrington with Merritt Maxim, Angela Lozada, Christine Turley, October 2023.
[4] IDC MarketScape: Worldwide Modern Endpoint Security for Small Businesses Vendor Assessment |(doc #US50521424|), 2024, Michael Suby, March 2024.
IDC MarketScape: Worldwide Modern Endpoint Security for Midsize Businesses Vendor Assessment (doc #US50521323), 2024, Michael Suby, February 2024.
IDC MarketScape: Worldwide Modern Endpoint Security for Enterprises Vendor Assessment (doc #US50521223), 2024, Michael Suby, January 2024.
[5] The Forrester Wave™: Endpoint Detection And Response Providers, Q2 2022, Allie Mellen with Stephanie Balaouras, Joseph Blankenship, Sarah Morana, Peggy Dostie, April 2022.
[6] Endpoint attack notifications are available to Microsoft Defender for Endpoint P2 customers as a free, opt-in feature.
[7] App is available on Windows, macOS, Android™, and iOS in select Microsoft 365 Family or Personal billing regions.
Follow Microsoft Security
Skip
Microsoft Security
Strengthen your Zero Trust posture
—a new, unified approach to
security is here
Read
the
blog
Microsoft Defender for
Endpoint
Help secure endpoints with industry-leading,
multiplatform detection and response.
Disrupt ransomware on any
platform
Apply AI-powered endpoint security across
Windows, macOS, Linux, Android, iOS, and IoT
devices.
Outmaneuver sophisticated adversaries with
AI
Stop cyberattacks such as ransomware and move at
machine speed with industry-transforming AI that
amplifies your security team’s strengths.
Boost prevention with global threat
intelligence
Minimize vulnerabilities with a clear view of your
cyberattack surface and adversaries, along with
best practices for cyberthreat prevention.
Secure devices end to end
Help protect your multiplatform and IoT devices
with a comprehensive, industry-leading next-
generation antivirus, detection, and response
solution at the core of Microsoft Defender XDR.
Watch the video
Learn how to secure your devices and disrupt
ransomware across all platforms with Defender for
Endpoint.
Defender for Endpoint key
capabilities
Microsoft Security Copilot
Auto-deployed deception
Global threat intelligence
Prioritized security posture
recommendations
Flexible enterprise controls
Network detection and
response
Simplified endpoint
management
Automatic attack
disruption
Back to tabs
Disrupt ransomware early in the
cyberattack chain
Automatically disrupt ransomware cyberattacks by
blocking lateral movement and remote encryption
in a decentralized way across all your devices.
Learn more
Microsoft Security Copilot is now
generally available
Use natural language queries to investigate
incidents with Copilot, now with integrations
across the Microsoft Security suite of products.
Read the announcement
Learn more about Copilot
Unified security operations
platform
Secure your digital estate with the only security
operations (SecOps) platform that unifies the full
capabilities of extended detection and response
(XDR) and security information and event
management (SIEM).
Back to tabs
Unified portal
Detect and disrupt cyberthreats in near real time
and streamline investigation and response.
Learn more about Microsoft unified XDR
and SIEM
Industry recognition
Microsoft Security is a recognized industry leader.
Learn more
Gartner
Microsoft is named a Leader in the 2024
Gartner® Magic Quadrant™ for Endpoint
Protection Platforms.
1
Read the blog
See what our customers are
saying
Back to tabs
PeerSpot
Microsoft Defender for Endpoint is named a
2023 Tech Leader for Endpoint Detection and
Response.
Read the reviews
PeerSpot
Microsoft Defender for Endpoint is named a
2023 Tech Leader for Endpoint Protection for
Business.
Read the reviews
G2
Microsoft Defender for Endpoint is ranked
number one in the Endpoint Detection &
Response Software category.
Read the reviews
G2
Microsoft Defender for Endpoint is ranked
number one in the Endpoint Protection
Platforms category.
Read the reviews
Compare flexible purchase
options
Explore the comprehensive security capabilities in
Microsoft Defender for Endpoint P1, included with
Microsoft 365 E3, and Microsoft Defender for
Endpoint P2, included with Microsoft 365 E5,
including versions of these suites that do not
include Microsoft Teams.
Microsoft Defender for Endpoint
P1
Included with Microsoft
365 E3
Microsoft Defender for Endpoint P1 offers a
foundational set of capabilities, including industry-
leading antimalware, cyberattack surface reduction,
and device-based conditional access.
Unified security tools and centralized
management
Next-generation antimalware
Cyberattack surface reduction rules
Device control (such as USB)
Endpoint firewall
Network protection
Web control/category-based URL blocking
Device-based conditional access
Controlled folder access
APIs, SIEM connector, custom threat
intelligence
Application control
Microsoft Defender for Endpoint
P2
Included with Microsoft
365 E5
Microsoft Defender for Endpoint P2 offers all the
capabilities in P1, plus endpoint detection and
response, automated investigation and incident
response, and cyberthreat and vulnerability
management.
Includes everything in Endpoint P1, plus:
Endpoint detection and response
Deception techniques
Automated investigation and remediation
Cyberthreat and vulnerability management
Threat intelligence (cyberthreat analytics)
Sandbox (deep analysis)
Endpoint attack notifications
6
Related Microsoft Defender
products
Protect against cyberthreats with best-in-class
security from Microsoft.
Learn more
Microsoft Defender XDR
Get integrated threat protection across
devices, identities, apps, email, data, and
cloud workloads.
Learn more
Microsoft Defender Vulnerability
Management
Reduce risk with continuous vulnerability
assessment, risk-based prioritization, and
remediation.
Learn more
Microsoft Defender for Business
Discover enterprise-grade endpoint
protection for small and medium businesses
that's cost effective and easy to use.
