Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Tanium comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
Tanium
Ranking in Endpoint Protection Platform (EPP)
37th
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
7.4
Reviews Sentiment
6.5
Number of Reviews
16
Ranking in other categories
Server Monitoring (10th), Vulnerability Management (22nd)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Microsoft Defender for Endpoint is 10.9%, down from 14.8% compared to the previous year. The mindshare of Tanium is 2.5%, up from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Q&A Highlights

 

Featured Reviews

AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
Mo Vermeiren - PeerSpot reviewer
Is able to make several campaigns work in parallel, but the user interface needs improvement
It's mainly used by the cybersecurity team for Windows patching and deployment of some software solutions I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a very complete application. I have all the controls in one site. I can track emails, attacks, and threats, and I can research information. I really like this configuration because I have all the information in place."
"It's not really visible for the user - which is a benefit."
"The most valuable feature of Microsoft Defender for Endpoint is that it is embedded into the Windows system. Additionally, the performance is good and simple to maintain."
"There are a couple of features, such as isolating the devices or connecting the device and connecting live response."
"It's stable."
"The biggest benefit to Windows Defender is that it is built-in to the operating system by Microsoft."
"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."
"Because it has been integrated with the OS, we get the entire software inventories, and we even get access to the registries. Those are the primary features."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"Tanium's most valuable feature is its instant discovery aspect."
"The interrogation piece was the most valuable feature because it was very detailed."
"I would say Tanium is the best tool for vulnerability management."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
 

Cons

"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
"The product development team makes frequent changes that affect the stability of the solution."
"It would be helpful if they included XDR features, on top of the EDR functionality."
"I have accounts for administrators and corporate employees, but I also have accounts for students. I can't split these types of accounts. I need a separate configuration for both... I need to research how I can get alerts for only the administrative machines."
"We'd like the stability to be better."
"More integration with different platforms is an area for improvement for this product, and should be included in its next release."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"If they integrate with the EDR then it will benefit this solution."
"We had some issues with the solution's OS upgrade."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"Tanium’s scalability could be improved."
"The solution needs to improve the reporting and tracking capabilities."
"The reporting could be improved."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"The solution can give a lot of false positives."
 

Pricing and Cost Advice

"We mostly use Microsoft products. We use Office 365, and we use Azure. We're also a Microsoft partner. So, the licensing was much cheaper for us, and at the same time, a lot of the features that we were looking for were included in Defender."
"The solution comes as a part of Windows 10 and it is covered under its license."
"The license cost is around $35 per machine, which is not expensive compared to other products."
"Pricing for Microsoft Defender for Endpoint is competitive. Out of the bundle, you will get a lot of security, if I talk about Microsoft E5, for example, and get a lot of benefits. If the customer goes and purchases a different solution, it will cost more, so pricing for Microsoft Defender for Endpoint is quite reasonable at the moment. There isn't any challenge in terms of pricing, for example, I didn't see a customer who pulled back because of the price. Some prices could be negotiable, and sometimes, as a sales point, the two become negotiable, but they don't bill one and pull back because of the pricing. If you have an E5 license, you get everything."
"The price was a problem for me three years ago, but they improved their E3, E5, and a la carte licensing. In other words, you have to get all of E5. That used to be a problem because you had E3, Defender, and guardrails, but you needed an E5 license to get the management suite and the analytics. It's more flexible now. You can switch from a la carte to the entire suite when it starts to make sense. It's becoming more economically competitive to go that route."
"The pricing is competitive."
"The solution is free."
"You need a license to use this solution."
"It is higher than some competitors in the market."
"There is an annual license required to use this solution."
"The solution is expensive but it's a good investment."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"The solution offers value for money."
"It's an expensive solution. It would be nice if the cost were lower."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
27%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
Financial Services Firm
17%
Government
13%
Computer Software Company
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
What do you like most about Tanium?
Tanium’s linear-chain architecture is valuable.
What needs improvement with Tanium?
When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, creat...
What is your primary use case for Tanium?
We primarily use Tanium for patching, focusing on vulnerabilities. Our major goal with Tanium is to patch based on vulnerabilities detected by our other vulnerability tools.
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
No data available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Tanium and other solutions. Updated: February 2025.
844,944 professionals have used our research since 2012.