Forum Discussion
Microsoft Defender for Endpoint features
- Jun 15, 2024
Yes to all of the above, but note that some features will also depend on the license (E3 vs E5) type that you purchase. You and your users will get a lot more security tooling and available options if you have the E5 license.
M365Maps.com is your friend in getting a decent look at the tooling and available options to you depending on the license you require. Here is a link to the P1 vs P2 options (visual guide)
Also, here is the Microsoft documentation on MDE (Microsoft Defender for Endpoint)
Here’s a breakdown of whether Microsoft Defender for Endpoint includes the specified features and threat protection capabilities:
Features:
Anti-malware: Yes
MITRE Ingenuity ATT&CK Evaluation: Yes, provides insights into how Defender for Endpoint performs against MITRE ATT&CK techniques.
Ransomware Protection and Rollback: Yes
Behavior Monitoring and Machine Learning: Yes
Single Management Console: Yes
Incident Response Automation: Yes
Targeted Attack Detection: Yes
Enhanced Tamper Protection: Yes
Suspicious Behavior Detection: Yes
Advanced Deep Learning Mechanism: Yes
Threat Hunting: Yes
Endpoint Isolation: Yes
Malicious Traffic Detection: Yes (via integration with network protection features)
Threat Protection:
Mitigate Exploits in Vulnerable Applications: Yes (via exploit protection and application control)
Application Hijacking: Yes (via behavioral and heuristic detection)
Real-Time Scanning of Internet Resources: Yes (via web protection and real-time scanning features)
Real-Time Scanning of Local Files and Network Shares: Yes
Automatically Submit Malware Samples: Yes (through automatic sample submission for analysis)