Microsoft Defender for Cloud vs Microsoft Purview Data Lifecycle Management comparison

"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."

"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."

"The product has given us more insight into potential avenues for attack paths."

"The most valuable feature is the hunting feature, which integrates well into the entire Microsoft ecosystem."

"It offers virus management and addresses threats such as viruses, worms, spyware, and other critical security concerns."

"It alerts us to our vulnerabilities and ensures compliance by marking off a compliance tool checklist."

"Microsoft Defender for Cloud has improved our security poster by at least 100 percent."

"The solution is used for risks, vulnerabilities, and compliance."

"The UI is the most valuable feature."

"Purview's built-in functionality provides immediate access to reports, streamlining the entire process."

"The automatic data labeling is compelling, and we are investigating its use."

"My experience with Microsoft Defender for Cloud has been largely negative due to a poor user experience."

"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."

"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."

"The customer service at Microsoft has room for improvement. The first line of support is not technically adept and often requires engaging higher-level technicians to resolve issues."

"Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority."

"The product's advanced analytics and reporting features could be improved."

"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."

"The product must improve its UI."

"Microsoft Purview Data Lifecycle Management can be challenging to implement due to its complexity and dense documentation, making it difficult to get started."

"Microsoft's Purview Data Lifecycle Management preview features can be unreliable, hindering their usefulness."

"Microsoft Purview Data Lifecycle Management can be challenging to implement due to its complexity and dense documentation, making it difficult to get started."

"Defender for Cloud is pretty costly for a single line. It's incredibly high to pay monthly for security per server. The cost is considerable for an enterprise with 500-plus virtual machines, and the monthly bill can spike."

"Defender's basic version is free, which is good. Many of our teams are evaluating the paid version against third-party products."

"Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."

"The pricing and licensing of Microsoft Defender for Cloud have been good for us. We appreciate the licensing approach based on employee count rather than a big enterprise license."

"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."

"Pricing is a consideration, but we strive to keep costs low by enabling only necessary services."

"The cost is fair. There aren't any costs in addition to the standard licensing fee."

"It has global licensing. It comes with multiple licenses since there are around 50,000 people (in our organization) who look at it."

"The service operates on a pay-as-you-go basis, charging an extra one cent per field of metadata scanned in our data."