In this series of blog posts, SecureSky will over time inventory the various Defender technologies and provide a brief overview and link to additional Microsoft documentation.

“Defender” used to be the name of Microsoft’s anti-virus software.

Now Microsoft’s branding strategy has switched to using “Defender for …” as a brand name for products across Microsoft’s security suite, including XDR technologies that prevent, detect, and respond to threats across identities, endpoints, applications, email, IoT, infrastructure, and cloud platforms.

While easy to understand from a unified branding approach, this has created confusion as buyers attempt to navigate what each (of dozens) “Defender for …” products does, how they overlap (both within the Microsoft ecosystem and with third-party technologies), and how they are purchased or subscribed to.

 

Technology Name Microsoft Defender for Endpoint
Previous Name(s) Microsoft Defender Advanced Threat Protection (MDATP)
Category Endpoint
Function(s)

Monitors endpoint (Windows, macOS, Linux, iOS, Android) behavior and analytics to prevent, detect, investigate, and respond to advanced threats, vulnerabilities, and misconfigurations

Plan 1

  • Attack surface reduction
  • Next generation protection
Plan 2
  • All plan 1 features
  • Threat and vulnerability management
  • Endpoint detection and response (EDR)
  • Auto investigation and remediation
  • Microsoft threat experts 
Cost Basis Per user (Plan 1 included in M365 E3 series, Plan 2 included in M365 E5 series, or on a standalone basis)
Microsoft Links

Overview Plan 1: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-worldwide 

Overview Plan 2: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide 

 


For more information about the Microsoft Defender product line, please feel free to contact us by completing our contact form or emailing info@securesky.com.