Microsoft sells the Defender stack three ways. Inside M365 E5 as a bundled suite, inside the dedicated Defender plans as a standalone purchase, and through individual workload SKUs. Most enterprise estates carry an unintentional combination of all three. The result is duplicated entitlement on the same identity, an inflated per user cost that does not show up on the renewal proposal, and a security posture that depends on which licensing path was active when the project started. The choice between bundle and standalone is a per population decision, not an estate wide one, and the contracting work that protects it is more important than the unit math that justifies it.
The Defender portfolio includes endpoint protection, identity protection, email and collaboration protection, cloud app protection, and cloud workload protection. Microsoft sells the stack inside E5, inside the dedicated Defender bundle, and as individual workload SKUs. Each path carries a different unit price and a different attach footprint.
The E5 base SKU includes Defender for Endpoint Plan 2, Defender for Office Plan 2, Defender for Identity, and Defender for Cloud Apps. The bundle is paid for inside the per user E5 price.
The M365 E5 Security add on bundles the same four Defender workloads as an attach SKU on top of E3 or A3. Buyers running E3 attach the Defender suite to reach Defender coverage without paying for the rest of E5.
Each Defender workload is also sold as a standalone SKU. Defender for Endpoint Plan 2 at $5.20 per user. Defender for Office Plan 2 at $5.00 per user. Defender for Identity at $5.50 per user. Defender for Cloud Apps at $3.50 per user.
The decision is not a single answer for the estate. It is a per population decision determined by base SKU, workload coverage, and security operations maturity. Three rules surface the right path almost every time.
If the user is on E5 for productivity reasons, the Defender bundle is already paid for. Adding any standalone Defender attach to the same user is duplicated spend. The remediation is the removal of every standalone Defender SKU from the E5 population.
The duplicate attach pattern accounts for two to four percent of M365 spend in a typical Fortune 500 estate. The single line item correction is often the largest immediate recovery from a Defender rationalization pass.
For users on E3 with a full Defender stack requirement, the E5 Security add on at $12.00 per user is the right path. Stacking the four individual workloads sums to $19.20 per user. The bundle returns roughly thirty seven percent against the workload stack.
The exception is when only two of the four workloads are needed for the population. Two workload stacking can land below the bundle price. Three or four workloads always favor the bundle.
F3 users do not have access to the E5 Security add on at the same price. The Defender attach options for F3 populations are Defender for Endpoint Plan 1 at $2.00 per user, or the F5 Security add on at $8.00 per user which covers Defender for Endpoint Plan 2 and a subset of identity protection.
The F3 plus F5 Security stack is the right path for frontline populations that require endpoint and identity protection but do not need the full E5 Security suite.
Cross attach occurs when a user is licensed across multiple Microsoft tenants or across multiple base SKU classes. The Defender entitlement attaches to the identity, not the base SKU, when the licensing structure is correctly configured.
The remediation is the consolidation of Defender attach onto the primary identity. The secondary tenants or workloads carry no additional Defender SKU. The cleanup typically returns one to two percent of M365 spend on first pass.
The decision between bundle and standalone surfaces a renewal posture, not just a unit price. Three contract clauses protect the chosen path against the next round of Microsoft SKU repackaging and the buildup of duplicated attach inside the term.
The contracted price for the chosen Defender path is locked through the term, including the right to add seats at the negotiated unit price rather than the rate at the time of the add order.
When Microsoft renames, repackages, or splits a Defender SKU during the term, the contracted entitlement maps to the functional equivalent at the contracted price. The substitution language is what prevents Microsoft from forcing a step up at the next add order.
The contract carries an explicit true down right at the anniversary against the rationalized population count. The clause is what allows the cleanup to translate to a billing reduction rather than a paper exercise.
The per population decision tree, the unit math at current Microsoft list, and the contract clause library for protecting the chosen path through the next renewal cycle. Sent on request.
The single answer at the estate level is almost always wrong. The right answer surfaces from the per population decision and the contract that protects it across the term.