Microsoft Defender for Endpoint vs Morphisec comparison

Microsoft Defender for Endp...

Read 21 Morphisec reviews

1,136 Views
655 Comparison Views

100% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Morphisec and Microsoft Defender for Endpoint compete in the endpoint security category. Morphisec leads in pricing and support, while Microsoft Defender for Endpoint has an edge in features.

Features: Morphisec is known for its lightweight agent, minimal system impact, and suitability for small to mid-sized environments. Microsoft Defender for Endpoint offers a broad range of threat detection capabilities, better integration with Microsoft environments, and is preferred for large-scale deployments.

Room for Improvement: Users of Morphisec suggest enhancements in advanced threat intelligence, expanded reporting, and possibly more scalability features. Users of Microsoft Defender for Endpoint see a need for performance optimization, lower false positives, and a more user-friendly interface.

Ease of Deployment and Customer Service: Morphisec is highlighted for its straightforward deployment process and responsive customer support. Microsoft Defender for Endpoint's deployment is more complex due to its extensive feature set, but users value the comprehensive documentation and strong support channels.

Pricing and ROI: Morphisec is considered cost-effective with a quick setup process, providing high ROI for smaller organizations. Microsoft Defender for Endpoint, though pricier, is justified by its advanced features and extensive protection capabilities, resulting in substantial ROI for larger enterprises.

To learn more, read our detailed Microsoft Defender for Endpoint vs. Morphisec Report (Updated: May 2025).

Microsoft Defender for Endpoint vs. Morphisec

Download the complete report

Helped 851,604 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Defender for Endp...

Ranking in Endpoint Protection Platform (EPP)

1st

Ranking in Advanced Threat Protection (ATP)

2nd

Ranking in Endpoint Detection and Response (EDR)

3rd

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

197

Ranking in other categories

Anti-Malware Tools (1st), Microsoft Security Suite (5th)

Morphisec

Ranking in Endpoint Protection Platform (EPP)

56th

Ranking in Advanced Threat Protection (ATP)

34th

Ranking in Endpoint Detection and Response (EDR)

58th

Average Rating

9.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Vulnerability Management (61st), Cloud Workload Protection Platforms (CWPP) (37th), Threat Deception Platforms (14th)

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Microsoft Defender for Endpoint is 10.8%, down from 14.4% compared to the previous year. The mindshare of Morphisec is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

AnuragSrivastava

Information Security Engineering Lead at a energy/utilities company with 10,001+ employees

Provides detailed visibility into threats but the ability to add exceptions needs improvement

One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Read full review

Islam Shaikh

Senior Manager - IT at IndiGrid Limited

Lightweight, detects everything quickly, and takes corrective action

We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Microsoft Defender for Endpoint's most valuable feature is its ease of use."

"The intelligence mechanisms are good."

"It is quite stable. We have not had any cases, i.e., viruses, that would require a reboot, etc. We have never had a situation where we needed to reinstall the tools as a result of the Defender application or a feature being corrupt."

"I've started to test it from the security point of view. There are plenty of features that are interesting, but at this time, the XDR functionality is most valuable. It is endpoint security on steroids."

"The most valuable features of Microsoft Defender for Endpoint are the ease of use and it was available within the operating system."

"The solution is highly scalable."

"The attack surface reduction rules are the most valuable. We're able to have unattended remediation actions when the solution works side by side with a local antivirus like Microsoft Defender or Kaspersky. The attack surface reduction rules help us to proactively block and stop threats."

"Its threat intelligence feature is beneficial. This solution smoothly integrates with SIEM."

More Microsoft Defender for Endpoint pros

"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."

"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."

"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."

"Morphisec has enabled us to become a lot less paranoid when it comes to staff clicking on things or accessing things that they shouldn't that could infect the whole system. Our original ransomware attack that happened came from someone's Google drive and then just filtered on through that. It has put our minds at ease a lot more in running it. It's also another layer of security that has been proven to be effective for us."

"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."

"Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment."

"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."

"Morphisec is a straightforward solution that is efficient and very stable."

More Morphisec pros

Cons

"Sometimes the software doesn't work the way we expect it to, and in those cases, we can't communicate with a device because it may be infected."

"The solution could be more friendly for end-users, with different type of scans or scheduled scans for it."

