Microsoft Defender for Endpoint vs OpenText EnCase eDiscovery comparison

The compared Microsoft and OpenText solutions aren't in the same category. Microsoft is ranked #1 in EPP , with an average rating of 8.3, and holds a 10.0% mindshare in the category. OpenText is ranked #6 in eD , with an average rating of 9.0, and holds a 2.6% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 75% of OpenText users who would recommend it.

Microsoft Defender for Endp...

Read 198 Microsoft Defender for Endpoint reviews

37,815 Views
22,311 Comparison Views

94% willing to recommend

OpenText EnCase eDiscovery

Read 8 OpenText EnCase eDiscovery reviews

733 Views
330 Comparison Views

75% willing to recommend

Microsoft Defender for Endp...

OpenText EnCase eDiscovery

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Microsoft Defender for Endpoint and OpenText EnCase eDiscovery based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, CrowdStrike, SentinelOne and others in Endpoint Protection Platform (EPP).

To learn more, read our detailed Endpoint Protection Platform (EPP) Report (Updated: September 2025).

Buyer's Guide

Endpoint Protection Platform (EPP)

September 2025

Download the complete report

Helped 867,676 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Defender for Endp...

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

198

Ranking in other categories

Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (3rd), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (4th)

OpenText EnCase eDiscovery

Average Rating

7.8

Reviews Sentiment

7.7

Number of Reviews

Ranking in other categories

eDiscovery (6th)

Mindshare comparison

Microsoft Defender for Endpoint and OpenText EnCase eDiscovery aren’t in the same category and serve different purposes. Microsoft Defender for Endpoint is designed for Endpoint Protection Platform (EPP) and holds a mindshare of 10.0%, down 13.0% compared to last year.
OpenText EnCase eDiscovery, on the other hand, focuses on eDiscovery, holds 2.6% mindshare, down 4.2% since last year.

Endpoint Protection Platform (EPP) Market Share Distribution
Product	Market Share (%)
Microsoft Defender for Endpoint	10.0%
CrowdStrike Falcon	8.2%
HP Wolf Security	6.3%
Other	75.5%

Endpoint Protection Platform (EPP)

eDiscovery Market Share Distribution
Product	Market Share (%)
OpenText EnCase eDiscovery	2.6%
Microsoft Purview eDiscovery	18.5%
Google Vault	9.7%
Other	69.2%

eDiscovery

Featured Reviews

NaySan @ Suraj Verma

Solution Consultant at BIM Group of Companies

Has effectively blocked sophisticated attacks and malicious activities while providing excellent support

Microsoft Defender for Endpoint is very good, but one suggestion is that in some products, we may need to configure security-related settings, whereas Microsoft Defender for Endpoint works completely differently, providing automatic recommendations and actions that we may need to perform ourselves. Regarding the pricing of Microsoft Defender for Endpoint, during the last three years, we set up the product and sold it, but we faced difficulties because Microsoft pricing is always the same. For example, whether I purchase Microsoft Defender for Endpoint for one year or for the next three years, the pricing remains constant with no discounts available. In contrast, competing products offer reduced pricing for long-term commitments, which makes it difficult for us in that environment. Microsoft should consider this option to remain competitive, but otherwise, everything else is fine.

Read full review

Alejandro Stromer

Director Consulting SAP OpenText en Entelgy at DCL Consultores EIM SL

A stable and scalable hybrid solution with easy setup

The solution is scalable. It has three levels. You have the presentation area that can be escalated to the balance sheet. You have the back-end area that can be escalated using higher viability to configure more application servers. Also, the area of storage can be increased. We usually cater to enterprise solutions but have small- and medium-sized customers. It starts with 25 users and goes up to 100s and 1000s.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"There are a couple of features, such as isolating the devices or connecting the device and connecting live response."

"For threat-hunting, I'll put some threats in a test scenario. I've downloaded known viruses that are out in the public for testing. They're not really a virus but they've got a signature. Defender for Endpoint will automatically find those, quarantine them for me, and alert me to what it did. It gives me "automated eyes.""

"This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them."

"The main features of this solution are that it handles everything by itself and is well integrated."

"The best feature is the fact that for certain mobiles you can control your corporate profiles versus your personal profiles. That is amazingly important. Apple just supported the separation of corporate and personal profiles, whereas Android has been doing that for quite some time... Because Android supports that, if an Android phone is lost or stolen, I can wipe out all the corporate-related information from that phone and not touch the personal side. I can separate the apps and I can separate the ability to cut and paste between apps."

"The most valuable feature is its ability to effectively detect threats. It has the EDR feature, endpoint detection and response, and that is very good."

"It's an enterprise solution that provides a centralized console and it supports all the platforms that we use, including Windows, Linux, Mac, iOS, and Android."

"The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."

More Microsoft Defender for Endpoint pros

"I like the processing feature on the product because it does everything at once, i.e, indexing, recovery, keyword searches, etc."

"Data Recovery: Its ability to repair damaged partitions and uncover hidden partitions from within the tool, and allow further analysis."

