We performed a comparison between Microsoft Defender for Cloud and Rapid7 InsightCloudSec based on real PeerSpot user reviews.
Find out in this report how the two Cloud Security Posture Management (CSPM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"The solution is very user-friendly."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Provides a very good view of the entire security setup of your organization."
"The solution's robust security posture is the most valuable feature."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"Agentless scanning is a possible use with Rapid7 InsightCloudSec."
"The tool's most valuable feature is workload protection for Kubernetes and container security. It has agents that identify bugs or lack of security on runtime containers."
"I find the security frameworks and security tools valuable. I think they're good in the infrastructure of the code security. They are also good at threat protection."
"The tool provides centralized visibility through dashboards and alerts, allowing customers to receive reports on cloud vulnerabilities and security posture. Rapid7 InsightCloudSec provides customers with a robust understanding of cloud security."
"The remediation workflow within the Wiz could be improved."
"The only thing that needs to be improved is the number of scans per day."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"The remediation process could be improved."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"There is no perfect product in the world and there are always features that can be added."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"The tool needs to improve its documentation."
"There are a lot of other solutions in the market, not only providing the features of a CSPM, but also CNAPP."
"Rapid7 InsightCloudSec could be better at showing dashboards for virtual firewalls and appliances. Compared to other solutions like Palo Alto, this area is not as good. So, they should work on improving this for virtual devices."
"Technical support could be better. It could also be easier, more user-friendly, and intuitive. The API keys aren't easy to understand, and the cloud layouts aren't intuitive and user-friendly. We should be able to integrate IM governance and APIs into non-compliant workloads like legacy solutions."
Microsoft Defender for Cloud is ranked 3rd in Cloud Security Posture Management (CSPM) with 46 reviews while Rapid7 InsightCloudSec is ranked 27th in Cloud Security Posture Management (CSPM) with 3 reviews. Microsoft Defender for Cloud is rated 8.0, while Rapid7 InsightCloudSec is rated 7.6. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Rapid7 InsightCloudSec writes "Agentless scanning helps monitor workloads, but the solution needs a better UI and should include CNAPP features ". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Microsoft Defender for Endpoint and Microsoft Sentinel, whereas Rapid7 InsightCloudSec is most compared with Prisma Cloud by Palo Alto Networks and AWS Security Hub. See our Microsoft Defender for Cloud vs. Rapid7 InsightCloudSec report.
See our list of best Cloud Security Posture Management (CSPM) vendors and best Cloud-Native Application Protection Platforms (CNAPP) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.