Microsoft Defender for Cloud vs Splunk Observability Cloud comparison

Microsoft and Splunk are both solutions in the Container Management category. Microsoft is ranked #9 with an average rating of 8.1, while Splunk is ranked #8 with an average rating of 8.6. Microsoft holds a 1.1% mindshare in CM, compared to Splunk’s 0.5% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 94% of Splunk users who would recommend it.

Microsoft Defender for Cloud

Read 75 Microsoft Defender for Cloud reviews

243 Views
230 Comparison Views

94% willing to recommend

Splunk Observability Cloud

Read 50 Splunk Observability Cloud reviews

107 Views
55 Comparison Views

94% willing to recommend

Microsoft Defender for Cloud

Splunk Observability Cloud

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Feb 6, 2025

Splunk Observability Cloud and Microsoft Defender for Cloud compete in the IT monitoring and security space. Splunk has an edge in real-time metric handling and data integration, while Microsoft Defender excels in comprehensive security features and cloud coverage.

Features: Splunk Observability Cloud is notable for its robust data integration capabilities, enabling efficient log searching and the creation of custom dashboards. It also provides application performance monitoring, excelling in handling high metric volumes with real-time insights. Microsoft Defender for Cloud focuses on security with features such as advanced threat detection and regulatory compliance across multi-cloud environments.

Room for Improvement: Splunk users cite high costs and complex configurations as primary concerns, along with integration challenges. The documentation and machine learning features also require enhancement. Microsoft Defender faces issues with integration and cost, with users desiring a better user experience and clearer pricing models. Both solutions need to improve usability and reduce false positives.

Ease of Deployment and Customer Service: Splunk supports multiple deployment environments, including on-premises and hybrid clouds, but needs more responsive technical support. Microsoft Defender primarily targets public and hybrid clouds with integrated support within the Microsoft ecosystem. Some users find its technical assistance lacking in responsiveness and clarity.

Pricing and ROI: Both products are considered expensive, yet they offer significant returns on investment. Splunk's pricing model is criticized for high costs when scaling data ingestion, leading some users to explore alternatives. Microsoft Defender faces similar concerns, yet its integration with broader Microsoft packages makes it cost-effective for existing Microsoft clients. Despite the high costs, both solutions prove their value through operational efficiency and enhanced security management.

To learn more, read our detailed Microsoft Defender for Cloud vs. Splunk Observability Cloud Report (Updated: February 2025).

Buyer's Guide

Microsoft Defender for Cloud vs. Splunk Observability Cloud

February 2025

Download the complete report

Helped 845,406 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Defender for Cloud

Ranking in Container Management

9th

Average Rating

8.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Vulnerability Management (7th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)

Splunk Observability Cloud

Ranking in Container Management

8th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Application Performance Monitoring (APM) and Observability (11th), IT Infrastructure Monitoring (9th), Cloud Monitoring Software (9th)

Mindshare comparison

As of April 2025, in the Container Management category, the mindshare of Microsoft Defender for Cloud is 1.1%, up from 0.5% compared to the previous year. The mindshare of Splunk Observability Cloud is 0.5%. It is calculated based on PeerSpot user engagement data.

Container Management

Featured Reviews

Vibhor Goel

Senior Cloud Platform Engineer at Deutsche Börse

A single tool for complete visibility and addressing security gaps

Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Read full review

Lakshmi Padaga

Java Developer at U.S. Bank

Collaborates performance metrics with log data to pinpoint the exact cause of issues and offers error detection

Splunk APM is a robust tool with many capabilities. There are always areas for potential improvement to enhance its functionality and user experience. For Splunk APM, there could be simplified navigation, like streamlining the user interface to make navigation more intuitive for our users, especially those new to APM, which can enhance usability. We can provide more customization options for dashboards and visualizations to help users tailor the platform to their specific needs. There could be more integration capabilities with a wider range of third-party tools and platforms would also be beneficial. By focusing on these areas, Splunk APM can enhance its value proposition, improve user satisfaction, and better meet the evolving needs of organizations monitoring their application performance.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature of Microsoft Defender for Cloud is its ability to assess an environment and give us a clear idea of what security components are lacking and which are not."

"The technical support is very good."

"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."

"The most valuable feature is the recommendations provided on how to improve security. It has made the cloud environment more secure, thanks to all the recommendations we can get."

"DSPM is the most valuable feature."

