Microsoft Security Product Hub

Defender for Endpoint


Prevent, detect, investigate and respond to advanced threats at your organisation's endpoints through preventative protection, post-breach detection, automated investigation and response. Defender for Endpoint (previously known as Defender ATP) is a cloud based detection, response and vulnerability service. Capabilities include risk-based vulnerability management and assessment attack surface reduction, behavior-based next-generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.

Defender for Endpoint supports Windows, macOS, Android, iOS and Linux.


  • Reduce attack surface across end user Windows, Mac, Android and iOS devices
  • Quickly discover, prioritise, and remediate vulnerabilities and misconfigurations
  • Get deep knowledge, advanced threat monitoring, analysis, and support to identify critical threats in your unique environment
  • Automatically investigate alerts and remediate complex threats
  • Defend against never-before-seen threats with next-generation protection
Secure Remote Work
Zero Trust