Microsoft Defender for Cloud vs Trellix Cloud Workload Security comparison

Microsoft and Trellix are both solutions in the Cloud Workload Protection Platforms (CWPP) category. Microsoft is ranked #3 with an average rating of 8.1, while Trellix is ranked #20 with an average rating of 9.0. Microsoft holds a 12.9% mindshare in CWPP, compared to Trellix’s 0.2% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 100% of Trellix users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 5, 2025

Trellix Cloud Workload Security and Microsoft Defender for Cloud are competing products in cloud workload protection. Microsoft Defender for Cloud holds the upper hand in terms of integrated features and overall value, being more comprehensive.

Features: Trellix Cloud Workload Security includes robust threat detection, automated response, and workload-centric security policies. Microsoft Defender for Cloud offers extensive integration capabilities, advanced threat protection, and a unified security management platform. While Trellix prioritizes standalone security efficiency, Microsoft emphasizes seamless integration and management.

Ease of Deployment and Customer Service: Trellix Cloud Workload Security provides a straightforward deployment model with dedicated support to minimize disruptions. Microsoft Defender for Cloud, integrated within the Azure ecosystem, offers broader automated deployment processes. Microsoft provides comprehensive customer service through its cloud platform, though it may require a steeper learning curve due to its advanced features.

Pricing and ROI: Trellix Cloud Workload Security is known for competitive pricing and tangible ROI from efficient threat handling and cost-effective operations. Microsoft Defender for Cloud, while potentially higher in initial costs, offers significant ROI through its integrative protection, reducing long-term risks and costs in multi-cloud environments. Trellix has a lower upfront cost, but Microsoft's capabilities potentially offer greater long-term value.

To learn more, read our detailed Microsoft Defender for Cloud vs. Trellix Cloud Workload Security Report (Updated: January 2025).

Buyer's Guide

Microsoft Defender for Cloud vs. Trellix Cloud Workload Security

January 2025

Download the complete report

Helped 841,540 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

SentinelOne Singularity Clo...

Mindshare comparison

As of March 2025, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 2.2%, up from 0.9% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 12.9%, down from 14.9% compared to the previous year. The mindshare of Trellix Cloud Workload Security is 0.2%, down from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Workload Protection Platforms (CWPP)

Featured Reviews

Andrew W

VP - Information Technology at a financial services firm with 201-500 employees

Tells us about vulnerabilities as well as their impact and helps to focus on real issues

Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Read full review

Vibhor Goel

Senior Cloud Platform Engineer at Deutsche Börse

A single tool for complete visibility and addressing security gaps

Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Read full review

Madan Mohan

Director Operations at SOFTPRO PLUS

Easy policy designing and highly scalable solution

The customers really want protection against unauthorized applications running on their servers. They should avoid installing any unknown source and use Trellix Cloud Workload Security for the best solution in workload security. It includes DNS with ransomware protection. With this, they can have complete protection for their servers. Additionally, any solution working with the database should implement change control. So, if any changes are made on the database side, they should be resolved and verified to ensure they are not made by any unknown source. This is the best solution we suggest to customers who want granular control to protect their servers. It's easy to deploy with a single agent. Overall, I would rate the solution a nine out of ten because policy designing is very easy too. And the manageability is very easy. You can easily manage it through EPO and deploy policies within five to ten minutes. No issues with that.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"We noted immediate benefits from using the solution."

"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."

"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."

"Its performance impact on the systems is low, which means there is a minimal impact on system performance compared to traditional antivirus solutions."

"We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use PingSafe."

"The cloud misconfiguration is the most valuable feature."

"The key strength of Singularity Cloud Security lies in its ability to pinpoint vulnerabilities in our cloud accounts and identify suspicious activity that warrants further investigation."

"I recommend SentinelOne due to its high-security capabilities, which are essential to safeguard data and systems from potential threats."

More SentinelOne Singularity Cloud Security pros

"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."

"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."

"Good compliance policies."

"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."

"Microsoft Defender for Cloud has made our environment more secure."

"It's got a lot of great features."

"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."

"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."

