Try our new research platform with insights from 80,000+ expert users

Kaspersky Endpoint Detection and Response Expert vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Kaspersky Endpoint Detectio...
Ranking in Endpoint Detection and Response (EDR)
19th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
46
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Kaspersky Endpoint Detection and Response Expert is 1.4%, up from 1.0% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Rodrigo Censi - PeerSpot reviewer
Patch management and integration capabilities drive effective endpoint response management
We work with Kaspersky and two modalities: the Censi final and Censi license. Most of our clients work in financial areas and industry. Our regular enterprise business relies on these solutions Kaspersky is viable with ADR; the Endpoint Detection response feature and the BitLocker management…
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Has some great features not available elsewhere."
"The performance for Kaspersky is good, and it's not impacted our client performance."
"We particularly appreciate how scalable this solution is, as we often need to increase our end-user numbers."
"What I like best about Kaspersky Endpoint Detection and Response is that it can detect any cyber attack and that it's a reliable product in the cybersecurity space. My company has confidence in it as a product for detecting all cyber attacks. It's a reliable product."
"Kaspersky Endpoint Detection and Response Expert offers centralized monitoring where we can monitor everything from a single point. I also like its security and network traffic features."
"The product has an easy-to-use EDR module based on signature-based antivirus detection. It is a complete software."
"We can scale the solution."
"The solution's most valuable features are that it offers very strong encryption and acts as an antivirus product."
"The intelligence mechanisms are good."
"The most valuable features of Microsoft Defender for Endpoint are the ease of use and it was available within the operating system."
"Technical support is good."
"The stability keeps getting better and better."
"Defender is stable enough and is competitive with the other products in the market."
"I enjoy using the live response feature, which allows me to remotely access different endpoints and investigate malicious files, such as malware that people may have downloaded, and other related issues."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"Its real-time security is the most valuable."
 

Cons

"It is not easy to follow the kill chain of a potential infection or malware."
"My opinion is that behavior detection could work better. This feature gets a high rate of false positives."
"The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources."
"Kaspersky Endpoint Detection and Response could improve some issues and add new security files."
"It consumes many system resources."
"The solution could always be more secure."
"It does not cover all of our security issues."
"Kaspersky EDR currently has limited OS support. They only focus on Windows Server and Windows. Kaspersky recently released a Linux version, but it's rudimentary. It does not have any advanced features available on Windows platforms. They should increase their footprint on the Linux side and support other operating systems on the market, like MacOS."
"The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified."
"There is room to improve the security of the solution."
"There is a need for improvement in reducing false positives."
"Microsoft Defender for Endpoint could improve by making the reporting better."
"Right now, there's a portal for Azure, portals for Microsoft Office, and portals for endpoints. It would be good to have only one portal and integrate everything."
"The onboarding and deployment could be more user-friendly, and there is room to grow in some of the reports. I don't want them to be oversimplified or overly complex, but there is room for improvement in the reporting it can do. It's relatively minor."
"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."
"There is no behavior analytics for devices and endpoints. There is no behavior-based protection."
 

Pricing and Cost Advice

"We have been satisfied with the license of the solution."
"EDR is priced on the cheaper side. Licensing for EDR is available on a yearly basis for around 80 SAR a year."
"The solution isn't the cheapest considering what you get. I would rate the pricing as seven out of ten."
"The price of Kaspersky Endpoint Detection and Response is in the middle range compared to competitors. The pricing model is based on the users using the solutions. The cost for us is approximately 2200 Algerian dinars. The price of the solution could be reduced."
"The solution’s pricing is okay."
"If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike."
"Endpoint's pricing is good, especially compared to expensive solutions like Sophos."
"The solution is worth its cost so I rate pricing a ten out of ten."
"The price for Microsoft Defender for Endpoint is about three euros, which is considered reasonably priced."
"There is no license needed, the solution comes with Microsoft Windows."
"Microsoft Defender for Endpoint is cost-effective because there's one unified license, and with this unified license, you get the capabilities for your cloud applications, servers, and endpoints as well. Therefore, it saves us a lot of money because the cost with other solutions is for just one piece of OS or maybe an urban environment. The licensing process is not complex as well."
"Microsoft Defender is an expensive product in my country."
"Microsoft Defender for Endpoint is an expensive solution."
"The price is fair for the features Microsoft delivers. If you want tailor-made features, you have to mix different licenses. It isn't straightforward."
"I don't know the standalone costs. It is my understanding that the M365 E5 is $56 a month or something close to that pricing. That would be for the full suite. Just Defender might be $8 a month. I can't say for sure."
"The licensing costs for Microsoft Defender for Endpoint are reasonable."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Educational Organization
9%
Manufacturing Company
8%
Educational Organization
27%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Kaspersky Endpoint Detection and Response Expert?
The integration with our hypervisor is quite smooth, especially within the Kaspersky Enterprise environment. We have many virtual machines, and the integration is helpful.
What is your experience regarding pricing and costs for Kaspersky Endpoint Detection and Response Expert?
If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike.
What needs improvement with Kaspersky Endpoint Detection and Response Expert?
The Kaspersky console could be easier to navigate and generate reports from. We've got Stripe in the method of deployment, which makes it easier and requires lower integration from my team. Deploym...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

Kaspersky EDR
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Ferrari, Insolar, Tael, Republic of Serbia
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about Kaspersky Endpoint Detection and Response Expert vs. Microsoft Defender for Endpoint and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.