Learn more
Microsoft Defender for individuals
Get online security protection for individuals
and families with one easy-to-use app.
7
Learn more
Additional resources
Become a Microsoft Defender for
Endpoint expert
Get training for security operations and
security admins, whether you’re a beginner
or have experience.
Read the blog
Watch episode one of The Defender’s
Watch
Learn how to strengthen your security with
evidence-based insights from experts
protecting against modern threats.
Watch now
Stay up to date
Get product news, configuration guidance,
product tutorials, and tips.
Read the blogs
Dive deeper into the product
Get technical details on capabilities,
minimum requirements, and deployment
guidance.
Read documentation
Frequently asked questions
|
Expand all
Collapse all
What is Microsoft Defender for
Endpoint?
How does the Defender for Endpoint
antivirus capability work?
Does Defender for Endpoint only support
the latest versions of Windows, iOS, and
Linux?
Do I need to use multiple consoles and
agents to manage Microsoft Defender
for Endpoint?
What is the difference between Microsoft
Defender for Endpoint and Microsoft
Defender for Office 365?
How does Microsoft Defender for
Endpoint deploy updates without
impacting productivity?
Protect everything
Make your future more secure. Explore your
security options today.
[1] Gartner Magic Quadrant for Endpoint Protection
Platforms, Evgeny Mirolyubov, Franz Hinner, Deepak
Mishra, Satarupa Patnaik, Chris Silva, 23 September 2024.
Gartner is a registered trademark and service mark and
Magic Quadrant is a registered trademark of Gartner, Inc.
and/or its affiliates in the U.S. and internationally and are
used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service
depicted in its research publications, and does not advise
technology users to select only those vendors with the
highest ratings or other designation. Gartner research
publications consist of the opinions of Gartner’s research
organization and should not be construed as statements of
fact. Gartner disclaims all warranties, expressed or implied,
with respect to this research, including any warranties of
merchantability or fitness for a particular purpose.
[2] Forrester, Forrester New Wave, and Forrester Wave are
trademarks of Forrester Research, Inc.
[3] The Forrester Wave™: Endpoint Security, Q4 2023.
Paddy Harrington with Merritt Maxim, Angela Lozada,
Christine Turley, October 2023.
[4] IDC MarketScape: Worldwide Modern Endpoint Security
for Small Businesses Vendor Assessment |(doc
#US50521424|), 2024, Michael Suby, March 2024.
IDC MarketScape: Worldwide Modern Endpoint Security
for Midsize Businesses Vendor Assessment (doc
#US50521323), 2024, Michael Suby, February 2024.
IDC MarketScape: Worldwide Modern Endpoint Security
for Enterprises Vendor Assessment (doc #US50521223),
2024, Michael Suby, January 2024.
[5] The Forrester Wave™: Endpoint Detection And
Response Providers, Q2 2022, Allie Mellen with Stephanie
Balaouras, Joseph Blankenship, Sarah Morana, Peggy
Dostie, April 2022.
[6] Endpoint attack notifications are available to Microsoft
Defender for Endpoint P2 customers as a free, opt-in
feature.
[7] App is available on Windows, macOS, Android™, and
iOS in
select Microsoft 365 Family or Personal billing
regions
.
Follow Microsoft Security
What's new
Surface Pro
Surface Laptop
Surface Laptop Studio 2
Surface Laptop Go 3
Microsoft Copilot
AI in Windows
Explore Microsoft products
Windows 11 apps
Microsoft Store
Account profile
Download Center
Microsoft Store Support
Returns
Order tracking
Microsoft Experience Centre
Recycling
Microsoft Store Promise
Education
Microsoft in education
Devices for education
Microsoft Teams for Education
Microsoft 365 Education
Office Education
Educator training and development
Deals for students and parents
Azure for students
Business
Microsoft Cloud
Microsoft Security
Azure
Dynamics 365
Microsoft 365
Microsoft 365 Copilot
Microsoft Teams
Small Business
Developer & IT
Microsoft Developer
Documentation
Microsoft Learn
Microsoft Tech Community
Azure Marketplace
AppSource
Microsoft Power Platform
Visual Studio
Company
Careers
About Microsoft
Company news
Privacy at Microsoft
Investors
Sustainability
English (United Kingdom)
Your Privacy Choices
Consumer Health Privacy
Contact Microsoft
Privacy
Manage cookies
Terms of use
Trademarks
About our ads
EU Compliance DoCs
Regulatory reporting
© Microsoft 2025
What's new
Surface Pro
Surface Laptop
Surface Laptop Studio 2
Surface Laptop Go 3
Microsoft Copilot
AI in Windows
Explore Microsoft products
Windows 11 apps
Microsoft Store
Account profile
Download Center
Microsoft Store Support
Returns
Order tracking
Microsoft Experience Centre
Recycling
Microsoft Store Promise
Education
Microsoft in education
Devices for education
Microsoft Teams for Education
Microsoft 365 Education
Office Education
Educator training and development
Deals for students and parents
Azure for students
Business
Microsoft Cloud
Microsoft Security
Azure
Dynamics 365
Microsoft 365
Microsoft 365 Copilot
Microsoft Teams
Small Business
Developer & IT
Microsoft Developer
Documentation
Microsoft Learn
Microsoft Tech Community
Azure Marketplace
AppSource
Microsoft Power Platform
Visual Studio
Company
Careers
About Microsoft
Company news
Privacy at Microsoft
Investors
Sustainability
English (United Kingdom)
Your Privacy Choices
Consumer Health Privacy
Contact Microsoft
Privacy
Manage cookies
Terms of use
Trademarks
About our ads
EU Compliance DoCs
Regulatory reporting
© Microsoft 2025