More Microsoft Defender for Cloud pros

"The discovery feature is the most valuable. After you integrate your cloud environment, maybe an Azure or AWS, or a private environment hosted on VMware, it automatically starts discovering the number of servers that are running on that cloud and the number of services that you have done. It is a beautiful feature because, from a security standpoint, it is difficult to identify which VM is compliant or not when you keep on provisioning a number of VMs in the cloud. It also checks for compliance. It checks whether a system is compliant and whether antivirus is installed on a VM. If an antivirus is installed, it checks whether the antivirus is updated to the latest signature package or not. All these things are beautifully done by McAfee Cloud Workload Security. For communicating with the McAfee server, you need to install an agent on the VM. McAfee Cloud Workload Security gives you a direct opportunity to install an agent on a Windows machine. If you have a Windows cloud, you can directly push that agent onto the VM through your McAfee portal. It provides you a single dashboard view of all servers present in the cloud. It shows the servers on which the antivirus is already installed as well as the servers for which the antivirus installation is still pending. This dashboard view is a much-needed thing. It also has a centralized management, which makes it easy to use."

"The most valuable feature is the application control."

Cons

"I would like PingSafe's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool."

"We use PingSafe and also SentinelOne. If PingSafe integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."

"I would like PingSafe to add real-time detection of vulnerabilities and cloud misconfigurations."

"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."

"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."

"The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects."

"There is a bit of a learning curve for new users."

"Maybe container runtime security could be improved."

More SentinelOne Singularity Cloud Security cons

"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."

"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."

"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."

"You cannot create custom use cases."

"However, some Copilot features aren't available in the GCP environment. This is something we hope will be addressed in the future."

"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."

"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."

"Integration into other third-party products, particularly those from tier three vendors like ManageEngine and Hexcode, has proven difficult."

More Microsoft Defender for Cloud cons

"Its vulnerability assessment is not the best. We cannot identify the vulnerabilities that are related to the operating system by using McAfee Cloud Workload Security. I wish McAfee would add a vulnerability assessment tool that will not only identify the vulnerability but will also be able to generate a report so that the required patching can be done for the servers. Currently, McAfee Cloud Workload Security only integrates with AWS and Azure. If it can also integrate with GCP, Alibaba, and other cloud services available in the market, it would be good because not all people are using Azure and AWS."

"There is room for improvement in the pricing model."

Pricing and Cost Advice

"PingSafe is less expensive than other options."

"The price depends on the extension of the solution that you want to buy. If you want to buy just EDR, the price is less. XDR is a little bit more expensive. There are going to be different add-ons for Singularity."

"Singularity Cloud Security by SentinelOne is cost-efficient."

"I understand that SentinelOne is a market leader, but the bill we received was astronomical."

"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."

"The pricing is somewhat high compared to other market tools."

"PingSafe is affordable."

"PingSafe falls within the typical price range for cloud security platforms."

More SentinelOne Singularity Cloud Security pricing and cost advice

"Currently, Microsoft offers only one plan at the enterprise level which is $15 per machine."

"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."

"There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."

"Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."

"Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."

"This solution is more cost-effective than some competing products. My understanding is that it is based on the number of integrations that you have, so if you have fewer subscriptions then you pay less for the service."

"I rate Microsoft Defender a three out of ten for affordability. The price could be a little lower."

"The price of the solution is good for the features we receive and there is an additional cost for Microsoft premier support. However, some of my potential customers have found it to be expensive and have gone on to choose another solution."

More Microsoft Defender for Cloud pricing and cost advice

"It is not an expensive product. I am in the Indian market, and it is one of the most reliable and cost-effective solutions."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.

See recommendations

841,540 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Financial Services Firm

15%

Manufacturing Company

Government

Computer Software Company

14%

Financial Services Firm

13%

Manufacturing Company

Government

Comms Service Provider

14%

Financial Services Firm

13%

Computer Software Company

12%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven.

See all answers

What needs improvement with PingSafe?

From my personal experience, the alerting system needs to be faster. If something happens in our infrastructure, the ...

See all answers

How is Prisma Cloud vs Azure Security Center for security?

Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...

