Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprises prevent, detect, investigate, and respond to advanced threats on their endpoints. Endpoints include laptops, phones, tablets, PCs, access points, routers, and firewalls.
Defender for Endpoint is part of Microsoft Defender XDR and can be integrated with other Microsoft solutions, including:
- Intune
- Microsoft Defender for Cloud
- Microsoft Defender for Cloud Apps
- Microsoft Defender for Identity
- Microsoft Defender for Office
- Microsoft Defender Vulnerability Management
- Microsoft Sentinel
Operating systems
Defender for Endpoint supports the following operating systems:
- Windows
- macOS
- Linux
- Android
- iOS
Licensing
Defender for Endpoint is available in three plans. You can find more information about these plans and additional Defender licenses in Microsoft 365 guidance for security & compliance.
- Microsoft Defender for Business - An endpoint security solution designed for small and medium-sized businesses.
- Defender for Endpoint Plan 1 - Provides core endpoint protection capabilities.
- Defender for Endpoint Plan 2 - A comprehensive endpoint protection solution that includes advance capabilities.
Defender for Endpoint capabilities
This section lists key Defender for Endpoint capabilities and provides links to more detailed information. To view a list of core capabilities and the operating systems that support them, see Supported Microsoft Defender for Endpoint capabilities by platform.
| Capability | Description |
|---|---|
| APIs | Automate Defender for Endpoint and integrate it into your existing workflows. |
| Attack surface reduction | Ensures endpoint settings are properly configured and secure, and that vulnerabilities are mitigated. Includes network protection and web protection, which regulate access to malicious IP addresses, domains, and URLs. |
| Automated investigation and remediation | Automatic investigation and remediation capabilities. |
| Endpoint Attack Notifications | Proactive hunting, prioritization, and insights that help identify and respond to threats. |
| Endpoint detection and response | Detect, investigate, and respond to advanced threats. Includes advanced hunting which provides a query-based threat-hunting tool that lets you proactively find breaches and create custom detections. |
| Microsoft Secure Score for Devices | Assess the security state of your network, identify unprotected systems, and take actions to improve your organization's security. |
| Next-generation protection | Catch and block all types of emerging threats. |
Privacy and compliance
Follow these links to learn more about privacy and compliance at Microsoft, and Defender for Endpoint.