List of Microsoft Defender ATP Customers
Redmond, 98052-6399, WA,
United States
Since 2010, our global team of researchers has been studying Microsoft Defender ATP customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Microsoft Defender ATP for Endpoint Detection and Response (EDR) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Microsoft Defender ATP for Endpoint Detection and Response (EDR) include: John Sisk & Son, a Ireland based Construction and Real Estate organisation with 2500 employees and revenues of $614.0 million, University of South Carolina, a United States based Education organisation with 1600 employees and revenues of $380.0 million, Mikron Holding, a Switzerland based Manufacturing organisation with 1327 employees and revenues of $310.0 million and many others.
Contact us if you need a completed and verified list of companies using Microsoft Defender ATP, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The Microsoft Defender ATP customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
John Sisk & Son | Construction and Real Estate | 2500 | $614M | Ireland | Microsoft | Microsoft Defender ATP | Endpoint Detection and Response (EDR) | 2020 | Threatscape |
In 2020, John Sisk & Son deployed Microsoft Defender ATP as part of a Microsoft 365 E5 security consolidation to strengthen Endpoint Detection and Response (EDR) capabilities for its security operations. The Microsoft Defender ATP deployment centralized endpoint protection, detection, and investigation for the companys security and IT teams.
The implementation configured Microsoft Defender ATP functional capabilities including continuous endpoint behavioral sensors, cloud analytics for threat detection, automated investigation and remediation workflows, and endpoint to identity telemetry. These modules were tuned to support a mobile workforce and to surface richer alerts for SOC investigation and response.
Integration scope aligned Defender ATP telemetry with the Microsoft 365 E5 signal set and SOC processes, enabling correlated alerts across endpoints and identities. Operational coverage encompassed security and IT teams in Ireland and the UK, with SOC operations ingesting endpoint telemetry for monitoring, investigation, and response.
Threatscape led the rollout, completing implementation, configuration, tuning, and SOC onboarding in about three months. The rollout reduced time to detect and time to respond and provided the SOC with richer telemetry across endpoints and identities.
|
 |
Mikron Holding | Manufacturing | 1327 | $310M | Switzerland | Microsoft | Microsoft Defender ATP | Endpoint Detection and Response (EDR) | 2019 | baseVISION Switzerland |
In 2019, Mikron Holding implemented Microsoft Defender Advanced Threat Protection, commonly referenced as Microsoft Defender ATP, under the Endpoint Detection and Response (EDR) category as part of a broader Microsoft 365 E5 security rollout. The engagement was delivered with baseVISION Switzerland and focused on consolidating endpoint protection across Mikron's Windows 10 client estate and server footprint.
The implementation migrated server workloads and Windows 10 clients onto Microsoft Defender ATP, aligning endpoint detection, threat investigation, and response workflows with cloud telemetry from Microsoft 365 E5. Configuration emphasized centralized alerting and visibility, endpoint behavioral analytics, and automated investigation and remediation capabilities consistent with Endpoint Detection and Response (EDR) functional patterns.
Operational scope covered security and IT domains across Mikron's European sites and extended to global locations as part of the rollout, with governance centered on tool consolidation and unified incident handling under the security team. The project explicitly reduced the number of third party security tools across global sites and improved Mikron's security posture and visibility across endpoints and cloud assets.
|
 |
University of South Carolina | Education | 1600 | $380M | United States | Microsoft | Microsoft Defender ATP | Endpoint Detection and Response (EDR) | 2020 | n/a |
In 2020, the University of South Carolina introduced Microsoft Defender ATP as part of the Microsoft A5 security suite to enable system wide threat hunting, automated response, and improved endpoint and Office visibility. The implementation targeted security and IT operations across the university in South Carolina, United States, with a focus on incident detection and response workflows.
Microsoft Defender ATP, deployed as an Endpoint Detection and Response (EDR) solution, was configured to collect continuous endpoint telemetry, support proactive threat hunting, and execute automated remediation playbooks. The deployment emphasized expanded visibility into endpoints and Office activity, aligning the Microsoft Defender ATP capabilities with standard EDR functional terminology such as alert correlation, telemetry ingestion, and automated response orchestration.
The Defender deployment was integrated with ForeScout to enhance asset identification during incidents, enabling security teams to correlate alerts with impacted assets more rapidly. That integration supported incident narration across alerts and devices and reduced the time security teams spent identifying assets during incident investigations, improving the operational effectiveness of campus incident response.
Operational governance centered on embedding Defender for Endpoint telemetry into existing security operations and incident response workflows, with the security and IT organization operating the combined toolset. The implementation narrative highlights university level adoption of the Microsoft A5 security suite including Microsoft Defender ATP to strengthen endpoint detection and response capabilities within campus security operations.
|
Buyer Intent: Companies Evaluating Microsoft Defender ATP
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||