Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-based vulnerability management.
We liked that Defender was configured on all computers that connected to the network. This helped us to protect all the computers without having to install them on each one of them. The centralized management was the best feature.
It was great at proactively monitoring threats. It was a bit inconvenient when the software did system scans on a client during business hours, at random. It was also difficult to run the SmartScreen feature and trying to install other software. We also found that it is impossible to delete a computer manually.
Palo Alto Cortex XDR is a solution for detection and response, integrating network, endpoint, and cloud data to prevent advanced threats. Cortex XDR uses behavioral analytics to detect threats and discover the root cause. It provides endpoint protection by blocking malware, exploits, and fileless attacks.
We were using Microsoft Defender but switched to Cortex because of the visibility it provides, with a complete picture of each attack that allows us to respond faster to alerts. We found it provides a wider range of scenarios, working on every device that can connect with the Internet.
However, Cortex could improve the context it gives to behavior-based alerts. We would also like to see an easier integration with Mac.
Conclusions
Microsoft Defender is best suited for Windows-based networks. It is currently difficult to implement and integrate with other environments, like Mac. While its centralized management is a good feature, it lacks flexibility. Cortex is easier to use, and the interface is more intuitive. It suited us most because of the flexibility of integration, and it excels in its prevention abilities.
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Endpoint and other solutions. Updated: February 2025.
Cortex XDR by Palo Alto Networks and Microsoft Defender for Endpoint compete in the cybersecurity domain. Cortex XDR seems to have the upper hand with its multi-layered security and advanced threat detection, while Microsoft Defender benefits from deep integration with Microsoft ecosystems.Features: Cortex XDR boasts advanced threat detection capabilities, a robust sandbox functionality, and a highly integrated security approach that supports various platforms, including off-network...
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-based vulnerability management.
We liked that Defender was configured on all computers that connected to the network. This helped us to protect all the computers without having to install them on each one of them. The centralized management was the best feature.
It was great at proactively monitoring threats. It was a bit inconvenient when the software did system scans on a client during business hours, at random. It was also difficult to run the SmartScreen feature and trying to install other software. We also found that it is impossible to delete a computer manually.
Palo Alto Cortex XDR is a solution for detection and response, integrating network, endpoint, and cloud data to prevent advanced threats. Cortex XDR uses behavioral analytics to detect threats and discover the root cause. It provides endpoint protection by blocking malware, exploits, and fileless attacks.
We were using Microsoft Defender but switched to Cortex because of the visibility it provides, with a complete picture of each attack that allows us to respond faster to alerts. We found it provides a wider range of scenarios, working on every device that can connect with the Internet.
However, Cortex could improve the context it gives to behavior-based alerts. We would also like to see an easier integration with Mac.
Conclusions
Microsoft Defender is best suited for Windows-based networks. It is currently difficult to implement and integrate with other environments, like Mac. While its centralized management is a good feature, it lacks flexibility. Cortex is easier to use, and the interface is more intuitive. It suited us most because of the flexibility of integration, and it excels in its prevention abilities.