Lacework vs Microsoft Defender for Cloud comparison

Fortinet and Microsoft are both solutions in the Cloud Workload Protection Platforms (CWPP) category. Fortinet is ranked #10 with an average rating of 8.7, while Microsoft is ranked #3 with an average rating of 7.9. Additionally, 90% of Fortinet users are willing to recommend the solution, compared to 94% of Microsoft users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

Lacework and Microsoft Defender for Cloud are two prevailing cloud security solutions. Microsoft Defender for Cloud seems to have the upper hand based on its extensive integrations and better overall ROI.

Features: Lacework provides comprehensive anomaly detection, automation, and compliance management. Microsoft Defender for Cloud offers advanced threat protection, multi-cloud support, and deep integration with other Microsoft services.

Room for Improvement: Lacework users desire better multi-cloud support, more competitive pricing, and enhanced alert management. Microsoft Defender for Cloud users seek improvement in alert management, reporting features, and a streamlined setup process.

Ease of Deployment and Customer Service: Lacework is noted for its easy setup process and solid customer support. Microsoft Defender for Cloud, while more complex to deploy, benefits from comprehensive documentation and support resources.

Pricing and ROI: Lacework tends to have higher upfront costs, though users see value in its security capabilities. Microsoft Defender for Cloud offers better overall ROI with flexible pricing models due to its extensive feature set and integration benefits.

To learn more, read our detailed Lacework vs. Microsoft Defender for Cloud Report (Updated: October 2024).

Buyer's Guide

Lacework vs. Microsoft Defender for Cloud

October 2024

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

SentinelOne Singularity Clo...

Featured Reviews

Andrew W

VP - Information Technology at a financial services firm with 201-500 employees

Aug 29, 2024

Tells us about vulnerabilities as well as their impact and helps to focus on real issues

Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Read full review

Robert Croteau

Director of Enablement at Avesha

Dec 16, 2022

It provides a good overview of our security posture

The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine. They have to go in and put their policies in place. It's hard for them to implement that, especially if they don't have a real security team. The team's policymakers don't do anything. Lacework takes out all the noise and gives them bits of things that actually matter with the application after it learns the behavior.

Read full review

Anurag Awasthi

Senior Consultant at HCL

Oct 26, 2022

Offers excellent firewall management and visibility into threats in a stable, integrated security suite

The solution's robust security posture is the most valuable feature. We have a lot of firewalls, and we can manage them in the solution through the firewall manager. We can set up an Azure firewall and centralize the management policy. The solution provides excellent visibility into threats, and it's a cloud-based integrated solution, so we don't have to worry about any third-party products or services. Microsoft provides so many options, and that's great. Defender for Cloud generates reports we can use as an assessment, as it allows us to see the services in our environment and our points of highest risk. The solution's threat intelligence helps us prepare for threats before they hit and take proactive steps, which is very useful for analysis.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"All the features we use are equal and get the job done."

"The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue."

"The most valuable features of PingSafe are cloud misconfiguration, Kubernetes, and IaC scanning."

"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."

"It has a user-friendly dashboard that I can access without any difficulty."

"Cloud Native Security offers a valuable tool called an offensive search engine."

"My favorite feature is Storyline."

"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."

More SentinelOne Singularity Cloud Security pros

"The best feature, in my opinion, is the ease of use."

"The compliance reports are definitely most valuable because they save time and are accurate. So, instead of relying on a human going through and checking or providing me with a report, I could just log into Lacework and see for myself."

"For the most part, out-of-the-box, it tells you right away about the things you need to work on. I like the fact that it prioritizes alerts based on severity, so that you can focus your efforts on anything that would be critical/high first, moderate second, and work your way down, trying to continue to improve your security posture."

"The most valuable feature, from a compliance perspective, is the ability to use Lacework as a platform for multiple compliance standards. We have to meet multiple standards like PCI, SOC 2, CIS, and whatever else is out there. The ability to have reports generated, per security standard, is one of the best features for me."

"Lacework is helping a lot in reducing the noise of the alerts. Usually, whenever you have a tool in place, you have a lot of noise in terms of alerts, but the time for an engineer to look into those alerts is limited. Lacework is helping us to consolidate the information that we are getting from the agents and other sources. We are able to focus only on the things that matter, which is the most valuable thing for us. It saves time, and for investigations, we have the right context to take action."

