Microsoft Defender for Endpoint vs Tanium comparison

Microsoft Defender for Endp...

Read 15 Tanium reviews

7,067 Views
4,877 Comparison Views

71% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Tanium and Microsoft Defender for Endpoint are both advanced endpoint security solutions. Microsoft Defender for Endpoint generally surpasses Tanium in several key areas, including integration and overall user satisfaction.

Features: Tanium is recognized for its comprehensive visibility and control over entire networks, powerful querying capabilities, and real-time data retrieval. Microsoft Defender for Endpoint is noted for its integration with the Microsoft ecosystem, advanced threat analytics, and automated investigations. Users find Defender’s feature set more aligned with modern security needs.

Room for Improvement: For Tanium, users see a need for improved scalability, a more intuitive learning curve, and reduced complexity. Microsoft Defender for Endpoint users mention the desire for enhanced reporting capabilities, reduced false positives, and continuous improvement in integration options.

Ease of Deployment and Customer Service: Deploying Tanium can be complex, requiring significant IT expertise and strong initial configuration efforts. Its customer service is robust but sometimes slow. Microsoft Defender for Endpoint offers smoother and more straightforward deployment, especially within Windows environments, and generally receives higher marks for its customer support responsiveness.

Pricing and ROI: Tanium’s pricing is considered high, with significant upfront and ongoing costs but can deliver strong ROI with effective use. Microsoft Defender for Endpoint is seen as more cost-effective, with lower initial costs and better integration with existing Microsoft products, providing a compelling ROI for many organizations.

To learn more, read our detailed Microsoft Defender for Endpoint vs. Tanium Report (Updated: November 2024).

Microsoft Defender for Endpoint vs. Tanium

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

Microsoft Defender for Endp...

Ranking in Endpoint Protection Platform (EPP)

1st

Ranking in Endpoint Detection and Response (EDR)

2nd

Average Rating

8.0

Reviews Sentiment

7.1

Number of Reviews

190

Ranking in other categories

Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (6th)

Tanium

Ranking in Endpoint Protection Platform (EPP)

35th

Ranking in Endpoint Detection and Response (EDR)

26th

Average Rating

7.4

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Server Monitoring (10th), Vulnerability Management (23rd)

Mindshare comparison

As of December 2024, in the Endpoint Protection Platform (EPP) category, the mindshare of Microsoft Defender for Endpoint is 11.5%, down from 15.9% compared to the previous year. The mindshare of Tanium is 2.4%, up from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Q&A Highlights

ArindamPal

Works

Apr 04, 2022

How would you compare between Microsoft Defender for Endpoint and Tanium EDR?

I don't. I prefer Cynet to both of them.

Easy to update with good protection and a useful cloud portal

Featured Reviews

Sudhen Swami

Senior Enterprise Architect at MTVH

We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.

Read full review

Mo Vermeiren

Cybersecurity Business & Technology Consultant at Capgemini

Is able to make several campaigns work in parallel, but the user interface needs improvement

It's mainly used by the cybersecurity team for Windows patching and deployment of some software solutions I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution's main antivirus capabilities are okay. So far, they have kept us safe."

"DFE organizational security posture has been a positive experience. We're a Microsoft house. It works. Once it's deployed and once it's configured, it works and our clients tend to be happy with it. I haven't really experienced anyone who has been so unsatisfied with the platform that they wanted to go a couple of different directions, that has never happened to me."

"Its simplicity is the most valuable. It also has very good integration. We like it."

"It's an enterprise solution that provides a centralized console and it supports all the platforms that we use, including Windows, Linux, Mac, iOS, and Android."

"Because it has been integrated with the OS, we get the entire software inventories, and we even get access to the registries. Those are the primary features."

"The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use."

"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."

"It is easy to install and use requiring little maintenance but applying updates."

More Microsoft Defender for Endpoint pros

"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."

"The product is granular and can build complex roles compared to other EDR vendors."

"The interrogation piece was the most valuable feature because it was very detailed."

