Try our new research platform with insights from 80,000+ expert users

Kaspersky Endpoint Detection and Response Expert vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Kaspersky Endpoint Detectio...
Ranking in Endpoint Detection and Response (EDR)
19th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
46
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Kaspersky Endpoint Detection and Response Expert is 1.4%, up from 1.0% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Rodrigo Censi - PeerSpot reviewer
Patch management and integration capabilities drive effective endpoint response management
We work with Kaspersky and two modalities: the Censi final and Censi license. Most of our clients work in financial areas and industry. Our regular enterprise business relies on these solutions Kaspersky is viable with ADR; the Endpoint Detection response feature and the BitLocker management…
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Has great behavior detection and a very good firmware scanner."
"We have a central console and from there you can monitor all workstations via an agent."
"The most valuable feature of Kaspersky EDR is its simplicity. The console is easy to use and not very complex."
"The solution's most valuable features are that it offers very strong encryption and acts as an antivirus product."
"It is a scalable solution...It is a stable solution."
"The detection engine running on endpoints works very well and provides a good protection level."
"Kaspersky is easy to use, and it performs well."
"It is easy to manage."
"The notification and reporting features are most valuable because we are part of a compliance project, and maintaining SOC 2 compliance is critical."
"Defender for Endpoint has one dashboard with security-related information, vulnerability-related information, and basic recommendations from Microsoft, all in different tabs. That's helpful because if we want to fix only the recommended ones, we can go fix all of them..."
"The EDR feature is most valuable."
"Microsoft Defender for Endpoint is beneficial because we are using Microsoft Windows and all the core solutions are made by Microsoft, such as the authentic platform, operating system, and antivirus protection. It is a heterogeneous environment. We had to use third-party solutions before and update everything separately. For example, the policy for antivirus. With Microsoft Defender for Endpoint, when Microsoft Windows receives updates it will update with it. This is one main advantage of this solution."
"The scalability is good."
"The solution has good performance, I have not seen a problem."
"Microsoft Defender for Endpoint is scalable. Currently, we have 600,000 users in our organization."
"The most valuable aspect lies in its automation capabilities, particularly within security automation."
 

Cons

"The installation process could be more streamlined."
"The issue with Kaspersky EDR is the sandbox. I'd like to have the ability to manage it on the cloud as well."
"It is not easy to follow the kill chain of a potential infection or malware."
"Kaspersky needs to strengthen its standing in the market."
"It's not a simple implementation."
"The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources."
"Kaspersky Endpoint Detection and Response could improve some issues and add new security files."
"The product should release more frequent updates. The tool needs to improve its scalability as well."
"The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices."
"Where we stand right now, compared to other products that are there in the market, they still have to work on their threat intelligence and the overall maturity of detecting the malware."
"In terms of improvement, they update the platform it seems quite a bit. Every month something is in a new spot or something changed somewhere. There should be less of that."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"Threat intelligence has the potential for improvement, particularly by integrating more sources."
"I have accounts for administrators and corporate employees, but I also have accounts for students. I can't split these types of accounts. I need a separate configuration for both... I need to research how I can get alerts for only the administrative machines."
"The user interface could use some improvement."
"The application control feature requires improvement."
 

Pricing and Cost Advice

"The solution isn't the cheapest considering what you get. I would rate the pricing as seven out of ten."
"We have been satisfied with the license of the solution."
"Kaspersky's pricing is very competitive when it comes to comparison with the other solutions."
"The solution is worth its cost so I rate pricing a ten out of ten."
"The pricing is reasonable. Not too cheap, not too expensive."
"If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike."
"Kaspersky is licensed on a yearly basis."
"The solution is expensive in comparison to CheckPoint and Fortinet."
"The product is free of charge and comes integrated into Windows."
"It is free."
"The licensing costs for Microsoft Defender for Endpoint are reasonable."
"The price is fair for the features Microsoft delivers. If you want tailor-made features, you have to mix different licenses. It isn't straightforward."
"The solution is included with Microsoft Windows."
"When compared with other vendors, the pricing is very high."
"Licensing models of Microsoft are renowned for being complex. We just purchased the whole E5 stack. With E5 licenses for users, we get access to a bunch of features that are not just related to security. I would rate them a three out of five in terms of pricing."
"It is built into Windows 10. If our clients are using Microsoft Defender, the cost goes away for them."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Educational Organization
9%
Manufacturing Company
8%
Educational Organization
27%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Kaspersky Endpoint Detection and Response Expert?
The integration with our hypervisor is quite smooth, especially within the Kaspersky Enterprise environment. We have many virtual machines, and the integration is helpful.
What is your experience regarding pricing and costs for Kaspersky Endpoint Detection and Response Expert?
If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike.
What needs improvement with Kaspersky Endpoint Detection and Response Expert?
The Kaspersky console could be easier to navigate and generate reports from. We've got Stripe in the method of deployment, which makes it easier and requires lower integration from my team. Deploym...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

Kaspersky EDR
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Ferrari, Insolar, Tael, Republic of Serbia
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about Kaspersky Endpoint Detection and Response Expert vs. Microsoft Defender for Endpoint and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.