"The most valuable aspects are identifying vulnerabilities—things that are out there that we aren't aware of—as well as finding what path of access attackers could use, and being able to see open SSL or S3 buckets and the like."

"I find the cloud configuration compliance scanning mature. It generates a lot of data and supports major frameworks like ISO 27001 or SOC 2, providing reports and datasets. Another feature I appreciate is setting custom alerts for specific events. Additionally, I value the agent-based monitoring and scanning for compute nodes. It gives us deeper insights into our workloads and helps identify vulnerabilities across our deployed assets."

"The most valuable feature is Lacework's ability to distill all the security and audit logs. I recommend it to my customers. Normally, when I consult for other customers that are getting into the cloud, we use native security tools. It's more of a rule-based engine."

More Lacework pros

"Some of the most valuable features of Microsoft Defender for Cloud include its effectiveness in threat detection through unsupervised machine learning, CTI, and advanced sandboxing."

"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."

"The technical support is very good."

"The solution is very easy to deploy."

"I've seen benefits since implementing Microsoft Defender for Cloud. It's easy to manage for our large organization as an endpoint security solution. It integrates well with Office 365 and Windows 11, which is better than before. Patching, updates, and threat protection are all handled together now. Its AI features help predict threats."

"Good compliance policies."

"Defender is user-friendly and provides decent visibility into threats."

"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."

More Microsoft Defender for Cloud pros

Cons

"We are experiencing problems with Cloud Native Security reporting."

"Once all components, including the cloud piece and container runtime piece, integrate further and incorporate an AI layer for better comprehension, it will greatly enhance the utility of Singularity Cloud Security."

"I would like PingSafe's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool."

"The integration with Oracle has room for improvement."

"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."

"I want PingSafe to integrate additional third-party resources. For example, PingSafe is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If PingSafe had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement."

"I'd like to see better onboarding documentation."

"SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors."

More SentinelOne Singularity Cloud Security cons

"Lacework has not reduced the number of alerts we get. We've actually had to add resources as a result of using it because the application requires a lot of people to understand it to get the value out of it properly."

"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."

"There are a couple of the difficulties we encounter in the realm of cybersecurity, or security as a whole, that relate to potentially limited clarity. Having the capacity to perceive the configuration aspect and having the ability to contribute to it holds substantial advantages, in my view. It ranks high, primarily due to its role in guaranteeing compliance and the potential to uncover vulnerabilities, which could infiltrate the system and introduce potential risks. I had been exploring a specific feature that captured my interest. However, just yesterday, I participated in a product update session that announced the imminent arrival of this feature. The feature involves real-time alerting. This was something I had been anticipating, and it seems that this capability is now being integrated, possibly as part of threat intelligence. While anomaly events consistently and promptly appear in the console, certain alerts tend to experience delays before being displayed. Yet, with the recent product update, this issue is expected to be resolved. Currently, a comprehensive view of all policies is available within the console. However, I want a more tailored display of my compliance posture, focusing specifically on policies relevant to me. For instance, if I'm not subject to HIPAA regulations, I'd prefer not to see the HIPAA compliance details. It's worth noting that even with this request, there exists a filtering mechanism to control the type of compliance information visible. This flexibility provides a workaround to my preference, which is why it's challenging for me to definitively state my exact request."

"The solution lacks a cohesive data model, making extracting the necessary data from the platform challenging. It uses its own LQL query language, and each database across different layers and modules is structured differently, complicating correlation efforts. Consequently, I had to create extensive custom reports outside Lacework because their default dashboards didn't communicate risk metrics. They're addressing these issues by redesigning their tools, including introducing the dashboard, which is a step closer to actionable insights but still needs refinement."

"Its integrations with third-party SIEMs can be better. That is one of the things that we discussed with them."

"The configuration and setup of alerts should be easier. They should make it easier to integrate with systems like Slack and Datadog. I didn't spend too much time on it, but to me, it wasn't as simple as the alerting that I've seen on other systems."

"A feature that I have requested from them is the ability to sort alerts and policies based on a security framework. Right now, when you go into alerts, you have hundreds and hundreds of them that you have to manually pick. It would be useful to have categories for CIS Benchmark or SOC 2 and be able to display all the alerts and policies for one security framework."

