Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
The biggest return on investment so far has been visibility, knowing what we have in our environment.
As a small team, Microsoft Defender for Cloud Apps allowed us to manage systems with just one or two people.
If a customer is already using Microsoft’s ecosystem, the ROI can be positive due to seamless integration.
Microsoft Azure was not fitting for short-term cost savings but promised a better ROI over three to five years for medium to large companies.
Their customer service is pretty good, but it's frustrating to go through three or four channels before reaching the right person.
The support is excellent, and the speed of response is commendable.
There were instances where the engineers were knowledgeable and helpful, but at other times it felt like a ping pong game, with unnecessary transfers until the right person was found.
Their solutions' integration simplifies resolving issues compared to those caused by third-party products.
Working with a Sentinel engineer helped us tune settings effectively.
When my team needs to escalate issues to Microsoft, especially for Microsoft Sentinel, the response is fast through their French entity.
For what I know about the log collector and how much data it can take in, it is super scalable and capable of handling high workloads.
Microsoft Defender for Cloud Apps is very scalable, provided you have the right subscription.
In my experience, Microsoft Defender for Cloud Apps is good enough for small to medium businesses.
Office 365 and Exchange are running on it, covering about 35,000 users efficiently.
As our organization uses Microsoft Azure and Defender, everything grows together, and we can integrate various features seamlessly.
Being a SaaS solution, the scalability of Microsoft Sentinel is robust.
I would rate it a ten because I have not experienced any stability issues so far with Defender for Cloud Apps.
Like any other Microsoft product, the uptime is good.
The current stability of Microsoft Defender for Cloud Apps is quite good.
So far, we have not experienced any issues, and it has been stable from the beginning.
In the past two years, our team hasn't encountered any issues with the stability of Microsoft Sentinel from an operations perspective.
I need to be aware of deprecated connectors as they may disconnect, but the data continues to be sent with a need for quick adaptation.
For data loss prevention, it would be useful to be able to drill down into the kind of data being transferred over CloudApp.
A significant improvement I would like to see is the integration into a single pane of glass.
Specifically, integration with CASB for on-premise and cloud did not work as anticipated back in 2019.
We have some tools, such as our off-site Meraki firewalls, that have not fully integrated with Sentinel.
Currently, we are happy to have a way in the middle with not so much cost, but it would be nice to have the ability to enhance the automation of workflows based on learned incidents.
There are complexities in calculating the right pricing tier for different customers, which makes it difficult for me as a consultant during upfront pricing.
The pricing for Microsoft Defender for Cloud Apps is acceptable.
My organization is currently revisiting pricing, but previously, the cost was a bit expensive, yet comparable to other solutions with similar functionalities and features.
It's not the cheapest, but also not the most expensive, placing it in the mid-level range.
Microsoft Sentinel offers more capabilities than Bastion, with a more intuitive experience.
Setting up the right cost model for customers is intricate, requiring careful consideration of various components and licensing tiers.
We already had the necessary licensing for Sentinel, so we didn't need to spend extra money.
The ability to sanction unsanctioned apps using Secure Score benchmarking, included in Cloud, is also beneficial.
Microsoft Defender for Cloud Apps is very comprehensive, providing a complete 360-degree view of applications within an organization.
The most valuable features of Microsoft Defender for Cloud Apps include live, up-to-date information, which provided real-time alerts.
Custom workbooks are valuable. It is one of the crucial points in dealing with potential security threats in an automated way without requiring too much manpower.
The best feature of Microsoft Sentinel is its ability to unify all dashboards or functions into one modern SecOps dashboard.
The most valuable features for us include threat collection, threat detection, response, and the knowledge base for investigation.
Microsoft Defender for Cloud Apps is a comprehensive security solution that provides protection for cloud-based applications and services. It offers real-time threat detection and response, as well as advanced analytics and reporting capabilities. With Defender for Cloud Apps, organizations can ensure the security of their cloud environments and safeguard against cyber threats. Whether you're running SaaS applications, IaaS workloads, or PaaS services, Microsoft Defender for Cloud Apps can help you secure your cloud environment and protect your business from cyber threats.
Reviews from Real Users
Ram-Krish, Cloud Security & Governance at a financial services firm, says that Microsoft Defender for Cloud Apps "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need".
PeerSpot user, Senior Cloud & Security Consultant at a tech services, writes that Microsoft Defender for Cloud Apps "Great for monitoring user activity and protecting data while integrating well with other applications".
Simon Burgess,Infrastructure Engineer at SBITSC, states that Microsoft Defender for Cloud Apps is "A fluid, intelligent product for great visibility, centralized management, and increased uptime".
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds
- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft
- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
- Respond to incidents rapidly with built-in orchestration and automation of common tasks
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.