We performed a comparison between Microsoft Defender for Endpoint and Microsoft Purview based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have just started to implement it. It is useful for protection from malware and ransomware."
"We had certain compliance and usage issues. For example, our company wanted to go with CIS, but we didn't have a proper way of measuring whether the endpoints have the right standards in place or whether they were compliant with CIS. Microsoft Defender was like a one-stop for most things because it gave us the vulnerability and patching scores so that our vulnerability management teams can focus on covering up the vulnerabilities and the patching team can check the vulnerable versions and deploy the right versions."
"It shows us the risky sign-ins, and if a user's password has been compromised."
"It's not really visible for the user - which is a benefit."
"Microsoft Defender for Endpoint is different from other security tools because we can configure it to use multiple types of scanning or archiving."
"Defender provides useful alerts and groups them. It sends an alert to your portal if it detects any malicious activity, and you can group multiple alerts to form an incident."
"The fact that it's from Microsoft, you don't have many false positives, unlike products from other vendors might have."
"It is stable and very easy to use."
"My favorite features are eDiscovery and insider risk management, because these are the major threats to an organization that can't be easily traced."
"The custom classifications are one of the most valuable features."
"It is pretty early, but the decision to go with this investment was largely driven by the simplification of our information security technology management stack. That is the primary objective. Once you simplify and you have a connected structure, it allows for faster adoption there. It also gives us additional capabilities as we go on using the technology that we are familiar with, and we do not have to depend on outside parties to come in and tell us how to do certain things."
"Purview helps mitigate risk and allows us to govern the information being shared among apps and devices."
"We can prevent, block, or audit however we like."
"The most valuable feature is the tracking activity and device onboarding."
"The user interface is highly intuitive and user-friendly."
"Microsoft Purview is extremely stable."
"The biggest issue I had with Microsoft Defender for Endpoint was the antivirus and ransomware. I wanted central visibility over all the machines that we operate."
"If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help."
"In terms of improvements for their technical support, a focus on enhancing response times could be beneficial."
"Other vendors provide a lot of customization when it comes to integration, which every big organization requires. No big organization depends on one particular tool. Defender lacks that at this point."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"They should bring back the feature of a dedicated proxy device for communication to the cloud. As of now, all the agents are required to send the logs directly to the cloud. There should be a solution where you can put a proxy and all the logs are consolidated, like a forwarder."
"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."
"The technical support has room for improvement."
"he one thing it doesn't do is data quality."
"One drawback of Microsoft Purview, though it's beneficial and easy to use, is that when you start plugging in connectors for third-party sources when setting the solution up for data collection, it becomes a bit more tricky."
"Some of the menu headings may not be easy to understand for some people."
"The Microsoft Purview data connector platform, which supports ingestion from non-Microsoft data sources, can be somewhat complex."
"I lose a little bit of that control when we're talking about third-party connectors. Compliance-wise, I would like to see more ability to audit from a user perspective, where I could extrapolate what the user was thinking or trying to do."
"There are differences when looking at an incident in the M365 portal versus Purview, and the main one is the advanced hunting. In the M365 portal, you can write KQL queries and fetch data. If that was available in Purview, it would be very good."
"The custom data classification for the African region needs to be improved."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 6th in Microsoft Security Suite with 182 reviews while Microsoft Purview is ranked 7th in Microsoft Security Suite with 48 reviews. Microsoft Defender for Endpoint is rated 8.0, while Microsoft Purview is rated 7.6. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Microsoft Purview writes "User friendly with good documentation but needs to cover more non-Microsoft use cases". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks, whereas Microsoft Purview is most compared with Collibra Governance, Alation Data Catalog, Varonis Platform, Informatica Axon and Microsoft Intune. See our Microsoft Defender for Endpoint vs. Microsoft Purview report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.