Try our new research platform with insights from 80,000+ expert users

Kandji vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Kandji
Ranking in Endpoint Detection and Response (EDR)
56th
Average Rating
7.0
Reviews Sentiment
7.7
Number of Reviews
1
Ranking in other categories
Vulnerability Management (45th), Mobile Device Management (MDM) (7th), Enterprise Mobility Management (EMM) (17th)
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Kandji is 0.4%, up from 0.2% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Amit-Sarkar - PeerSpot reviewer
An easy-to-manage and deploy solution, but it should provide open customization
You don't need a certification or great knowledge to manage and deploy the solution because it's not complex. It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want. Kandji doesn't require much customization because it has built-in features that we have to create manually otherwise.
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want."
"The best thing I like about it is its interaction with the other Defender products. It provides the ability to push telemetry up. It gives me endpoint visibility and allows me to take automated actions."
"It's not really visible for the user - which is a benefit."
"We have very good visibility on our endpoints. The level of information it throws back is helpful."
"The attack surface reduction rules are the most valuable. We're able to have unattended remediation actions when the solution works side by side with a local antivirus like Microsoft Defender or Kaspersky. The attack surface reduction rules help us to proactively block and stop threats."
"Its simplicity is the most valuable. It also has very good integration. We like it."
"The most valuable feature of Microsoft Defender for Endpoint is that it is embedded into the Windows system. Additionally, the performance is good and simple to maintain."
"It was quite important to have extra security on our mobile platform because of geopolitical situations, as we are located close to some countries that represent a concern. Defender for Endpoint allows us automatic resolutions if a unit is compromised or if a user clicks a malicious link."
"It doesn't cause the slowness of the system, which is one of the reasons why I like it."
 

Cons

"Kandji should give open customization."
"Sometimes the software doesn't work the way we expect it to, and in those cases, we can't communicate with a device because it may be infected."
"It makes your Surface devices hot. It is resource-intensive. It strains your CPU, not more than other file scanners around, but it also does a lot more. When you are transmitting files or data, it is continuously scanning the traffic and analyzing it bit by bit to see what's going on, and that, of course, is costly in terms of CPU. It is CPU intensive, and if you are on battery, it drains your battery fast. That's the only drawback that it has."
"The detection of viruses could be a little bit better."
"I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number."
"It could be easier when it comes to managing exceptions."
"We would like more customization."
"It's not quite a mature solution just yet. It needs more time to grow and develop."
"Microsoft Defender for Endpoint could improve by adding more security features."
 

Pricing and Cost Advice

"Users have to pay a yearly licensing fee for Kandji, which is expensive."
"The price is fair for the features Microsoft delivers. If you want tailor-made features, you have to mix different licenses. It isn't straightforward."
"The cost is competitive and reasonable because most of the expense is log analytics, storage, and data consumption and ingestion. These things can be throttled and controlled, so they are highly flexible. Defender has a lot of advantages over competing products."
"This solution is part of an enterprise license we have."
"Licensing fees are paid annually through a partner."
"Licenses depend upon what you are looking for and what kind of security do you want to implement. There are costs in addition to the standard licensing fees. When we used to buy Symantec, we used to spend on 100 licenses. We used to spend approximately $2,700 for those many licenses, and they came in packs. To add one more license, I had to buy a pack with a minimum of 10 licenses. I had to spend on nine extra licenses because I can't get a single license, whereas when we go for Microsoft, we can get as many licenses as we want. If I have 100 users today, and tomorrow, I have 90 users, I can release my 10 licenses next month. With any other software vendor, you buy licenses for one year, and you have to stick with that. If today you have 100 licenses, and tomorrow, you have 50, you have already paid for one year's license. You can't go back and tell them that I don't require these 50 licenses because I have lost my 50 users, but with Microsoft Defender, licensing is on a monthly basis. It gives you both options. You can go yearly and save on it, or you can go monthly. You will, again, save on it. It is very fair everywhere."
"You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection."
"The license for Microsoft Defender for Endpoint is included in the license for the Microsoft Windows operating system."
"You need a license to use this solution."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
13%
University
7%
Comms Service Provider
6%
Educational Organization
26%
Computer Software Company
12%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Kandji?
It's a very easy plug-and-play solution where you can just enroll the devices and choose the features you want.
What is your experience regarding pricing and costs for Kandji?
Users have to pay a yearly licensing fee for Kandji, which is expensive.
What needs improvement with Kandji?
Kandji should have certification experience, which they don't have. Kandji should give open customization. Most customers find required features from other vendors, which Kandji doesn't have. It wo...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Information Not Available
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.
849,190 professionals have used our research since 2012.