Try our new research platform with insights from 80,000+ expert users

Kandji vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Kandji
Ranking in Endpoint Detection and Response (EDR)
56th
Average Rating
7.0
Reviews Sentiment
7.7
Number of Reviews
1
Ranking in other categories
Vulnerability Management (45th), Mobile Device Management (MDM) (7th), Enterprise Mobility Management (EMM) (17th)
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Kandji is 0.4%, up from 0.2% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Amit-Sarkar - PeerSpot reviewer
An easy-to-manage and deploy solution, but it should provide open customization
You don't need a certification or great knowledge to manage and deploy the solution because it's not complex. It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want. Kandji doesn't require much customization because it has built-in features that we have to create manually otherwise.
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want."
"The investigation aspect is the most useful. It's user friendly and has a good user interface."
"I like the process visibility. This ability to visualize how something was executed is valuable, and the fact that Defender ATP is also linked to the threat intelligence that they have is also valuable. So, even if you have something that doesn't have a conventional signature, the fact that you get this strange execution means that you can detect things that are normally not visible."
"The protection that it provides is quite good."
"Its real-time security is the most valuable."
"The virus scanning capability is excellent, and it feeds all the logs into the Microsoft 365 Defender portal, making them easy to search for."
"I like Defender's reporting and logging features. The email alerts are also helpful. It's hard sometimes to sift through the email, especially if you're an IT firm managing hundreds if not thousands of endpoints, but we find email reporting useful. For example, last Tuesday, we learned of new vulnerabilities that were discovered as a result of the previous patches. The endpoints without those patches triggered alerts in Defender."
"One of the valuable features of the solution is the small updates that keep my machine relatively clean from any infections."
"Stable endpoint manager, antivirus, and antimalware, with fast technical support and a straightforward setup."
 

Cons

"Kandji should give open customization."
"There is room to improve the security of the solution."
"In India at least, it seems to be a bit more expensive than other options."
"At times, the other antivirus products are now doing AI, in terms of understanding the behavior of the system and determining when there's an anomaly. This is something that Defender can improve on."
"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."
"The time to generate certain alerts on our dashboard can take between 45 minutes to an hour, and I am unsure of the factors that influence this duration."
"Some of the integrations that Defender should include involve the use of the web app."
"The solution could always be more secure."
 

Pricing and Cost Advice

"Users have to pay a yearly licensing fee for Kandji, which is expensive."
"The E5 license is the one that I recommend because it comes with Cloud App Security, which is a good thing to have on top of Microsoft Defender."
"I don't know the standalone costs. It is my understanding that the M365 E5 is $56 a month or something close to that pricing. That would be for the full suite. Just Defender might be $8 a month. I can't say for sure."
"We sell this product as part of Office 365 and it is not expensive."
"Microsoft Defender for Endpoint is included with a Microsoft E5 license."
"It is an expensive solution. It would be nice if it could be included with the Microsoft Office package."
"Microsoft Defender for Endpoint is cost-effective because there's one unified license, and with this unified license, you get the capabilities for your cloud applications, servers, and endpoints as well. Therefore, it saves us a lot of money because the cost with other solutions is for just one piece of OS or maybe an urban environment. The licensing process is not complex as well."
"It's included with the Windows Operating System, I don't pay for any licensing fees."
"This product is included in the pricing for Windows."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
University
7%
Manufacturing Company
6%
Educational Organization
27%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Kandji?
It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want.
What is your experience regarding pricing and costs for Kandji?
Users have to pay a yearly licensing fee for Kandji, which is expensive.
What needs improvement with Kandji?
Kandji should have certification experience, which they don't have. Kandji should give open customization. Most customers find required features from other vendors, which Kandji doesn't have. It wo...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Information Not Available
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.
845,040 professionals have used our research since 2012.