"I've seen benefits since implementing Microsoft Defender for Cloud. It's easy to manage for our large organization as an endpoint security solution. It integrates well with Office 365 and Windows 11, which is better than before. Patching, updates, and threat protection are all handled together now. Its AI features help predict threats."

"It's quite a good product. It helps to understand the infections and issues you are facing."

"Microsoft Defender for Cloud is a valuable tool that integrates seamlessly with Azure Policy and our Security SIEM, simplifying implementation and enhancing security posture."

More Microsoft Defender for Cloud pros

"The features I have found most valuable are log searching and log analytics, both of which are quick features."

"The ability to create custom dashboards is one of the best features and that's typically why most people deploy Splunk. Users can create dashboards for just about anything."

"I like the fact that Splunk APM makes it easy to connect to the application database and run queries against the data."

"The solution is stable and reliable."

"The tool is efficient in collecting, monitoring and evaluating logs."

"I find the monitoring console very helpful. With one click, I can see how we are performing, and at the same time, I can see what data is flowing."

"It has been beneficial for our IT infrastructure."

"It can monitor, get the data, and then report on the data."

More Splunk Observability Cloud pros

Cons

"There is no perfect product in the world and there are always features that can be added."

"The vulnerabilities are duplicated many times."

"With the new Copilot functionality available everywhere, it is challenging to pinpoint areas for improvement. If I put in a lot of thought, I might identify things, but right now, nothing significant pops into my mind, but there is always room for more transparency, especially in pricing."

"For improvements, I'd like to see more use cases integrated with Microsoft Sentinel and support for multi-cloud environments beyond just Azure."

"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."

"The product's advanced analytics and reporting features could be improved."

"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."

"I would like to see more connectors and plugins with other platforms."

More Microsoft Defender for Cloud cons

"One thing I recently ran into was that the logs on the server most often get Gzipped after they have been rotated. We found that we were not monitoring some of the things, so we had to go back and pull them in. Right now, it pulls one at a time, untars it, or unzips it, so I cannot look at the entire history. There can be an improvement in that area."

"The implementation can be more user-friendly."

"The UI enhancements could be a way to improve the solution in the future."

"Splunk's functionality could be improved by adding database connectors for other platforms like AWS and Azure."

"It is essential for the monitoring tool to deliver quick response times when generating analytical reports, instead of prolonged delays."

"There is not a lot of support for the tool's on-premises version, especially since everything is on the cloud."

"Splunk APM should include a better correlation between resources and infrastructure monitoring."

"They need more EDR functionalities."

More Splunk Observability Cloud cons

Pricing and Cost Advice

"Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."

"We are using the free version of the Azure Security Center."

"The licensing cost per server is $15 per month."

"The pricing and licensing of Microsoft Defender for Cloud have been good for us. We appreciate the licensing approach based on employee count rather than a big enterprise license."

"They have a free version, but the license for this one isn't too high. It's free to start with, and you're charged for using it beyond 30 days. Some other pieces of Defender are charged based on usage, so you will be charged more for a high volume of transactions. I believe Defender for Cloud is a daily charge based on Azure's App Service Pricing."

"Azure Defender is a bit pricey. The price could be lower."

"Microsoft's licensing and pricing are sometimes complicated. If someone is new to Microsoft's licensing, they might have difficulty with it."

"Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."

More Microsoft Defender for Cloud pricing and cost advice

"It is expensive."

"I am not in that circle, but we are currently licensing based on our queries. That is working out for us. Previously, it was by volume of data, and now, we can store as much data as we want."

"Splunk APM is expensive."

"Splunk has been fairly expensive, but it has been predictable."

"Splunk APM is a very cost-efficient solution."

"The pricing is based on several factors, including the scale of deployment."

"The solution's pricing is costly."

"Splunk offers a 14-day free trial and after that, we have to pay but the cost is reasonable."

More Splunk Observability Cloud pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Container Management solutions are best for your needs.

See recommendations

845,406 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

13%

Manufacturing Company

Government

Financial Services Firm

17%

Computer Software Company

15%

Manufacturing Company

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

How is Prisma Cloud vs Azure Security Center for security?

Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a...

See all answers

What do you like most about Microsoft Defender for Cloud?

The entire Defender Suite is tightly coupled, integrated, and collaborative.

See all answers

What is your experience regarding pricing and costs for Microsoft Defender for Cloud?

Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem higher than expected.

See all answers

What do you like most about SignalFx?