"I would like to see integrations with other products, such as Spunk and other CM solutions. That would create possibilities for me, and for a SOC, to consolidate all events in an older console, not one provided by Microsoft but provided by a third party, and use it to create more insights."

"Right now, the solution provides some recommendations on the dashboard but we don't have any priorities. It's a mix of all the vulnerabilities and all the security recommendations. I would like to see some priority or categorization of high, medium, and low so that we can fix the high ones first."

"Microsoft Defender for Endpoint can improve by making the reporting faster. It takes some time to reflect back to the administration portal of what has been updated. For example, out of 100 Computers, approximately 90 computers received updates, but when you check the administration portal over one or two days, you will only see 75, even though 90 were updated."

"My main issue with the tool is that there are too many menus. This causes a steep learning curve for those without training or unfamiliar with Defender for Endpoint. From an end-user perspective, the solution is there on the machine and does its job; it works seamlessly. However, as a security professional dealing with it behind the scenes, the learning curve can be steep, but not too steep. Still, it has taken some of my analysts up to a month to get familiar with the product."

"Some of the integrations that Defender should include involve the use of the web app."

"The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads."

More Microsoft Defender for Endpoint cons

"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."

"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."

"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."

"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."

"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."

"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."

"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."

"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."

More Morphisec cons

Pricing and Cost Advice

"The price was a problem for me three years ago, but they improved their E3, E5, and a la carte licensing. In other words, you have to get all of E5. That used to be a problem because you had E3, Defender, and guardrails, but you needed an E5 license to get the management suite and the analytics. It's more flexible now. You can switch from a la carte to the entire suite when it starts to make sense. It's becoming more economically competitive to go that route."

"They are now doing it on an endpoint basis. It is based on the number of endpoints, which is good."

"You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection."

"I got it with the Microsoft Windows license."

"Because Microsoft Defender comes as an add-on, it can be a bit expensive if you're trying to buying it separately. Another option is to upgrade, but the enterprise licenses for Microsoft can also be quite a bit pricey. Overall, the cost of Microsoft Defender compared to that of other endpoint detection solutions is slightly higher."

"We have an enterprise agreement so from my perspective, this is a product that ships with Windows and it is not priced standalone."

"Its price at the moment is very good because you get a lot of value for your money, especially with the subscriptions. If you have the E1, E3, or E5 enterprise subscription, you pay per month per user, and you get almost an infinite number of solutions. If you compare the price to the number of solutions that you get, it is a very good deal."

"I'm not too familiar with costs as I'm an architect, though I know about online pricing, as I help two teams with online purchasing and procurement. Nowadays, everyone has an enterprise agreement, such as an E3 license, which we provide to our customers."

More Microsoft Defender for Endpoint pricing and cost advice

"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."

"The pricing is definitely fair for what it does."

"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."

"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."

"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."

"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."

"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."

"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."

More Morphisec pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

851,604 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

24%

Computer Software Company

12%

Government

Financial Services Firm

Outsourcing Company

15%

Computer Software Company

13%

Financial Services Firm

12%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

Ask a question

Earn 20 points

Comparisons

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Compared 8% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 5% of the time

Microsoft Intune vs Microsoft Defender for Endpoint

Compared 4% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 4% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

CrowdStrike Falcon vs Morphisec

Compared 31% of the time

Halcyon vs Morphisec

Compared 14% of the time

SentinelOne Singularity Complete vs Morphisec

Compared 12% of the time

Hyver vs Morphisec

Compared 7% of the time

CrowdStrike Falcon Cloud Security vs Morphisec

Compared 4% of the time

More Morphisec Competitors

Product Reports

Microsoft Defender for Endpoint

Download Microsoft Defender for Endpoint product report

Download Morphisec product report

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

Morphisec, Morphisec Moving Target Defense

Interactive Demo

Microsoft

Demo not available

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
Memory Morphing: Hides processes to reduce attack surfaces
Signatureless Protection: Prevents threats without impacting performance
Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

Quick Deployment: Fast setup without disrupting operations
Enhanced Protection: Provides an additional defense layer against advanced threats
Cost-Effectiveness: Works with existing licenses, minimizing extra investments
Improved Compatibility: Integrates smoothly with current antivirus systems
Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Sample Customers

Petrofrac, Metro CSG, Christus Health

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center

Microsoft Defender for Endpoint vs. Morphisec