See all answers

What do you like most about Microsoft Defender for Cloud?

The entire Defender Suite is tightly coupled, integrated, and collaborative.

See all answers

What is your experience regarding pricing and costs for Microsoft Defender for Cloud?

The licensing is straightforward but can become expensive if you cover everything. You must balance the cost against ...

See all answers

What do you like most about McAfee Cloud Workload Security?

The most valuable feature is the application control.

See all answers

What is your experience regarding pricing and costs for McAfee Cloud Workload Security?

I would rate it a seven out of ten, where one is a low price, and ten is a high price. Trellix doesn't charge any add...

See all answers

What needs improvement with McAfee Cloud Workload Security?

There is room for improvement in the pricing model. The price could be a bit lower.

See all answers

Comparisons

Wiz vs SentinelOne Singularity Cloud Security

Compared 24% of the time

Cortex Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 21% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 6% of the time

Check Point CloudGuard CNAPP vs SentinelOne Singularity Cloud Security

Compared 5% of the time

More SentinelOne Singularity Cloud Security Competitors

AWS GuardDuty vs Microsoft Defender for Cloud

Compared 21% of the time

Cortex Cloud by Palo Alto Networks vs Microsoft Defender for Cloud

Compared 12% of the time

Wiz vs Microsoft Defender for Cloud

Compared 12% of the time

Microsoft Defender XDR vs Microsoft Defender for Cloud

Compared 4% of the time

Orca Security vs Microsoft Defender for Cloud

Compared 3% of the time

More Microsoft Defender for Cloud Competitors

AWS GuardDuty vs Trellix Cloud Workload Security

Compared 43% of the time

More Trellix Cloud Workload Security Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

February 2025

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

Microsoft Defender for Cloud

February 2025

Download Microsoft Defender for Cloud product report

Buyer's Guide

Cloud Workload Protection Platforms (CWPP)

March 2025

Download Trellix Cloud Workload Security product report

Also Known As

PingSafe

Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender

McAfee Cloud Workload Security

Interactive Demo

Demo not available

SentinelOne

Microsoft

Demo not available

Trellix

Overview

SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.

SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.

What are the key features of SentinelOne Singularity Cloud Security?

Real-time Threat Detection: Identifies and mitigates threats as they occur.
Automated Response: Automatically responds to threats to minimize impact.
Ease of Deployment: Simple setup process with scalable options.
Machine Learning Insights: AI-driven insights enhance threat prevention.
Seamless Integration: Integrates with cloud environments for unified security management.

What are the primary benefits or ROI to expect from SentinelOne Singularity Cloud Security?

Enhanced Threat Mitigation: Improved security against real-time threats.
Reduced Manual Intervention: Automated processes save time and resources.
Scalability: Easily adapts to growing security requirements.
Centralized Management: Manage security across platforms from a single console.
Advanced Threat Intelligence: Provides in-depth analysis and protection.

In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.

SentinelOne

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Microsoft

Trellix Cloud Workload Security is a comprehensive security solution designed to protect cloud workloads from advanced threats. It provides real-time visibility and control over cloud workloads, enabling organizations to quickly detect and respond to threats.

The most useful functionality of the solution includes automated threat detection, continuous compliance monitoring, and workload protection. With these features, organizations can ensure their cloud workloads are secure and compliant with industry regulations. Trellix Cloud Workload Security helps organizations reduce the risk of data breaches, protect sensitive data, and ensure compliance with regulatory requirements.

Trellix

Sample Customers

Information Not Available

Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.

Information Not Available

Buyer's Guide

Microsoft Defender for Cloud vs. Trellix Cloud Workload Security

January 2025

Free Report: Microsoft Defender for Cloud vs. Trellix Cloud Workload Security

Find out what your peers are saying about Microsoft Defender for Cloud vs. Trellix Cloud Workload Security and other solutions. Updated: January 2025.

DOWNLOAD NOW

841,540 professionals have used our research since 2012.

See our Microsoft Defender for Cloud vs. Trellix Cloud Workload Security report.

See our list of best Cloud Workload Protection Platforms (CWPP) vendors.

We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.