No more typing reviews! Try our Samantha, our new voice AI agent.

Microsoft Defender for Endpoint vs VIPRE Endpoint Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
212
Ranking in other categories
Advanced Threat Protection (ATP) (5th), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (3rd)
VIPRE Endpoint Security
Ranking in Endpoint Protection Platform (EPP)
52nd
Average Rating
7.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 6.8%, down from 10.5% compared to the previous year. The mindshare of VIPRE Endpoint Security is 0.6%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Microsoft Defender for Endpoint6.8%
Cortex XDR by Palo Alto Networks3.8%
VIPRE Endpoint Security0.6%
Other88.8%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Robert Arbuckle - PeerSpot reviewer
Security Analyst III at a healthcare company with 10,001+ employees
Automatically isolates threats and integrates with logging to reduce response time
Overall, I would evaluate the Microsoft support level that I receive at probably about a seven, but that depends on the day. It has been spotty. We have had issues where the urgency level of the Microsoft support is not as high as ours, especially during a data breach or potential data breach situation. We have had issues with some of the offshore support being lackluster. One specific thing that comes to mind is we were on a support call with our CISO on the call, and the Microsoft agent, who did not actually work for Microsoft, is one of the vendors that Microsoft uses for support, said, "Just to set expectations, my lunch break is in an hour and I am going to go away then." For us, it was already ten o'clock at night and we had been working on this for a couple of hours, trying to get a security engineer on with us. For him to tell us that he was going to go away and have lunch, it was, "Okay, but go find somebody else if you need to." It was just the lackluster approach, and it seemed like he did not really care. We seem to get a lot of this when we get non-Microsoft support. I can identify areas for improvement with Microsoft Defender for Endpoint, as it is kind of a convoluted mess to try to take care of false positives. Especially when they have been identified as false positives but they keep going off over and over again. It is great for my pocketbook because it generates a lot of on-call action, but I would really prefer more sleep at two o'clock in the morning than dealing with false positives. I would say that the unified portal for managing Microsoft Defender for Endpoint is suitable for both teams as they are all in there. It would be great if they would stop moving things around and renaming things, which makes sense. The new XDR portal is pretty nice. Being able to have it central again inside of the regular Security Center without having to open up two windows is helpful. Overall, I think it is pretty good. There is always going to be something that could be improved, such as alerting and the ability to modify alerts would be a little bit helpful to have. Being able to add more data into the alerts and turn off alerts that are not as useful would be beneficial. It is hard to say what the quantitative impact the security exposure management feature has had on our company's security, because a lot of it is kind of subjective. I think we are sitting at around a fifty percent score still, and a lot of it is just kind of unusual circumstances that we cannot really implement without breaking the organization.
SS
IT Security Analyst at a healthcare company with 11-50 employees
Easy to upgrade and manage but needs better reporting
There just was a lot about it that I didn't like. For blocking certain items, such as USBs, we felt like it was slowing down the network too much. Therefore we utilized a GPO for blocking things like that instead. Our environment was big and I didn't feel like the console did a good enough job. We outgrew the product. I've been asking for a change for a couple of years now, and it finally got approved. In terms of the console, I had over 2000 endpoints in there and there wasn't even a search feature for me to look through them. If I had to find where a policy was I had to sort in alphabetical order to find an endpoint that I wanted. They need to offer a search function within the console - maybe something that shows a "last connected" notice. That way, it's easier to manage obsolete machines that you don't need anymore. They had a very vague setting, like after so many days, when do you want us to remove these, you'd see them. I just wish the console was a little more responsive when I would do commands. The reports could have been better. The product would show a lot of endpoints as not communicating. That was another pain point. We constantly had to run an SQL query to clean up the database as I would know immediately when I was in the console, that it just wasn't being responsive. I could tell I was being given bad data and that we had to clean up the database. As soon as I would clean up that database, it was like a purging of the SQL database and it would become a lot more responsive. The problem was that our environment was too big. We're going through a growth spurt right now. In the end, the solution is small and much better suited for a small business. We would get a lot of false positives and instead of them fixing the false positive, they would just want us to put in an exception, which I didn't care for. The product is based on an older model of signature files. It doesn't use any artificial intelligence or anything. It was slow to refresh the policies and computer scans. The larger we got, the more it became an issue. If a company stayed small, I'm not sure if they would have noticed.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"From the Palo Alto side, whatever they buy, they integrate that really well into their integration suite, and that makes a massive difference."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities."
"Cortex XDR features advanced threat detection capabilities."
"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR."
"Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"Defender for Endpoint saves me a lot of time because I have all the alerts and information in one application."
"The best feature is the fact that for certain mobiles you can control your corporate profiles versus your personal profiles. That is amazingly important. Apple just supported the separation of corporate and personal profiles, whereas Android has been doing that for quite some time... Because Android supports that, if an Android phone is lost or stolen, I can wipe out all the corporate-related information from that phone and not touch the personal side. I can separate the apps and I can separate the ability to cut and paste between apps."
"Threat intelligence is one of the most valuable features in Microsoft Defender for Endpoint."
"Stability-wise, I have not had another product that has been as stable and has had fewer issues."
"What the Defender platform does is that it reduces the size of the haystack, and it'll say that the needle is over here."
"The solution's latest features for threat analysis are updated to provide us with future protection against the latest threats worldwide."
"This software is easy to use."
"Microsoft Defender for Endpoint is extremely stable."
"It has improved the way our organization functions, made things run faster in our company, and has done a fantastic job of keeping our networks free of virus."
"Technical support was always very helpful and responsive."
"It has low overhead as far as machine resources are concerned. Everything runs faster with VIPRE installed versus some of the competitors. It has also been pretty easy to use. It just runs and gives us reports. It also sends us alerts when there is something that we need to look at. It does its job, and you just look at the reports. In other ways, you just forget that it is there."
"In general, it was pretty easy to manage."
 

