Microsoft Defender for Cloud Reviews

Name: Microsoft Defender for Cloud
Brand: Microsoft
Rating: 4 (53 reviews)

Vendor: Microsoft

4.0 out of 5

53 reviews
94% willing to recommend

588 followers

Post review

What is Microsoft Defender for Cloud?

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

Get the Microsoft Defender for Cloud Buyer's Guide and find out what your peers are saying about Microsoft Defender for Cloud, Microsoft Defender for Endpoint, Microsoft Intune and more!

Microsoft Defender for Cloud is the #2 ranked solution in top Compliance Management solutions, #3 ranked solution in Cloud Workload Protection Platforms, #3 ranked solution in top Cloud Security Posture Management (CSPM) solutions, #3 ranked solution in top Cloud-Native Application Protection Platforms (CNAPP) solutions, #3 ranked solution in top Data Security Posture Management (DSPM) solutions, #3 ranked solution in top Microsoft Security Suite solutions, #4 ranked solution in Container Security Solutions, #8 ranked solution in top Vulnerability Management solutions, and #11 ranked solution in Container Management software. PeerSpot users give Microsoft Defender for Cloud an average rating of 8.0 out of 10. Microsoft Defender for Cloud is most commonly compared to Microsoft Defender for Endpoint: Microsoft Defender for Cloud vs Microsoft Defender for Endpoint. Microsoft Defender for Cloud is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Buyer's Guide

Microsoft Defender for Cloud

August 2024

Get the report

Helped 802,829 peers since 2012

Featured reviews

Anurag Awasthi

Senior Consultant at HCL

The solution's robust security posture is the most valuable feature. We have a lot of firewalls, and we can manage them in the solution through the firewall manager. We can set up an Azure firewall and centralize the management policy. The solution provides excellent visibility into threats, and it's a cloud-based integrated solution, so we don't have to worry about any third-party products or services. Microsoft provides so many options, and that's great. Defender for Cloud generates reports we can use as an assessment, as it allows us to see the services in our environment and our points of highest risk. The solution's threat intelligence helps us prepare for threats before they hit and take proactive steps, which is very useful for analysis.

Read full review

Srikanth Matsa

Senior DevOps Engineer at a tech services company with 501-1,000 employees

Before Microsoft Defender our external team would give us updates on which ports are opening and which vulnerabilities are being attacked. Now with the recommendations of Microsoft Defender, we can find these vulnerabilities sooner and fix them. Before onboarding those respected resources into Microsoft Defender, we faced a few issues. Once we onboarded those resources, we received prompt recommendations that helped us make the organization's resources more secure. If resources are not secured, it can impact the reputation of the organization. The solution helped identify a lot of the issues, at a high priority that we could resolve. Microsoft Defender helps any organization that needs to follow security baseline recommendations in order to improve its environment. Regarding threats, I recommend Microsoft Sentinel for detecting and hunting the threats. I can identify what exactly happened at that particular time or particular resource with the help of Microsoft Sentinel. The solution has significantly reduced the overall time it takes us to detect issues. Most of the resources are scanned every 30 minutes, so it doesn't take much time for the solution to give us the respected recommendations. Depending on the issue, Microsoft Defender for Cloud has helped reduce our overall time to respond. There are a few recommendations that we can fix immediately by just clicking using the UI. However, the overall time to respond to issues depends upon that respected recommendation list. There are a few things that we need to consider when it comes to the security settings of our virtual machines which can take a long time to identify and fix.

Read full review

Junior Pierre-Toussaint

Senior Information Technology Security Officer at CLEAR (clearme.com)

I've done a couple of POCs for Microsoft Defender with the company, and the process is always the same. We don't deploy everything into live environments. It is deployed to a testing environment. After we test a couple of times, we undergo a complete training process. Finally, we organize and deploy it to a section of the company. We usually deploy one segment at a time, like finance, marketing, etc. If you have ATP Defender, you must set up a data lake. After deployment, there isn't much maintenance on our end besides managing the logs. You must create scripts for your use cases to inject into the solution. The deployment team typically consists of two people from security, two from infrastructure, and the service desk manager.

Read full review

Microsoft Defender for Cloud mindshare

Product category:

As of September 2024, the mindshare of Microsoft Defender for Cloud in the Cloud Workload Protection Platforms (CWPP) category stands at 14.9%, down from 15.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cloud Workload Protection Platforms (CWPP)

Key learnings from peers

Valuable Features

Microsoft Defender for Cloud offers a variety of valuable features, including recommendations for improving security posture and regulatory compliance, inventory management, collaboration capabilities, and threat detection and response. The solution seamlessly integrates with other Microsoft security products, such as Sentinel and Defender for Endpoint. It also provides a single pane of glass view for managing security across hybrid and multi-cloud environments. The solution's robust security posture, vulnerability reporting, and machine learning algorithm all contribute to effective threat protection.

