Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Cloud vs Sysdig Monitor comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
107
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Container Security (3rd), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Compliance Management (2nd)
Microsoft Defender for Cloud
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
4th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
75
Ranking in other categories
Vulnerability Management (7th), Container Management (9th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)
Sysdig Monitor
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
21st
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
3
Ranking in other categories
Container Monitoring (9th), Cloud Monitoring Software (33rd)
 

Mindshare comparison

As of April 2025, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of SentinelOne Singularity Cloud Security is 3.1%, up from 1.2% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 11.2%, down from 12.2% compared to the previous year. The mindshare of Sysdig Monitor is 0.5%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.
Md. Olid Hasan Bhuiyan - PeerSpot reviewer
Provides a good view of the sequence and offers in-depth visibility into my infrastructure
I needed to identify the sequence and frequency of system calls for a specific system. Sysdig provided this information readily. However, analyzing frequency proved more challenging. As far as I know, Sysdig Monitor lacks functionality to directly obtain system call frequency for certain files. Therefore, I had to capture a screenshot of the relevant data from Sysdig Monitor and then manually extract the text. A built-in Sysdig feature to retrieve system call frequency for specific website actions would greatly enhance its usefulness. I had difficulty installing Sysdig Monitor on Windows.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable aspect of Singularity Cloud Security is its unified dashboard."
"The agentless vulnerability scanning is great."
"SentinelOne Singularity Cloud Security has saved up to 50 percent in engineering time."
"PingSafe's graph explorer is a valuable tool that lets us visualize all connected services."
"PingSafe offers security solutions for both Kubernetes and CI/CD pipelines."
"It's helped free up staff time so that they can work on other projects."
"The real-time detection and response capabilities overall are great."
"SentinelOne Singularity Cloud Security offers valuable scalability suitable for organizations of all sizes, from small businesses to large enterprises."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"Defender for Cloud provides a complete DevOps security package for cloud services."
"The most valuable features offer the latest threat detection and response capabilities."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"Some of the most valuable features of Microsoft Defender for Cloud include its effectiveness in threat detection through unsupervised machine learning, CTI, and advanced sandboxing."
"Defender for Cloud has improved our security posture."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"The most valuable feature is the recommendations provided on how to improve security. It has made the cloud environment more secure, thanks to all the recommendations we can get."
"The ability to stop/pause and capture logs when something happens is the most valuable feature."
"Docker containers are completely supported, kind of like "first class citizens"."
"Sysdig Monitor impressed me with its in-depth visibility into my infrastructure."
 

Cons

"SentinelOne currently lacks a break glass account feature, which is critical for implementing Single Sign-On."
"I would like to see the map feature improve. It's good, but it isn't fully developed. It lets us use custom resources and policies but does not allow us to perform some actions. I would also like more custom integration and runtime security for Kubernetes."
"Whenever I view the processes and the process aspect, it takes a long time to load."
"The could improve their mean time to detect."
"Singularity Cloud Security currently lacks a break-glass account function, which is a critical component for implementing Single Sign-On as it allows for regaining access in emergencies."
"We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating."
"PingSafe takes four to five hours to detect and highlight an issue, and that time should be reduced."
"They need more experienced support personnel."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"I rate Microsoft support five out of 10. It gets better once you're escalated past the first and second levels. It's difficult to get the necessary support when tickets are first opened."
"I would like to see more connectors and plugins with other platforms."
"I recommend that they extend the scope for legacy infra assets."
"However, some Copilot features aren't available in the GCP environment. This is something we hope will be addressed in the future."
"The user interface of Microsoft Defender for Cloud, like many Microsoft portals, undergoes frequent changes and feature relocation."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
""Events" reporting (errors, crashes, etc.) is not clear at all in a Mesos environment (i.e., it's not clear what specific container is the one that went down). In a Docker Compose environment, it may be way better."
"It is needs to automate the actions to take when an alert is triggered."
"I had difficulty installing Sysdig Monitor on Windows."
 

Pricing and Cost Advice

"PingSafe is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less."
"I understand that SentinelOne is a market leader, but the bill we received was astronomical."
"I would rate the cost a seven out of ten with ten being the most costly."
"The pricing for PingSafe in India was more reasonable than other competitors."
"Singularity Cloud Security by SentinelOne is cost-efficient."
"PingSafe is less expensive than other options."
"SentinelOne is quite costly compared to other security platforms."
"Its pricing was a little less than other providers."
"There are improvements that have to be made to the licensing. Currently, for servers, it has to be done by grouping the servers on a single subscription... We don't have an option whereby, if all those resources are in one subscription, we can have each of the individual servers subject to different planning."
"Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."
"The cost of the license is based on the subscriptions that you have."
"Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters."
"Azure Defender is a bit pricey. The price could be lower."
"Our clients complain about the cost of Microsoft Defender for Cloud."
"Pricing is a consideration, but we strive to keep costs low by enabling only necessary services."
"Microsoft's licensing and pricing are sometimes complicated. If someone is new to Microsoft's licensing, they might have difficulty with it."
"Sysdig Monitor is not expensive."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Financial Services Firm
21%
Computer Software Company
16%
Manufacturing Company
7%
University
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of criti...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem h...
What needs improvement with Sysdig Monitor?
I needed to identify the sequence and frequency of system calls for a specific system. Sysdig provided this informati...
What is your primary use case for Sysdig Monitor?
During my undergraduate studies, I investigated how the frequency or order of actions within a specific system trigge...
 

Also Known As

PingSafe
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
SAP Concur, Goldman Sachs, Worldpay by FIS, Cisco, Experian, Home Office, Societe Generale, Sunrun. More here: https://sysdig.com/customers/
Find out what your peers are saying about Microsoft Defender for Cloud vs. Sysdig Monitor and other solutions. Updated: March 2025.
845,406 professionals have used our research since 2012.