The most valuable feature is dashboard creation.

See all answers

What needs improvement with SignalFx?

There is room for improvement in the alerting system, which is complicated and has less documentation available. We sometimes encountered issues in setting up alerts. The custom detector could be m...

See all answers

What is your primary use case for SignalFx?

The main purpose of using Splunk APM is to optimize our application. We use Splunk APM primarily to understand how the application works, how it uses resources, and its response time in connection ...

See all answers

Comparisons

AWS GuardDuty vs Microsoft Defender for Cloud

Compared 21% of the time

Wiz vs Microsoft Defender for Cloud

Compared 13% of the time

Prisma Cloud by Palo Alto Networks vs Microsoft Defender for Cloud

Compared 12% of the time

Microsoft Defender XDR vs Microsoft Defender for Cloud

Compared 4% of the time

Orca Security vs Microsoft Defender for Cloud

Compared 3% of the time

More Microsoft Defender for Cloud Competitors

Observe vs Splunk Observability Cloud

Compared 22% of the time

Splunk ITSI (IT Service Intelligence) vs Splunk Observability Cloud

Compared 8% of the time

Dynatrace vs Splunk Observability Cloud

Compared 6% of the time

Rancher Labs vs Splunk Observability Cloud

Compared 5% of the time

Amazon CloudWatch vs Splunk Observability Cloud

Compared 4% of the time

More Splunk Observability Cloud Competitors

Product Reports

Buyer's Guide

Microsoft Defender for Cloud

March 2025

Download Microsoft Defender for Cloud product report

Buyer's Guide

Splunk Observability Cloud

March 2025

Download Splunk Observability Cloud product report

Also Known As

Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender

Splunk Infrastructure Monitoring

Interactive Demo

Microsoft

Demo not available

Splunk

Overview

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Microsoft

Splunk Observability Cloud combines log search, data integration, and dashboards for seamless monitoring, enhancing infrastructure visibility and security. Its cloud integration and scalability support diverse environments, improving operational efficiency.

Splunk Observability Cloud offers comprehensive monitoring tools with user-friendly interfaces, enabling end-to-end infrastructure visibility. Its real-time alerting and predictive capabilities enhance security monitoring, while centralized dashboards provide cross-platform visibility. Users benefit from fast data integration and extensive insights into application performance. Despite its advantages, improvements could be made in integration with other tools, data reliability, scalability, and cost management. Users face challenges in configuration complexity and require better automation and endpoint protection features. Enhancing AI integration, alerts, and adaptation for high-throughput services could further improve usability.

What are the key features of Splunk Observability Cloud?

Log Search: Efficiently search and analyze log data for enhanced insights.
Data Integration: Fast integration across platforms for comprehensive visibility.
Custom Dashboards: Powerful and adaptable dashboards for real-time monitoring.
Cloud Integration: Seamless integration with cloud services for scalable solutions.
Application Performance Monitoring: Advanced tools for improving application performance.

What benefits and ROI should be expected?

Infrastructure Monitoring: Improved visibility and monitoring across infrastructure components.
Operational Efficiency: Enhancements in data analysis lead to efficient operations.
Business Resilience: Supports adaptability and swift responses to changing needs.
Security Management: Enhances threat identification and response through real-time alerts.
Compliance Support: Aids in meeting compliance and auditing requirements effectively.

In industries like finance and healthcare, Splunk Observability Cloud is implemented for application performance monitoring and infrastructure metrics. Its ability to track incidents and analyze machine data benefits network infrastructure, while distributed tracing and log analysis aid in tackling security threats. Organizations often integrate it for compliance and auditing purposes, enhancing visibility into network traffic and optimizing performance.

Splunk

Sample Customers

Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.

Sunrun, Yelp, Onshape, Tapjoy, Symphony Commerce, Chairish, Clever, Grovo, Bazaar Voice, Zenefits, Avalara

Buyer's Guide

Microsoft Defender for Cloud vs. Splunk Observability Cloud

February 2025

Free Report: Microsoft Defender for Cloud vs. Splunk Observability Cloud

Find out what your peers are saying about Microsoft Defender for Cloud vs. Splunk Observability Cloud and other solutions. Updated: February 2025.

DOWNLOAD NOW

845,406 professionals have used our research since 2012.

See our Microsoft Defender for Cloud vs. Splunk Observability Cloud report.

See our list of best Container Management vendors.

We monitor all Container Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.