"The technical support is excellent."

"The solution is very stable."

"It speeds up the process, so I can meet my deadlines."

"It indexes much faster, and is more reflexive because of the Enscripts."

"The most important feature we've found is the Enscripts. That is one powerful feature that I, personally, love to use."

Cons

"There is a need for improvement in reducing false positives."

"I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product."

"Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed."

"One thing that was lacking in Defender was web filtering. Its web filtering wasn't as comprehensive. Sophos was a little bit better than Defender for blocking URLs or installing programs."

"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."

"Additional security would be beneficial."

"We'd like to see integrations with more vulnerability scanning solutions like Tenable."

"Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."

More Microsoft Defender for Endpoint cons

"Sometimes the application can take more time to complete the image processing or fail at the end of the process."

"In the past, incident response time for tech support was slow."

"There were minor UI bugs."

"We have come across problems with the end-case. We could not find an email discovery type of module and there was not flexibility with the email."

"I would like to see a capability to ingest and absorb more data. That would be really good. It currently is lacking this function."

"The reporting is a bit unreliable. It needs to be better."

"Ease of use and learning curve need improvement."

Pricing and Cost Advice

"Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs."

"It is built into Windows 10. If our clients are using Microsoft Defender, the cost goes away for them."

"We have an enterprise agreement so from my perspective, this is a product that ships with Windows and it is not priced standalone."

"They are now doing it on an endpoint basis. It is based on the number of endpoints, which is good."

"AV solutions are pretty expensive because they are necessary, not just for protection, but many businesses need them to comply with regulatory bodies and receive accreditation. We recently purchased an E5 license, which gives us access to the entire Microsoft suite. I would say the pricing is competitive; most tools of this kind are similarly priced. There are minor differences between the competitors, but they aren't spectacularly different. Defender for Endpoint makes sense because all our solutions are in the same place, paid for with a single license. The subscription price is around £50 per user per month, though it may have increased slightly."

"I got it with the Microsoft Windows license."

"Microsoft Defender is an expensive product in my country."

"Because Microsoft Defender comes as an add-on, it can be a bit expensive if you're trying to buying it separately. Another option is to upgrade, but the enterprise licenses for Microsoft can also be quite a bit pricey. Overall, the cost of Microsoft Defender compared to that of other endpoint detection solutions is slightly higher."

More Microsoft Defender for Endpoint pricing and cost advice

"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."

"EnCase is an affordable solution."

"The product is affordable and user-friendly."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

867,676 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Government

Manufacturing Company

Financial Services Firm

Performing Arts

13%

Computer Software Company

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	79
Midsize Enterprise	34
Large Enterprise	87

By reviewers
Company Size	Count
Small Business	2
Midsize Enterprise	2
Large Enterprise	3

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

What is your experience regarding pricing and costs for OpenText EnCase eDiscovery?

I rate the product’s pricing a five out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with OpenText EnCase eDiscovery?

The solution could improve productivity.

See all answers

What is your primary use case for OpenText EnCase eDiscovery?

We have experience in engineering and capital projects. It is an add-on to extend project and asset management documentation.

See all answers

Comparisons

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Compared 5% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 5% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 4% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 4% of the time

Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

BigFix vs OpenText EnCase eDiscovery

Compared 25% of the time

Nuix eDiscovery vs OpenText EnCase eDiscovery

Compared 23% of the time

Trellix Endpoint Security Platform vs OpenText EnCase eDiscovery

Compared 22% of the time

CrowdStrike Falcon vs OpenText EnCase eDiscovery

Compared 15% of the time

Exterro vs OpenText EnCase eDiscovery

Compared 14% of the time

More OpenText EnCase eDiscovery Competitors

Product Reports

Buyer's Guide

Microsoft Defender for Endpoint

August 2025

Download Microsoft Defender for Endpoint product report

Buyer's Guide

eDiscovery

August 2025

Download OpenText EnCase eDiscovery product report

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

EnCase eDiscovery

Interactive Demo

Microsoft

Demo not available

OpenText

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

eDiscovery collection tools address the rise in dispersed and remote workforces, the proliferation of mobile devices and new sources of data. Comprehensively collecting data across all data sources, including endpoints, such as desktops and laptops, is critical to defensibility. Collection analytics and culling is key to efficient digital investigations, narrowing the document collection to drive down the cost of legal review.

With OpenText™ EnCase™ eDiscovery, organizations can streamline the collection, culling and preservation of data across diverse sources in a single efficient process.

OpenText

Sample Customers

Petrofrac, Metro CSG, Christus Health

Ontario Ministry of Government, Aerospace Company, Chesterfield Police Department

Buyer's Guide

Endpoint Protection Platform (EPP)

September 2025

Download Free Report

Find out what your peers are saying about Microsoft, CrowdStrike, SentinelOne and others in Endpoint Protection Platform (EPP). Updated: September 2025.

DOWNLOAD NOW

867,676 professionals have used our research since 2012.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.