Try our new research platform with insights from 80,000+ expert users

Microsoft Defender Vulnerability Management vs Microsoft Defender for Cloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
27th
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (6th)
Microsoft Defender for Cloud
Ranking in Vulnerability Management
7th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
75
Ranking in other categories
Container Management (9th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)
Microsoft Defender Vulnerab...
Ranking in Vulnerability Management
14th
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
12
Ranking in other categories
Advanced Threat Protection (ATP) (17th), Microsoft Security Suite (22nd), Risk-Based Vulnerability Management (5th)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.
TakayukiUmehara - PeerSpot reviewer
Ease of management and integration supports operations, but has high resource consumption
A valuable feature is the ease of management and integration with Microsoft products. I appreciate that I can click on a server in the Defender Console, notice a risk, and retrieve all necessary information. Speed is a key feature as it is very quick to administer and allows for manual configuration from the portal.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"The most valuable feature of Microsoft Defender for Cloud is its ability to assess an environment and give us a clear idea of what security components are lacking and which are not."
"The most valuable feature is that it's intuitive. It's very intuitive."
"Microsoft Defender for Cloud is a valuable tool that integrates seamlessly with Azure Policy and our Security SIEM, simplifying implementation and enhancing security posture."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"The most valuable feature is the regulatory compliance aspect, where we utilize predefined initiatives like NIST. Alert management is another useful feature. Alerts are directly integrated with our email or DevOps board for easy viewing, allowing us to identify problem areas efficiently."
"Microsoft Defender for Cloud has made our environment more secure."
"The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance."
"Microsoft Defender Vulnerability Management is versatile and assesses vulnerabilities, providing detailed information on CVEs, their categories, and exploit statuses."
"Microsoft Defender Vulnerability Management is versatile and assesses vulnerabilities, providing detailed information on CVEs, their categories, and exploit statuses."
"The product’s most valuable features are compliance, recommendations, and inventories."
"The integration with SIEM is the best, specifically the native integration with Microsoft SIEM."
"The product's stability is very high...The scalability of the product is amazing."
"The integration with Sentinel has been one of the most valuable features for my organization."
"The integration with Sentinel has been one of the most valuable features for my organization."
"The solution helps identify threats and vulnerabilities."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"The range of workloads is broad, but we'd love to add more workloads and make it a single security solution that covers all those workloads. Covering more would allow us to see and protect more workloads from a single pane of glass. Additional features should include protection for more AI workloads as it currently focuses primarily on OpenAI."
"I would like to see more connectors and plugins with other platforms."
"They could always work to make the pricing a bit lower."
"Defender could improve how data is represented. It can be unstructured or slow to load. The recent update allowing policy grouping into control groups is beneficial, but further enhancements for speed and clarity are needed."
"You cannot create custom use cases."
"Sometimes the stability of the agents could be improved."
"The automated remediations can be more specific."
"We have experienced some logging issues, including a few hours of downtime initially. Despite this, I would rate the overall stability as an eight."
"There is a good solution from Microsoft, however, there is a gap between Windows and Linux management."
"The worst aspect is the refresh rate of the dashboard. A vulnerability I patch within 15 minutes takes 24 additional hours for an update."
"The product is not stable; it is very resource-intensive, consuming a lot of memory and CPU, which makes it slow."
"The general support could be improved."
"The worst aspect is the refresh rate of the dashboard."
 

Pricing and Cost Advice

Information not available
"The tool is pretty expensive."
"Pricing is a consideration, but we strive to keep costs low by enabling only necessary services."
"I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
"The licensing is straightforward but can become expensive if you cover everything. You must balance the cost against the importance of what needs covering."
"Defender's basic version is free, which is good. Many of our teams are evaluating the paid version against third-party products."
"Azure Defender is definitely pricey, but their competitors cost about the same. For example, a Palo Alto solution is the same price per endpoint, but the ground strikes cost a bit more than Azure Defender. Still, it's pricey for a company like ours. Maybe well-established organizations can afford it, but it might be too costly for a startup."
"The pricing and licensing of Microsoft Defender for Cloud have been good for us. We appreciate the licensing approach based on employee count rather than a big enterprise license."
"Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
"The tool is a bit costly."
"The licensing model follows a per-user per-month structure."
"The licensing costs are reasonable."
"The product’s pricing is medium."
"I rate the product's price a three on a scale of one to ten, where one is a low price, and ten is a high price."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
University
6%
Manufacturing Company
6%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Financial Services Firm
13%
Computer Software Company
13%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Pricing for Zafran Security is not expensive. We have a contract for five years, and the cost is lower than other too...
What needs improvement with Zafran Security?
I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working o...
What is your primary use case for Zafran Security?
We use Zafran Security for threat prioritization. We establish priority to understand which risks should be patched o...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem h...
What is your experience regarding pricing and costs for Microsoft Defender Vulnerability Management?
I would rate the price as a three for us due to the partnership discounts. For non-partners, however, the cost could ...
What needs improvement with Microsoft Defender Vulnerability Management?
For our current usage, we do not have any complaints, but a potential improvement could be the introduction of a more...
 

Also Known As

No data available
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Information Not Available
Find out what your peers are saying about Microsoft Defender Vulnerability Management vs. Microsoft Defender for Cloud and other solutions. Updated: February 2025.
845,040 professionals have used our research since 2012.