"Tanium's most valuable features are patch management, inventory, and distribution software."

"Tanium's most valuable feature is its instant discovery aspect."

"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."

"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."

"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."

More Tanium pros

Cons

"The interface could be improved."

"The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices."

"I would just like them to have more consistency, and that's a comment that's across the board with Microsoft. They change things a lot."

"We need better support to learn about the product. Documentation is available, but we need some kind of training program so that we can get a better understanding of the product."

"I had some cases a while back and told an agent my issue. When I called the next day, I had to explain everything again to a different person, so I found it annoying to repeat myself all over."

"I'm not too sure of its current capabilities, but I'm pretty sure they are doing a good job on Windows and Mac. However, I'm not sure whether they covered Linux. If I remember correctly, Microsoft Defender didn't have anything proper on Linux back then, but if they have improved it from that aspect, it would already be ticking all the boxes."

"The scalability could be improved - I would rate it between a seven and an eight."

"It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement."

More Microsoft Defender for Endpoint cons

"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."

"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."

"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."

"The solution lacks mobility."

"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."

"We had some issues with the solution's OS upgrade."

"The reporting could be improved."

"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."

More Tanium cons

Pricing and Cost Advice

"I do not have to purchase antivirus solutions anymore because Microsoft Defender for Endpoint is integrated into Windows and comes free."

"Microsoft Defender for Endpoint is more affordable compared to some other endpoint solutions."

"This is an expensive product and licensing for all Microsoft products is a big issue."

"We have a bundle where the price includes all Microsoft products."

"We have an enterprise agreement so from my perspective, this is a product that ships with Windows and it is not priced standalone."

"For me, the pricing is very good, but for management it's very expensive. Other solutions are less expensive. But when I present all the information and all the reports they say, "Well, it's expensive, but the cost-benefit is very good.""

"It came with Windows."

"The license cost is around $35 per machine, which is not expensive compared to other products."

More Microsoft Defender for Endpoint pricing and cost advice

"There is an annual license required to use this solution."

"The product's pricing differs from region to region depending on negotiations and the number of endpoints."

"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."

"The solution offers value for money."

"The solution is expensive but it's a good investment."

"It's an expensive solution. It would be nice if the cost were lower."

"It is higher than some competitors in the market."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

27%

Computer Software Company

12%

Government

Financial Services Firm

17%

Government

13%

Computer Software Company

11%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

What do you like most about Tanium?

Tanium’s linear-chain architecture is valuable.

What needs improvement with Tanium?

The reporting could be improved.

What is your primary use case for Tanium?

We collect end-point data. We use it to make AI models and provide it to customers. I use Tanium’s sensors, collect data, and develop dashboards. The sensors have many data types. If we need differ...

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Comparisons

Compared 8% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 5% of the time

Microsoft Intune vs Microsoft Defender for Endpoint

Compared 4% of the time

Trellix Endpoint Security vs Microsoft Defender for Endpoint

Compared 4% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 2% of the time

More Microsoft Defender for Endpoint Competitors

CrowdStrike Falcon vs Tanium

Compared 18% of the time

Microsoft Configuration Manager vs Tanium

Compared 9% of the time

ServiceNow Discovery vs Tanium

Compared 7% of the time

BigFix vs Tanium

Compared 5% of the time

Qualys VMDR vs Tanium

Compared 5% of the time

More Tanium Competitors

Product Reports

Microsoft Defender for Endpoint

Download Microsoft Defender for Endpoint product report

Download Tanium product report

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

No data available

Learn More

Microsoft

Interactive Demo

Microsoft

Demo not available

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Tanium Endpoint Platform reduces security risk, improves agility & increases efficiency, a fundamentally new approach to endpoint security's threat detection, indicent response, vulnerability assessment and configuration compliance & with management's software distribution, asset utilization, asset inventory and patch management.

Sample Customers

Petrofrac, Metro CSG, Christus Health

JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life

Microsoft Defender for Endpoint vs. Tanium