Try our new research platform with insights from 80,000+ expert users

Kandji vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Kandji
Ranking in Endpoint Detection and Response (EDR)
56th
Average Rating
7.0
Reviews Sentiment
7.7
Number of Reviews
1
Ranking in other categories
Vulnerability Management (45th), Mobile Device Management (MDM) (7th), Enterprise Mobility Management (EMM) (17th)
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Kandji is 0.4%, up from 0.2% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Amit-Sarkar - PeerSpot reviewer
An easy-to-manage and deploy solution, but it should provide open customization
You don't need a certification or great knowledge to manage and deploy the solution because it's not complex. It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want. Kandji doesn't require much customization because it has built-in features that we have to create manually otherwise.
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want."
"Investigators can trace back to find the root cause."
"Defender is stable. The performance is good."
"Defender for Endpoint has one dashboard with security-related information, vulnerability-related information, and basic recommendations from Microsoft, all in different tabs. That's helpful because if we want to fix only the recommended ones, we can go fix all of them..."
"It is easy to use because it is already pre-installed in Windows 10. We don't have to do anything to configure it. You can also configure the firewall by using a group policy so that it can be easily adopted in an environment."
"Its threat intelligence feature is beneficial. This solution smoothly integrates with SIEM."
"The folders and files protection are its most valuable features. These have been valuable because of the increase in ransomware attacks. With these two features, I can ensure that no changes have been made to our system or endpoint folders and files without the user being aware."
"It's a Microsoft product; it's easier to deploy this product than other options."
"Defender works in the background monitoring the traffic for viruses."
 

Cons

"Kandji should give open customization."
"The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened."
"With the XDR dashboard, when you're doing an investigation and you're drilling down to obtain further details it tends to open many different tabs that take you away from your main tabs. You can end up having 10 tabs open for one investigation. This is another area for improvement because you can end up getting lost in the multiple tabs. Therefore, the central console can be improved so that it does not take you to several different pages for each investigation."
"The scalability could be improved - I would rate it between a seven and an eight."
"Microsoft Windows Defender doesn't have a game mode."
"Initially, I experienced performance issues that hampered our servers. However, after setting appropriate exclusions, everything seemed to work fine."
"In active mode, it's great that it gives you so much information, but it does record every keystroke so you have a lot of logs... that amount of data logging started to add up in the cost."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"Phishing and Malware detection could be better."
 

Pricing and Cost Advice

"Users have to pay a yearly licensing fee for Kandji, which is expensive."
"Because Microsoft Defender comes as an add-on, it can be a bit expensive if you're trying to buying it separately. Another option is to upgrade, but the enterprise licenses for Microsoft can also be quite a bit pricey. Overall, the cost of Microsoft Defender compared to that of other endpoint detection solutions is slightly higher."
"Licensing options vary. Some customers buy it as an enterprise agreement and pay yearly. Others buy it as a CSP, so they pay per month. It completely depends on the customer's needs."
"For most people, the price of the license is not something that they have to worry about."
"The nice thing about Defender and Sentinel is that the cost is based on the data logs that you ingest from the Defender endpoints and data connectors. I don't have to buy a 25- or 50- or 1,000-user or enterprise license. I can buy one license at a time."
"This solution is part of Windows and comes included with it."
"There is not a license required for this particular solution."
"The solution is free and comes with Windows."
"The E5 license is the one that I recommend because it comes with Cloud App Security, which is a good thing to have on top of Microsoft Defender."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
University
7%
Manufacturing Company
6%
Educational Organization
27%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Kandji?
It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want.
What is your experience regarding pricing and costs for Kandji?
Users have to pay a yearly licensing fee for Kandji, which is expensive.
What needs improvement with Kandji?
Kandji should have certification experience, which they don't have. Kandji should give open customization. Most customers find required features from other vendors, which Kandji doesn't have. It wo...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Information Not Available
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.
845,040 professionals have used our research since 2012.