"The most valuable features offer the latest threat detection and response capabilities."
"The most valuable features are the monitoring of users, endpoint detection and response, and the adaptability of the AI threat intelligence engine, which quickly adapts to customizations."
"The tool's most valuable feature is its support for cloud-native services like Kubernetes, containers, managed storage, and databases. Protecting these without Microsoft Defender for Cloud would be extremely challenging. For threat protection specifically, I find the signature-based detection and heuristic detection features very effective."

Room for Improvement

Improvements for Microsoft Defender for Cloud include better centralization for policy management, more customization options for whitelisting and use cases, faster detection and response times, better integration with other cloud providers, clearer product differentiation, better support for older operating systems, lighter resource consumption, more automation and proactive threat identification, improved UI consistency, and better agent features. Other suggested improvements include better migration techniques, improved backend technologies, better clarity on pricing and licensing, better automation for security feature deployment, better documentation, better log analysis, and threat mechanisms, better regulation compliance, and more intuitive and customizable compliance requirements.

"The product's advanced analytics and reporting features could be improved."
"The pricing could be better."
"For improvements, I'd like to see more use cases integrated with Microsoft Sentinel and support for multi-cloud environments beyond just Azure."

ROI

Users have varied experiences with Microsoft Defender for Cloud. Some believe that it offers basic security features and is easy to install, without requiring specialized teams. Others find it expensive and haven't seen ROI yet, but believe that safety is the first priority. Some users have seen cost reductions and time savings, while others believe that Microsoft should incorporate it into the old security center products. However, many users have seen great returns on their investment and believe that it has helped them provide better security services to their customers and clients.

Pricing

Microsoft Defender for Cloud can have a licensing cost of $15 per server per month. Some reviewers find the cost be a good deal while others find it to be too high. There are also additional costs for different plans and functionalities, and the pricing can be complicated due to different metrics and rules for each type of Defender for Cloud. However, some reviewers appreciate the simplicity and flexibility of the licensing model, which can be bundled with other Microsoft solutions and has no extra costs for standard features. While some reviewers find the cost to be justified by the importance of security, others suggest that it may be too expensive for small or startup businesses and recommend trying open source tools as an alternative.

"The product's pricing policy is generally favorable."
"The solution is expensive, and I rate it a five to six out of ten."
"I am not involved much with the pricing but the bundle offering is good."

Popular Use Cases

Microsoft Defender for Cloud is used for a variety of purposes across different industries and company sizes. It is primarily used for identifying vulnerabilities and loopholes in the system, network security, managing customers' server vulnerability assessments, providing security scores, improving security posture, scanning for vulnerabilities, managing cloud security, and enforcing regulatory compliance. It is also used for incident security, threat analysis, and managing overall product compliance. The solution offers recommendations and security alerts, integrates with other Microsoft security products, and is deployed on multiple clouds, including hybrid and on-premises. It is a centralized solution that can be leveraged for infrastructure, platform as a service, or database as a service.

Service and Support

Some customers rate Microsoft Defender for Cloud technical support as good and responsive, while others criticize the lack of direct contact with Microsoft employees and dislike having to escalate issues to get proper solutions. A few users reported slow response and resolution time. Customers with a higher level of support or enterprise agreements with Microsoft report better experiences. Customers have found Microsoft's documentation to be helpful.

Deployment

Deploying Microsoft Defender for Cloud is generally straightforward, with most reviewers reporting that it does not require much maintenance after deployment. The deployment time varies depending on the size of the company and. its requirements, but it is generally fast because Defender is a cloud-native tool. The solution is easy to enable and disable using the Azure app, and the agents are already present. Some reviewers noted that the setup process can be more complex if it involves older operating systems or if employees have no prior training.

Scalability

The scalability of Microsoft Defender for Cloud is excellent and it can accommodate large environments without any issues. It is easy to use and manage, and it can be extended to multiple regions and on-premises. The solution is highly scalable and can be integrated with as many subscriptions as possible. The scalability potential is one of the biggest aspects that users like about the solution and it is designed to scan resources regardless of the volume every 30 minutes. However, increasing scalability can result in additional costs. The solution is very scalable and can accommodate all user requirements.

Stability

Microsoft Defender for Cloud is highly stable, with very minimal downtime and few reported issues. Some users have experienced slow performance, but this could be related to other factors such as internet connectivity. The solution's stability is praised by most users, with some rating it an eight out of ten. However, there are some areas for improvement, such as the need for better support for certain features and services.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Microsoft Defender for Cloud Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

14%

Manufacturing Company

Government

Insurance Company

Healthcare Company

Energy/Utilities Company

Educational Organization

Retailer

University

Comms Service Provider

Construction Company

Real Estate/Law Firm

Logistics Company

Legal Firm

Media Company

Non Profit

Transportation Company

Wholesaler/Distributor

Hospitality Company

Outsourcing Company

Performing Arts

Recreational Facilities/Services Company

Pharma/Biotech Company

Consumer Goods Company

Compare Microsoft Defender for Cloud with alternative products

Learn more about Microsoft Defender for Cloud

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Microsoft Defender for Cloud was previously known as Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender.