Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Cloud vs Tenable Nessus comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
27th
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (6th)
Microsoft Defender for Cloud
Ranking in Vulnerability Management
7th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
75
Ranking in other categories
Container Management (9th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)
Tenable Nessus
Ranking in Vulnerability Management
3rd
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
81
Ranking in other categories
No ranking in other categories
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.
HarshBhardiya - PeerSpot reviewer
Provided increased visibility across the organization's servers
The user interface of Tenable Nessus feels outdated and could be more user-friendly. Additionally, the documentation is not well-organized, which can be confusing when searching for solutions or specific information related to Tenable Nessus Professional. The reporting feature could be improved by allowing users to create their own templates instead of relying on predefined ones.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran has become an indispensable tool in our cybersecurity arsenal."
"Zafran is an excellent tool."
"Microsoft Defender for Cloud has improved our security poster by at least 100 percent."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"The most valuable feature is the regulatory compliance aspect, where we utilize predefined initiatives like NIST."
"The solution's coordinated detection and response across devices and identities is impressive because it is complete."
"Microsoft Defender for Cloud is a valuable tool that integrates seamlessly with Azure Policy and our Security SIEM, simplifying implementation and enhancing security posture."
"Scalability is great, and I would rate it a ten out of ten."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Microsoft Defender for Cloud is a valuable tool that integrates seamlessly with Azure Policy and our Security SIEM, simplifying implementation and enhancing security posture."
"It allows me to prioritize efforts and utilize effective technical resources."
"The reports are pretty nice and easy to understand."
"The initial setup of Tenable Nessus is very easy."
"It notifies us of vulnerabilities as they arise, allowing us to respond quickly without manual intervention."
"I like the fact that it was not expensive. I like that it's user-friendly."
"Tenable Nessus is cheap and flexible."
"The most valuable features are that it's fast, it's easy to use and it provides good reports."
"With the Tenable Nessus enterprise edition, you have unlimited licenses to scan the device."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"However, some Copilot features aren't available in the GCP environment. This is something we hope will be addressed in the future."
"Microsoft Graph needs improvement."
"We haven't experienced issues with Microsoft Defender for Cloud for our company size of about five hundred people. However, I've heard there might be issues with scalability for larger enterprises."
"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"The product's advanced analytics and reporting features could be improved."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"Some things in the user interface could be better. The user interface could allow more adjustments to plugins. The price could also be better."
"You can scale Nessus to the extent that you can afford it. You need to have a license for every device you scan. As long as you can afford the increased costs, you won't have a problem scaling it."
"The scalability of Tenable Nessus is good. However, it could be more flexible."
"We feel the solution's technical support to be very bad."
"I would like to have a management option after the network scanning."
"There could be an integration between Tenable Nessus and other Tenable products. It will help us manage all the solutions using one dashboard."
"The pricing point has increased significantly in recent years. The product's pricing has roughly tripled within the last couple of years, making us reconsider renewing the license for the scanner."
"EQA's and dashboards should be addressed in the next release."
 

Pricing and Cost Advice

Information not available
"This solution is more cost-effective than some competing products. My understanding is that it is based on the number of integrations that you have, so if you have fewer subscriptions then you pay less for the service."
"We only use the free tier, so we haven't faced any pricing, setup costs, or licensing challenges."
"It is bundled with our enterprise subscription, which makes it easy to go for it. It is available by default, and there is no extra cost for using the standard features."
"Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters."
"There are improvements that have to be made to the licensing. Currently, for servers, it has to be done by grouping the servers on a single subscription... We don't have an option whereby, if all those resources are in one subscription, we can have each of the individual servers subject to different planning."
"It has global licensing. It comes with multiple licenses since there are around 50,000 people (in our organization) who look at it."
"We are using the free version of the Azure Security Center."
"They have a free version, but the license for this one isn't too high. It's free to start with, and you're charged for using it beyond 30 days. Some other pieces of Defender are charged based on usage, so you will be charged more for a high volume of transactions. I believe Defender for Cloud is a daily charge based on Azure's App Service Pricing."
"We paid about six thousand dollars per license."
"The price of Tenable Nessus is too expensive for each service center."
"The price is okay. I would give it a seven out of ten, where one is cheap and ten is expensive."
"The solution has free options."
"This solution is affordable."
"We pay approximately $2,500 on a yearly basis."
"The is a free version of Tenable Nessus available."
"Cost-wise, it's an affordable tool."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
University
6%
Manufacturing Company
6%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Educational Organization
41%
Computer Software Company
9%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Pricing for Zafran Security is not expensive. We have a contract for five years, and the cost is lower than other too...
What needs improvement with Zafran Security?
I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working o...
What is your primary use case for Zafran Security?
We use Zafran Security for threat prioritization. We establish priority to understand which risks should be patched o...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem h...
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...
What do you like most about Tenable Nessus?
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to addre...
 

Also Known As

No data available
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Find out what your peers are saying about Microsoft Defender for Cloud vs. Tenable Nessus and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.