"Lacework lacks remediation features, but I believe they're working on that. They're focused on the reporting aspect, but other features need to improve. They're also adding some compliance features, so it's not worth saying they need to get better at it."

More Lacework cons

"There are challenges with the licensing policies, which are quite complicated."

"Most customer teams need more training on this type of product."

"For improvements, I'd like to see more use cases integrated with Microsoft Sentinel and support for multi-cloud environments beyond just Azure."

"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."

"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."

"Features like code scanning and pipeline scanning are not included in the solution."

"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."

"Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority."

More Microsoft Defender for Cloud cons

Pricing and Cost Advice

"PingSafe is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less."

"It's a fair price for what you get. We are happy with the price as it stands."

"The features included in PingSafe justify its price point."

"Their pricing appears to be based simply on the number of accounts we have, which is common for cloud-based products."

"The tool is cost-effective."

"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."

"It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."

"The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"

More SentinelOne Singularity Cloud Security pricing and cost advice

"The licensing fee was approximately $80,000 USD, per year."

"The pricing has gotten better. That scenario was somewhat unstable. They have a rather interesting licensing structure. I believe you get 200 resources per "Lacework unit." It was difficult, in the beginning, to figure out exactly what a "resource" was... That was a problem until about a year or so ago. They have improved it and it has stabilized quite a bit."

"My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz."

"It is slightly expensive. It depends on how big your environment is, but it is expensive. Right now, we are spending a lot of money. We have covered all of the cloud providers and most of our colocation facilities as well, so we cannot complain, but it is slightly expensive. It is not super expensive."

"Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."

"It is bundled with our enterprise subscription, which makes it easy to go for it. It is available by default, and there is no extra cost for using the standard features."

"There are two different plans. We're using the secure basic plan, but we have used the end security plan as well. There are additional costs, but it gives us more functionalities compared to the basic plan."

"I'm not privy to that information, but I know it's probably close to a million dollars a year."

"Microsoft's licensing and pricing are sometimes complicated. If someone is new to Microsoft's licensing, they might have difficulty with it."

"This solution is more cost-effective than some competing products. My understanding is that it is based on the number of integrations that you have, so if you have fewer subscriptions then you pay less for the service."

"The cost of the license is based on the subscriptions that you have."

"The price of the solution is good for the features we receive and there is an additional cost for Microsoft premier support. However, some of my potential customers have found it to be expensive and have gone on to choose another solution."

More Microsoft Defender for Cloud pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

19%

Financial Services Firm

16%

Manufacturing Company

10%

Insurance Company

Computer Software Company

18%

Financial Services Firm

14%

Manufacturing Company

Retailer

Computer Software Company

16%

Financial Services Firm

13%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native S...

See all answers

What needs improvement with PingSafe?

They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing t...

See all answers

How would you compare Wiz vs Lacework?

Wiz and Lacework sucks... Buy Orca.

See all answers

What do you like most about Lacework?

Polygraph compliance is a valuable feature. In our perspective, it delivers significant benefits. The clarity it offe...

See all answers

What is your experience regarding pricing and costs for Lacework?

My smaller deployments cost around 200,000 a year, which is probably not as expensive as Wiz.

See all answers

How is Prisma Cloud vs Azure Security Center for security?

Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...

See all answers

What do you like most about Microsoft Defender for Cloud?

The entire Defender Suite is tightly coupled, integrated, and collaborative.

See all answers

What is your experience regarding pricing and costs for Microsoft Defender for Cloud?

The pricing is good. It is license-based, and we are not utilizing all of the features, like API and other functional...

See all answers

Comparisons

Wiz vs SentinelOne Singularity Cloud Security

Compared 32% of the time

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 25% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 7% of the time

Qualys VMDR vs SentinelOne Singularity Cloud Security

Compared 3% of the time

More SentinelOne Singularity Cloud Security Competitors

Wiz vs Lacework

Compared 31% of the time

Prisma Cloud by Palo Alto Networks vs Lacework

Compared 11% of the time

AWS GuardDuty vs Lacework

Compared 9% of the time

Aqua Cloud Security Platform vs Lacework

Compared 6% of the time

Qualys VMDR vs Lacework

Compared 2% of the time

More Lacework Competitors

AWS GuardDuty vs Microsoft Defender for Cloud

Compared 21% of the time

Prisma Cloud by Palo Alto Networks vs Microsoft Defender for Cloud

Compared 13% of the time

Wiz vs Microsoft Defender for Cloud

Compared 11% of the time

Microsoft Defender for Endpoint vs Microsoft Defender for Cloud

Compared 4% of the time

Azure Firewall vs Microsoft Defender for Cloud

Compared 4% of the time

More Microsoft Defender for Cloud Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

