We performed a comparison between Microsoft Defender for Endpoint and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Microsoft Defender for Endpoint comes out ahead of Microsoft Defender for Cloud. While both products have comprehensive features, Microsoft Defender for Cloud’s dashboards may not integrate easily with other enterprise dashboards.
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network."
"The integration with Logic Apps allows for automated responses to incidents."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."
"Defender is user-friendly and provides decent visibility into threats."
"It has Kusto Query Language (KQL), so we can use our own queries to find anything."
"We like that it has a free version available."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"Defender has very little impact on the end-user and the agent works quite well with a minimal impact on the client and server."
"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."
"The solution integrates very well with Windows applications and Microsoft endpoint products."
"It is stable and easy to use. Everything is okay, and there are no performance issues."
"It is a straightforward setup."
"I would suggest building a single product that addresses endpoint server protection, attack surface, and everything else in one solution. That is the main disadvantage with the product. If we are incorporating some features, we end up in a situation where this solution is for the server, and that one is for the client, or this is for identity, and that is for our application. They're not bundling it. Commercially, we can charge for different licenses, but on the implementation side, it's tough to help our end-customer understand which product they're getting."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"The documentation could be much clearer."
"There is no perfect product in the world and there are always features that can be added."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"No possibility to write or edit any capability."
"The reporting in Microsoft Defender for Endpoint should improve. The solution has limited features."
"Some integration components for Mac should be added. We use both Windows 10 desktops and Mac desktops, but presently, the Mac component is still lagging a bit behind."
"Microsoft Defender for Endpoint is effective for validating work, but not ideal for investigations."
"Our team's knowledge of the solution needs to be improved, and Microsoft could do a better job conveying the necessary information to users. We could proactively use the tool more and explore capabilities we are not yet utilizing."
"From an audit point of view, our auditors would like to have more reports on how things are used, if things go wrong, and how they went wrong. For example, if something got a warning, "Why?" So, we would like more versatility for tracing and reporting. That would improve the product, as long as the user interface doesn't get bogged down."
"If they integrate with the EDR then it will benefit this solution."
"The solution could improve by providing more integration."
"There is no behavior analytics for devices and endpoints. There is no behavior-based protection."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews while Microsoft Defender for Endpoint is ranked 5th in Microsoft Security Suite with 182 reviews. Microsoft Defender for Cloud is rated 8.0, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Sentinel, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Kaspersky Endpoint Security for Business. See our Microsoft Defender for Cloud vs. Microsoft Defender for Endpoint report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.