Cons

"Cortex XDR by Palo Alto Networks is a very good product, but financially, it is very expensive, so the company should look into that area."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"The solution could improve by providing better integration with their own products and others."
"It takes time to scan the servers and devices."
"I would like to see some additional features related to email protection included."
"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."
"The connection to the internet has not performed as expected."
"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"The solution could be more friendly for end-users, with different type of scans or scheduled scans for it."
"It makes your Surface devices hot. It is resource-intensive."
"We'd like to see integrations with more vulnerability scanning solutions like Tenable."
"Windows Defender, which is just a free version, is not as effective. It doesn't have deep support or deep protection."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"The application control feature requires improvement."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"Microsoft Defender could be improved with features more like the McAfee ePO. It would be better if I had a console to get all the information for my endpoints. Maybe this is too much for it, but it would be better if it could handle those non-signature-based malicious codes or viruses."
"Their management interface is a little buggy. It requires a few system resources on the management interface. Its reporting can also be better. Overall, the reports are pretty good. They patch some third-party software, but if they can expand what they do for reporting and patch enterprise software, it would be handy."
"Their management interface is a little buggy as it will hang up and crash from time to time."
"We would get a lot of false positives and instead of them fixing the false positive, they would just want us to put in an exception, which I didn't care for."
 

Pricing and Cost Advice

"The solution is expensive. It's pricing is on a yearly-basis."
"Very costly product."
"The cost depends on your chosen license type, like Pro or other licenses."
"It is "expensive" and flexible."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"Cortex XDR’s pricing is very reasonable."
"It has reasonable pricing for the use cases it provides to the company."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"The subscription is part of Windows, so we don't have to pay anything extra for this product."
"There is an annual license required."
"The solution is included with Microsoft Windows."
"Pricing can always be lower."
"When compared with other vendors, the pricing is very high."
"You need a license to use this solution."
"There is no licensing fee."
"The licensing costs for Microsoft Defender for Endpoint are reasonable."
"Its price point has been phenomenal. Our previous solution from Trend Micro was triple the cost of it."
"Its price point has been phenomenal. Our previous solution from Trend Micro was triple the cost of it."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
903,067 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
10%
Financial Services Firm
10%
Computer Software Company
9%
Comms Service Provider
8%
Comms Service Provider
16%
University
9%
Computer Software Company
8%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business82
Midsize Enterprise45
Large Enterprise96
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior sol...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...
What is your experience regarding pricing and costs for Microsoft Defender for Endpoint?
We have been discussing pricing, setup cost, and licensing, and we are currently on an E3. We are discussing going to...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
VIPRE Cloud, VIPRE Endpoint Security Cloud Edition, VIPRE Endpoint Security Server Edition
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Petrofrac, Metro CSG, Christus Health
College Station ISD, Mid-West Companies, Guardian Network Solutions
Find out what your peers are saying about Microsoft Defender for Endpoint vs. VIPRE Endpoint Security and other solutions. Updated: June 2026.
903,067 professionals have used our research since 2012.