What was once considered optional software that negatively impacted performance of an OS to boot, is now considered a standard part of the operating system and essential for the healthy operation of a computer.

With constant-on internet connectivity now ubiquitous, and the rise of threats like Ransomware, Phishing, and modern malware old-style anti-virus programs weren’t good enough anymore and had to evolve to detect and stop modern threats.

The current industry trend is moving towards MDR or Managed Defense where you pay not only for software to scan your PC for viruses, but for entire teams of 3rd security people that constantly monitor your network for threats and hackers.

What started off as a basic firewall and anti-spyware tool slowly expanded and was developed into the current version of MS Defender.

Microsoft had previously allowed 3rd parties to rule to antivirus space but was able to organically develop their own 1st party tool built into Windows.

This isn’t unusual though, it follows Microsoft’s typical business pattern. See what other companies are doing and successful at, and make your own version in-house that’s integrated into Windows. It doesn’t have to be *good* it just has to be *good enough* for Microsoft to start taking market share away from competitors.

After all why pay for Netscape when Internet Explorer is free and comes with Windows? It’s not as good, but it’s free so it’s *good enough*.

Similarly why buy McAfee Trellix, Sophos, or ESET when Windows with Defender for free?

[removed]

Market simply responded to demand and it made sense for Microsoft to incorporate more onboard solutions.

This is the same for many features. First they are mods, or add ons, or third party software, then they, or something similar gets rolled into the OS.

You are old enough to remember anti virus being rolled into Windows.. I’m old enough to remember the Windows part of Windows being rolled into it. Before Windows we used dos, and install 3rd party visual interfaces, such as [Norton Commander](https://en.wikipedia.org/wiki/Norton_Commander)

Norton… where have I heard that before?

>What changed to make Windows Defender competitive?

Originally Windows Defender on Windows 7 was an anti-spyware component, NOT an anti-virus. Microsoft’s anti-virus software for Windows 7 was called “Microsoft Security Essentials”. In Windows 8, the two pieces of software were consolidated. At that point, Windows Defender was generally considered “good enough” and additional anti-virus software to be redundant for most consumers.

When Norton Antivirus started throwing pop ups on people’s computers every day, it became as big a nuisance as most malware. Windows Defender is free and operates in the background without annoying the user. Once software becomes annoying, it loses its relevancy.

Microsoft found a benefit to them including an AV with its OS so they actually started investing into it.

Microsoft has a billion computers out in the wild gathering data on malware. Windows defender updates itself via windows update every 2 hours. Nothing else on the planet comes close by a wide margin. There are advantages to being spied upon.

[removed]

There’s also been major changes and improvements in the software most likely to give you a virus in addition to the other factors already noted by other comments.

Operating systems have fewer gaping holes than they did before (fewer, not none). Security patching is more frequent and slightly easier than early Windows. Software is being more “app-ified” which creates more sandboxes mitigating possible damage. Internet browsers are much better than our old uncle IE, with much better security. Email is now largely web based with built in scanning of attachments compared to a software application on your computer.

These changes in the root need have an impact on the market that was created to mitigate the root cause.

On top of the answers posted here, the malware market has also changed drastically. The money isn’t in targeting home users, and the security features in modern Windows make it much harder to operate in the traditional manner.

Nowadays remote shells on servers are what’s all the rage. Can be easy to make one that isn’t detected by any antivirus too if you know what you’re doing.