Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Cloud vs Qualys TotalCloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Vulnerability Management
6th
Ranking in Container Security
3rd
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
4th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Average Rating
8.6
Reviews Sentiment
8.1
Number of Reviews
92
Ranking in other categories
Cloud and Data Center Security (5th), Compliance Management (3rd)
Microsoft Defender for Cloud
Ranking in Vulnerability Management
7th
Ranking in Container Security
5th
Ranking in Cloud Workload Protection Platforms (CWPP)
3rd
Ranking in Cloud Security Posture Management (CSPM)
3rd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
4th
Average Rating
8.0
Reviews Sentiment
6.2
Number of Reviews
56
Ranking in other categories
Container Management (10th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (3rd), Compliance Management (2nd)
Qualys TotalCloud
Ranking in Vulnerability Management
30th
Ranking in Container Security
25th
Ranking in Cloud Workload Protection Platforms (CWPP)
20th
Ranking in Cloud Security Posture Management (CSPM)
22nd
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
17th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
3
Ranking in other categories
SaaS Security Posture Management (SSPM) (5th)
 

Mindshare comparison

As of November 2024, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of SentinelOne Singularity Cloud Security is 2.5%, up from 0.9% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 12.7%, down from 13.5% compared to the previous year. The mindshare of Qualys TotalCloud is 0.8%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Aug 29, 2024
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Anurag Awasthi - PeerSpot reviewer
Oct 26, 2022
Offers excellent firewall management and visibility into threats in a stable, integrated security suite
The solution's robust security posture is the most valuable feature. We have a lot of firewalls, and we can manage them in the solution through the firewall manager. We can set up an Azure firewall and centralize the management policy. The solution provides excellent visibility into threats, and it's a cloud-based integrated solution, so we don't have to worry about any third-party products or services. Microsoft provides so many options, and that's great. Defender for Cloud generates reports we can use as an assessment, as it allows us to see the services in our environment and our points of highest risk. The solution's threat intelligence helps us prepare for threats before they hit and take proactive steps, which is very useful for analysis.
Brad Mathis - PeerSpot reviewer
Jun 10, 2024
Offers easy-to-follow instructions, enhanced posture management, and improved visibility
TotalCloud offers written explanations to guide us through fixing security vulnerabilities and reducing cyber risks. For instance, if we click on a finding like "ensure public access level is set to private for block containers" a CIS Microsoft Azure Foundations benchmark, TotalCloud will not only tell us which specific container is failing but also provide remediation steps. These steps include a clear, step-by-step guide to fix the issue directly from the Azure console or command line, making it easy to address security risks. After deploying TotalCloud and configuring the connectors for Azure, we quickly gained visibility into our cloud security posture. While the initial setup gathers data, the overall process is swift and delivers immediate insights. TotalCloud offers a unified way to assess vulnerabilities and threats across both Asset-as-a-service and software-as-a-service applications. While an additional module, Software Detection Response, is required for the same level of detail in SaaS assessments, it integrates seamlessly with TotalCloud and gathers information through the Azure connector. Similarly, the SDR component is used for Microsoft 365 environments, consolidating all threat data into a single report. It has significantly enhanced our posture management insight and awareness. It provides a valuable third-party perspective, highlighting potential security issues we might have missed with Microsoft's built-in settings. This independent view offers a more objective assessment, similar to having a security expert unaffiliated with Microsoft or any specific platform. TotalCloud summarizes our cloud security risks in a single view, prioritizing the most important ones. It allows us to generate reports based on severity levels (critical, high, medium) and offers pre-built dashboards like the Azure one, which highlights the most critical control failures along with the number of affected resources. This way, we can focus on addressing the most urgent issues first. We can use TruRisk in TotalCloud to view a risk score for our virtual machines. This score indicates the overall security posture of the machine, along with details on identified vulnerabilities confirmed and potential. While the TruRisk score is a valuable integration, I haven't had the chance to fully explore its functionalities in our environment yet.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link."
"The ease of use of the platform is very nice."
"PingSafe offers security solutions for both Kubernetes and CI/CD pipelines."
"Cloud Security has provided a single view to observe all workloads, prioritization for handling cloud assets, and reduced noise by distinguishing false positives effectively."
"The most valuable aspect of Singularity Cloud Security is its unified dashboard."
"It integrates very well. We sell different products from different vendors. We know that the SentinelOne Singularity platform can be integrated with several different solutions from different vendors."
"Cloud Native Security is a tool that has good monitoring features."
"Singularity Cloud's ability to create custom correlation searches and reduce noise is highly valuable."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"The solution is used for risks, vulnerabilities, and compliance."
"The valuable features include the ability to manage devices and the fact that Defender can replace other security tools like SCCM."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"The solution is up-to-date with the latest updates and identified threats."
"Technical support is helpful."
"Its excellent graphical interface makes the scanning process simple."
"While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices."
"The most valuable feature is extensibility."
 

Cons

"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"The integration with Oracle has room for improvement."
"PingSafe's current documentation could be improved to better assist customers during the cluster onboarding process."
"SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors."
"There is a bit of a learning curve for new users."
"There should be more documentation about the product."
"Some of the navigation and some aspects of the portal may be a little bit confusing."
"In some cases, the rules are strictly enforced but do not align with real-world use cases."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"Pricing could be improved. There are limited options based on pricing for the government."
"Support needs to be highly responsive, especially in large enterprise environments."
"The remediation process could be improved."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Integration into other third-party products, particularly those from tier three vendors like ManageEngine and Hexcode, has proven difficult."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
 

Pricing and Cost Advice

"PingSafe is fairly priced."
"The features included in PingSafe justify its price point."
"I understand that SentinelOne is a market leader, but the bill we received was astronomical."
"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."
"It was reasonable pricing for me."
"I am not involved in the pricing, but it is cost-effective."
"As a partner, we receive a discount on the licenses."
"SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal."
"We are using the free version of the Azure Security Center."
"I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
"Azure Defender is definitely pricey, but their competitors cost about the same. For example, a Palo Alto solution is the same price per endpoint, but the ground strikes cost a bit more than Azure Defender. Still, it's pricey for a company like ours. Maybe well-established organizations can afford it, but it might be too costly for a startup."
"This solution is more cost-effective than some competing products. My understanding is that it is based on the number of integrations that you have, so if you have fewer subscriptions then you pay less for the service."
"Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
"There are two different plans. We're using the secure basic plan, but we have used the end security plan as well. There are additional costs, but it gives us more functionalities compared to the basic plan."
"Defender for Cloud is pretty costly for a single line. It's incredibly high to pay monthly for security per server. The cost is considerable for an enterprise with 500-plus virtual machines, and the monthly bill can spike."
"The cost of the license is based on the subscriptions that you have."
"Qualys TotalCloud is expensive."
"TotalCloud's price is about right where I would expect it to be."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
16%
Manufacturing Company
10%
Insurance Company
5%
Computer Software Company
16%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
22%
Financial Services Firm
12%
Government
12%
Manufacturing Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native S...
What needs improvement with PingSafe?
They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing t...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
The pricing is good. It is license-based, and we are not utilizing all of the features, like API and other functional...
What needs improvement with Qualys TotalCloud?
Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionalit...
What is your primary use case for Qualys TotalCloud?
We utilize Qualys TotalCloud to conduct DNS, IP, and WOS scans and identify system vulnerabilities.
 

Also Known As

PingSafe
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
Qualys TotalCloud with FlexScan
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Information Not Available
Find out what your peers are saying about Microsoft Defender for Cloud vs. Qualys TotalCloud and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.