October 2024

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

Lacework

October 2024

Download Lacework product report

Buyer's Guide

Microsoft Defender for Cloud

October 2024

Download Microsoft Defender for Cloud product report

Also Known As

PingSafe

Polygraph

Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender

Learn More

SentinelOne

Video not available

Fortinet

Microsoft

Interactive Demo

Demo not available

SentinelOne

Demo not available

Fortinet

Microsoft

Overview

SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.

SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.

What are the key features of SentinelOne Singularity Cloud Security?

Real-time Threat Detection: Identifies and mitigates threats as they occur.
Automated Response: Automatically responds to threats to minimize impact.
Ease of Deployment: Simple setup process with scalable options.
Machine Learning Insights: AI-driven insights enhance threat prevention.
Seamless Integration: Integrates with cloud environments for unified security management.

What are the primary benefits or ROI to expect from SentinelOne Singularity Cloud Security?

Enhanced Threat Mitigation: Improved security against real-time threats.
Reduced Manual Intervention: Automated processes save time and resources.
Scalability: Easily adapts to growing security requirements.
Centralized Management: Manage security across platforms from a single console.
Advanced Threat Intelligence: Provides in-depth analysis and protection.

In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.

Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.

Lacework Features

Lacework has many valuable key features. Some of the most useful ones include:

Dashboards
Reports
Workflow management
Administration console
Governance
Policy enforcement
Auditing
Access control
Workflow management
Compliance monitoring
Anomaly detection
Data loss prevention
Cloud gap analytics
Host compliance

Lacework Benefits

There are many benefits to implementing Lacework. Some of the biggest advantages the solution offers include:

Security visibility: Get deep observability into your cloud accounts, workloads, and microservices to give you tighter security control.

Threat detection: By using Lacework, your organization can identify common security events that target your cloud servers, containers, and infrastructure-as-a-service (IaaS) accounts so you can take action on them quickly.

Flexible deployment: With Lacework, you have the option to deploy the way you prefer - either agent or agentless - which provides the visibility needed to have maximum security for cloud accounts and systems. Because Lacework offers an easy-to-deploy layered approach, you gain quick time to value.

Configuration compliance: With the Lacework solution, you can easily spot IaaS account configurations that are non-compliant and identify opportunities to apply security best practices.

Synced teams: Lacework allows your teams to operate smarter and bridge the gap between security, Dev, and Ops regardless of your team's size or experience level.

Gain meaningful security insights: Lacework provides meaningful security insights, alerting you of issues before they reach production from your existing workflows. This way you can build apps quickly and confidently.

Increased revenue streams: Because the solution has built-in security from the first line of code early on, it helps users unlock higher revenue streams.

Helps avoid development delays: The Lacework solution helps you better prioritize security fixes by making security information accessible to DevOps and security teams for earlier risk mitigation that speeds innovation.

Increased productivity: Lacework provides alerts with all the context you need and eliminates data silos and costly investigations, enabling you to boost productivity.

Correlate and contextualize behaviors: Lacework can take attributes and data points from your unique environment and correlate them together into behaviors.

Simplified cloud security posture and compliance: With the Lacework platform, you can get comprehensive visibility and continuous tracking to reduce risks and meet compliance requirements so you can improve your bottom line.

Address vulnerabilities before it is too late: Lacework enables you to limit your attack surface so you can address the riskiest vulnerabilities early in the development cycle.

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Sample Customers

Information Not Available

J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.

Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.

Buyer's Guide

Lacework vs. Microsoft Defender for Cloud

October 2024

Free Report: Lacework vs. Microsoft Defender for Cloud

Find out what your peers are saying about Lacework vs. Microsoft Defender for Cloud and other solutions. Updated: October 2024.

DOWNLOAD NOW

814,649 professionals have used our research since 2012.

See our Lacework vs. Microsoft Defender for Cloud report.

See our list of best Cloud Workload Protection Platforms (CWPP) vendors, best Vulnerability Management vendors, and best Container Security vendors.

We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.