Microsoft Defender for Endpoint vs Morphisec comparison

Microsoft Defender for Endp...

Read 21 Morphisec reviews

1,136 Views
655 Comparison Views

100% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Morphisec and Microsoft Defender for Endpoint compete in the endpoint security category. Morphisec leads in pricing and support, while Microsoft Defender for Endpoint has an edge in features.

Features: Morphisec is known for its lightweight agent, minimal system impact, and suitability for small to mid-sized environments. Microsoft Defender for Endpoint offers a broad range of threat detection capabilities, better integration with Microsoft environments, and is preferred for large-scale deployments.

Room for Improvement: Users of Morphisec suggest enhancements in advanced threat intelligence, expanded reporting, and possibly more scalability features. Users of Microsoft Defender for Endpoint see a need for performance optimization, lower false positives, and a more user-friendly interface.

Ease of Deployment and Customer Service: Morphisec is highlighted for its straightforward deployment process and responsive customer support. Microsoft Defender for Endpoint's deployment is more complex due to its extensive feature set, but users value the comprehensive documentation and strong support channels.

Pricing and ROI: Morphisec is considered cost-effective with a quick setup process, providing high ROI for smaller organizations. Microsoft Defender for Endpoint, though pricier, is justified by its advanced features and extensive protection capabilities, resulting in substantial ROI for larger enterprises.

To learn more, read our detailed Microsoft Defender for Endpoint vs. Morphisec Report (Updated: April 2025).

Microsoft Defender for Endpoint vs. Morphisec

Download the complete report

Helped 850,671 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Defender for Endp...

Ranking in Endpoint Protection Platform (EPP)

1st

Ranking in Advanced Threat Protection (ATP)

2nd

Ranking in Endpoint Detection and Response (EDR)

3rd

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

196

Ranking in other categories

Anti-Malware Tools (1st), Microsoft Security Suite (5th)

Morphisec

Ranking in Endpoint Protection Platform (EPP)

56th

Ranking in Advanced Threat Protection (ATP)

34th

Ranking in Endpoint Detection and Response (EDR)

58th

Average Rating

9.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Vulnerability Management (61st), Cloud Workload Protection Platforms (CWPP) (37th), Threat Deception Platforms (14th)

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Microsoft Defender for Endpoint is 10.8%, down from 14.4% compared to the previous year. The mindshare of Morphisec is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

AnuragSrivastava

Information Security Engineering Lead at a energy/utilities company with 10,001+ employees

Provides detailed visibility into threats but the ability to add exceptions needs improvement

One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Read full review

Islam Shaikh

Senior Manager - IT at IndiGrid Limited

Lightweight, detects everything quickly, and takes corrective action

We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It was quite important to have extra security on our mobile platform because of geopolitical situations, as we are located close to some countries that represent a concern. Defender for Endpoint allows us automatic resolutions if a unit is compromised or if a user clicks a malicious link."

"This software is easy to use."

"Microsoft Defender can block some viruses or malware. So, it can protect my files. It can save files on Office 365 OneDrive. I use encryption for some files, then I can recover them from OneDrive."

"The main features of this solution are that it handles everything by itself and is well integrated."

"Investigators can trace back to find the root cause."

"Defender for Endpoint allows us automatic resolutions if a unit is compromised or if a user clicks a malicious link."

"Ensures that I'm working with a product that gets updated regularly without me having to remember to do it. Since it's a Microsoft product, I'm confident that it requires a low use of system resources. The benefit of that being that my computer isn't constantly being drained."

"It's one of the best antiviruses on the market."

More Microsoft Defender for Endpoint pros

"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."

"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."

"It also provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. We've always had that capability with Morphisec. The more recent version appears to do that even a little bit more natively and it's given us visibility that we didn't have otherwise."

"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."

"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."

"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."

"We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it."

"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."

More Morphisec pros

Cons

"I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number."

"The central console needs improvement. Both McAfee and Symantec antivirus have dashboards. These integrate with a server and work on my antivirus or some other product. However, with Microsoft Defender, you use Microsoft Group Policy Object. Defender does not provide a central console. Therefore, if you implement Defender, then maybe use another tool for the central view."

"The biggest issue I had with Microsoft Defender for Endpoint was the antivirus and ransomware. I wanted central visibility over all the machines that we operate."

"I would like to have a dashboard that shows an overview of the results for the enterprise."

"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."

"We encountered some issues when we were trying to enable automatic updates from our group policy."

"Microsoft should improve support for third-party platforms, because not all functionality is available for all of them. It's a good product, but they should just extend the functionality for all platforms."

"It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years."

More Microsoft Defender for Endpoint cons

"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."

"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."

"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."

"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."

"Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet."

"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."

"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."

"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."

More Morphisec cons

Pricing and Cost Advice

"The cost is high, compared to other products in the market, if you look at it as a separate product. If you look at the cost where it is part of a bundle, the cost is okay."

"This solution is part of Windows and comes included with it."

"Because Microsoft Defender comes as an add-on, it can be a bit expensive if you're trying to buying it separately. Another option is to upgrade, but the enterprise licenses for Microsoft can also be quite a bit pricey. Overall, the cost of Microsoft Defender compared to that of other endpoint detection solutions is slightly higher."

"The solution is free with Windows."

"When customers haven't deployed the solution and don't have licenses, it can be expensive to start from scratch."

"Its price is fair. It has approximately the same price as the other products such as Kaspersky. It is much cheaper than Malwarebytes."

"Microsoft Defender for Endpoint is more affordable compared to some other endpoint solutions."

"AV solutions are pretty expensive because they are necessary, not just for protection, but many businesses need them to comply with regulatory bodies and receive accreditation. We recently purchased an E5 license, which gives us access to the entire Microsoft suite. I would say the pricing is competitive; most tools of this kind are similarly priced. There are minor differences between the competitors, but they aren't spectacularly different. Defender for Endpoint makes sense because all our solutions are in the same place, paid for with a single license. The subscription price is around £50 per user per month, though it may have increased slightly."

More Microsoft Defender for Endpoint pricing and cost advice

"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."

"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."

"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."

"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."

"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."

"The pricing is definitely fair for what it does."

"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."

"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."

More Morphisec pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

850,671 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

24%

Computer Software Company

12%

Government

Financial Services Firm

Outsourcing Company

14%

Computer Software Company

13%

Financial Services Firm

12%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

Ask a question

Earn 20 points

Comparisons

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Compared 8% of the time

Microsoft Intune vs Microsoft Defender for Endpoint

Compared 5% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 5% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 4% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

CrowdStrike Falcon vs Morphisec

Compared 33% of the time

Halcyon vs Morphisec

Compared 15% of the time

SentinelOne Singularity Complete vs Morphisec

Compared 12% of the time

Hyver vs Morphisec

Compared 7% of the time

More Morphisec Competitors

Product Reports

Microsoft Defender for Endpoint

Download Microsoft Defender for Endpoint product report

Download Morphisec product report

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

Morphisec, Morphisec Moving Target Defense

Interactive Demo

Microsoft

Demo not available

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
Memory Morphing: Hides processes to reduce attack surfaces
Signatureless Protection: Prevents threats without impacting performance
Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

Quick Deployment: Fast setup without disrupting operations
Enhanced Protection: Provides an additional defense layer against advanced threats
Cost-Effectiveness: Works with existing licenses, minimizing extra investments
Improved Compatibility: Integrates smoothly with current antivirus systems
Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Sample Customers

Petrofrac, Metro CSG, Christus Health

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center

Microsoft Defender for Endpoint vs. Morphisec