Try our new research platform with insights from 80,000+ expert users

Amazon Inspector vs Microsoft Defender for Cloud comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Amazon Inspector
Ranking in Vulnerability Management
20th
Average Rating
8.2
Reviews Sentiment
7.6
Number of Reviews
7
Ranking in other categories
IT Vendor Risk Management (6th)
Microsoft Defender for Cloud
Ranking in Vulnerability Management
7th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
74
Ranking in other categories
Container Management (9th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (3rd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (2nd)
 

Mindshare comparison

As of March 2025, in the Vulnerability Management category, the mindshare of Amazon Inspector is 2.5%, up from 1.0% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 6.7%, down from 6.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

John D'Arcy - PeerSpot reviewer
Automated vulnerability assessments continuously enhance security
The most valuable features probably are the ability to do automated vulnerability assessments, which it does with Amazon Inspector version two. It operates continuously, so as soon as resources are created, it scans them for vulnerabilities. This allows me to pinpoint potential security vulnerabilities and provide actionable recommendations relatively quickly. Larger enterprises usually use Inspector to gather all the vulnerabilities, the CVEs, across all accounts in an AWS organization. The enterprises I work for typically have many accounts in their organization, such as thousands of accounts where I am at the moment. It is a way to gather the vulnerabilities that are present on EC2 instances, container images, and Lambda functions.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I recommend Amazon Inspector because it allows the automation of processes and requires less manual monitoring."
"The automated vulnerability detection aspect is most valuable."
"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."
"The scalability of the solution itself is unparalleled."
"Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively."
"It operates continuously, so as soon as resources are created, it scans them for vulnerabilities."
"The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"The solution is very easy to deploy."
"The solution's robust security posture is the most valuable feature."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"Defender for Cloud is an improvement over Trend Micro, our previous solution. We like integrating our endpoints and visualizing everything in one place. It provides comprehensive coverage for endpoints, servers, and overall environmental security."
"The solution is up-to-date with the latest updates and identified threats."
"The most valuable feature is the comprehensive overview across different workloads. It allows us to see protection not just across one workload, such as virtual machines, containers, infrastructure, or data, but across all our workloads. This overall visibility is really helpful."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"Technical support is helpful."
 

Cons

"One area for improvement in Amazon Inspector is the automation aspect."
"There are challenges associated with the interdependencies in AWS services, like requiring an Active Directory for other services, resulting in additional charges."
"The other point is that the reporting features of Inspector need improvement. For example, I am in an organization with millions of CVEs, and getting an overview of all this is challenging."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents."
"It has automated vulnerability assessment, yet I seek more flexibility in defining custom vulnerability checks tailored to my needs, which is more difficult."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"I rate Microsoft support five out of 10. It gets better once you're escalated past the first and second levels. It's difficult to get the necessary support when tickets are first opened."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"Customer service and support from Microsoft are very poor. Even for high-severity cases, response or resolution time can extend to three or four weeks."
"Most customer teams need more training on this type of product."
"If they had an easier way to display all the vulnerabilities of the machines affected and remediation steps on one screen rather than having to dive deep into each of them, that would be a lot easier."
 

Pricing and Cost Advice

"The lowest cost would be around $10 for a few small accounts, however, for thousands of accounts, it could be around $5000 to $6000 dollars per month."
"It's priced according to market standards for its services."
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap. There are no additional costs. They pretty much think about it as a pay-per-scan type model."
"The pricing is very transparent and clear."
"There are improvements that have to be made to the licensing. Currently, for servers, it has to be done by grouping the servers on a single subscription... We don't have an option whereby, if all those resources are in one subscription, we can have each of the individual servers subject to different planning."
"I am not involved much with the pricing but the bundle offering is good."
"Our clients complain about the cost of Microsoft Defender for Cloud."
"Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
"I'm not privy to that information, but I know it's probably close to a million dollars a year."
"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."
"Pricing is a consideration, but we strive to keep costs low by enabling only necessary services."
"The cost is fair. There aren't any costs in addition to the standard licensing fee."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
841,431 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Government
7%
Manufacturing Company
7%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Inspector?
The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integ...
What is your experience regarding pricing and costs for Amazon Inspector?
I manage pricing and purchase reserved instances, yet face challenges due to dependencies and lack of options for reserved capacity for EBS volumes. Some services create extensive costs upon launch.
What needs improvement with Amazon Inspector?
There are challenges associated with the interdependencies in AWS services, like requiring an Active Directory for other services, resulting in additional charges. Also, there is no option to buy r...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
The licensing is straightforward but can become expensive if you cover everything. You must balance the cost against the importance of what needs covering.
 

Also Known As

No data available
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
 

Interactive Demo

 

Overview

 

Sample Customers

betterment, caplinked, flatiron, university of nutri dame
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Find out what your peers are saying about Amazon Inspector vs. Microsoft Defender for Cloud and other solutions. Updated: March 2025.
841,431 professionals have used our research since 2012.