We performed a comparison between Microsoft Defender for Cloud and OpenShift Container Platform based on real PeerSpot user reviews.
Find out in this report how the two Container Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Most importantly, it's an integrated solution. We not only have Defender for Cloud, but we also have Defender for Endpoint, Defender for Office 365, and Defender for Identity. It's an integrated, holistic solution."
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"Threat protection is comprehensive and simple."
"The best feature is the management for the port life cycle, which automatically recycles, pulls, and scales up and down based on needs and requests."
"Technical support is good; they are fast and reliable."
"Red Hat's security throughout the stack and software supply chain is good. It is a lightweight operating system. You don't have to worry about the security patches on the system. You can update the entire environment with security patches, which is a nice feature."
"The operating system has a live update and is more secure than any other. It's made for Atomic OS, a lightweight OS new to the market. I also like the source-to-image capabilities. The customer can directly deploy their applications from the repository. It's a highly flexible and easy way to deploy into production."
"OpenShift is a user-friendly container platform with a solid GUI that helps you follow what is going on and gives you an overview of all your clusters. It's more user-friendly than the Kubernetes itself. The interface helps you learn the platform and provides access to some features or specific comments."
"The most valuable feature is that the solution can be deployed in the cloud which removes the expense of a server."
"Everything is packaged into OpenShift Container Platform."
"Openshift is a very developer-friendly product."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"It needs to be simplified and made more user-friendly for a non-technical person."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Pricing could be improved. There are limited options based on pricing for the government."
"The solution needs to introduce open ID connect integration for role-based access control."
"OpenShift has a pretty steep learning curve. It's not an easy tool to use. It's not only OpenShift but Kubernetes itself. The good thing is that Red Hat provides specific targeted training. There are five or six pieces of training where you can get certifications. The licenses for OpenShift are pretty expensive, so they could be cheaper because the competition isn't sleeping, and Red Hat must take that into account."
"It has an option to install OpenShift without connecting it to the Internet. We tried this, but it was very hard. We couldn't manage to use that option. We wanted to use it offline for installations, updates, upgrades, etc., but we didn't find the offline installation and updates easy. This could be better."
"The support costs are too high."
"The initial setup can be hard."
"We encounter difficulties while accessing the environment and managing the cluster. This particular area needs improvement."
"The price needs to be improved in OpenShift Container Platform. When I choose this, the product is the first factor that we have to make a long analysis to compare the real cost for the other services. However, price is high."
"The product monitoring tool does not work for us."
Microsoft Defender for Cloud is ranked 10th in Container Management with 46 reviews while OpenShift Container Platform is ranked 1st in Container Management with 36 reviews. Microsoft Defender for Cloud is rated 8.0, while OpenShift Container Platform is rated 8.2. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of OpenShift Container Platform writes "Provides automation that speeds up our process by 30% and helps us achieve zero downtime". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas OpenShift Container Platform is most compared with Amazon EKS, VMware Tanzu Mission Control, Nutanix Kubernetes Engine NKE, Amazon Elastic Container Service and NGINX Ingress Controller. See our Microsoft Defender for Cloud vs. OpenShift Container Platform report.
See our list of best Container Management vendors.
We monitor all Container Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
