Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Tanium comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
Tanium
Ranking in Endpoint Protection Platform (EPP)
37th
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
7.4
Reviews Sentiment
6.8
Number of Reviews
17
Ranking in other categories
Server Monitoring (10th), Vulnerability Management (22nd)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Microsoft Defender for Endpoint is 10.9%, down from 14.8% compared to the previous year. The mindshare of Tanium is 2.5%, up from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Q&A Highlights

 

Featured Reviews

AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
Ed Jarecki - PeerSpot reviewer
A scalable solution that helps to understand how infrastructure works
We use the tool as an infrastructure operational management solution.  The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization.  Any movement into a SaaS solution has challenges since the processes and data flows are not well…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is its ability to effectively detect threats. It has the EDR feature, endpoint detection and response, and that is very good."
"It's free. There is no additional cost. It's part of Windows."
"Web filtering is the most valuable feature of Microsoft Defender for Endpoint because it effectively maintains security for website access."
"This product is flexible, and it is very easy to get updates from the Microsoft website."
"One of the features which differentiates it from other EDR providers is the Automated Investigation and Response, which reduces the workload of SOC analysts or engineers. They don't have to manually investigate each and every alert on the endpoint, since it does so automatically. And you can automate the investigation part."
"The integration with all variations of Microsoft Defender, for Endpoint, 365, and Cloud is valuable."
"You have endpoint security to keep your devices safe. That's the feature that we're interested in."
"We can react to threats faster and stop them from spreading from one machine to another. It protects from suspicious email attachment downloads. It will lock down the SOC and the workstations."
"I would say Tanium is the best tool for vulnerability management."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"Tanium’s linear-chain architecture is valuable."
"The product is granular and can build complex roles compared to other EDR vendors."
"I like the tool's incident response and security patching."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"Tanium's most valuable feature is its instant discovery aspect."
 

Cons

"If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help."
"The scanning is slow when it is working with incoming emails."
"It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years."
"There are likely some technical improvements or features that could be added, however, I cannot say, off the top of my head, what they would be."
"Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."
"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."
"Microsoft Defender for Endpoint does not provide much flexibility in terms of threats."
"It is not very scalable from the eyes of an MSP because there is no dashboard that you can use to see all of your devices that have Windows Defender unless you have your own dashboard or an RMM tool to actually look at it. So, you might not get to know that a particular computer of a client is doing something, and it might have got a virus. That person might know that, but unless you set it up to actually send you the information, you won't get to know that. That's one of the things that is hard with Microsoft Defender. It is not made for the MSP world where you have one pane of glass to see all of your clients with Microsoft Defender on it unless your RMM tool already has that built-in and it can see the telemetry from Microsoft Defender."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"The solution can give a lot of false positives."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"We had some issues with the solution's OS upgrade."
"The solution lacks mobility."
 

Pricing and Cost Advice

"I pay for it through the Windows Professional or Standard license. It is a one-time cost for me, and I use the same license."
"The subscription is part of Windows, so we don't have to pay anything extra for this product."
"Microsoft Defender ATP is expensive."
"There is no licensing fee."
"The pricing is competitive."
"It came with Windows."
"You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection."
"When customers haven't deployed the solution and don't have licenses, it can be expensive to start from scratch."
"It's an expensive solution. It would be nice if the cost were lower."
"The solution offers value for money."
"It is higher than some competitors in the market."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"There is an annual license required to use this solution."
"The solution is expensive but it's a good investment."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
Financial Services Firm
17%
Government
13%
Computer Software Company
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
What do you like most about Tanium?
Tanium’s linear-chain architecture is valuable.
What needs improvement with Tanium?
When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, creat...
What is your primary use case for Tanium?
We primarily use Tanium for patching, focusing on vulnerabilities. Our major goal with Tanium is to patch based on vulnerabilities detected by our other vulnerability tools.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
No data available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Tanium and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.