Microsoft Defender Antivirus is the next-generation protection component of Microsoft Defender for Endpoint (Microsoft Defender for Endpoint).
Although you can use a non-Microsoft antivirus solution with Microsoft Defender for Endpoint, there are advantages to using Microsoft Defender Antivirus together with Defender for Endpoint. Not only is Microsoft Defender Antivirus an excellent next-generation antivirus solution, but combined with other Defender for Endpoint capabilities, such as endpoint detection and response and automated investigation and remediation, you get better protection that’s coordinated across products and services.
11 reasons to use Microsoft Defender Antivirus together with Microsoft Defender for Endpoint
# | Advantage | Why it matters |
---|---|---|
1 | Antivirus signal sharing | Microsoft applications and services share signals across your enterprise organization, providing a stronger single platform. See Insights from the MITRE ATT&CK-based evaluation of Microsoft Defender for Endpoint. |
2 | Threat analytics and your score for devices | Microsoft Defender Antivirus collects underlying system data used by threat analytics and Microsoft Secure Score for Devices. This provides your organization’s security team with more meaningful information, such as recommendations and opportunities to improve your organization’s security posture. |
3 | Performance | Microsoft Defender for Endpoint is designed to work with Microsoft Defender Antivirus, so you get better performance when you use these offerings together. Evaluate Microsoft Defender Antivirus and Microsoft Defender for Endpoint. |
4 | Details about blocked malware | More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender for Endpoint. Understand malware & other threats. |
5 | Network protection | Your organization’s security team can protect your network by blocking specific URLs and IP addresses. Protect your network. |
6 | File blocking | Your organization’s security team can block specific files. Stop and quarantine files in your network. |
7 | Attack Surface Reduction | Your organization’s security team can reduce your vulnerabilities (attack surfaces), giving attackers fewer ways to perform attacks. Attack surface reduction uses cloud protection for a number of rules. Get an overview of attack surface reduction. |
8 | Auditing events | Auditing event signals are available in endpoint detection and response capabilities. (These signals are not available with non-Microsoft antivirus solutions.) |
9 | Geographic data | Compliant with ISO 270001 and data retention, geographic data is provided according to your organization’s selected geographic sovereignty. See Compliance offerings: ISO/IEC 27001:2013 Information Security Management Standards. |
10 | File recovery via OneDrive | If you are using Microsoft Defender Antivirus together with Office 365, and your device is attacked by ransomware, your files are protected and recoverable. OneDrive Files Restore and Windows Defender take ransomware protection one step further. |
11 | Technical support | By using Microsoft Defender for Endpoint together with Microsoft Defender Antivirus, you have one company to call for technical support. Troubleshoot service issues and review event logs and error codes with Microsoft Defender Antivirus. |