We performed a comparison between Microsoft Defender for Cloud and Trellix Cloud Workload Security based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The cloud misconfiguration is the most valuable feature."
"It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security."
"All the features we use are equal and get the job done."
"We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"The visibility is the best part of the solution."
"We use the infrastructure as code scanning, which is good."
"It is fairly simple. Anybody can use it."
"The technical support is very good."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"DSPM is the most valuable feature."
"Good compliance policies."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"The most valuable feature is the application control."
"The discovery feature is the most valuable. After you integrate your cloud environment, maybe an Azure or AWS, or a private environment hosted on VMware, it automatically starts discovering the number of servers that are running on that cloud and the number of services that you have done. It is a beautiful feature because, from a security standpoint, it is difficult to identify which VM is compliant or not when you keep on provisioning a number of VMs in the cloud. It also checks for compliance. It checks whether a system is compliant and whether antivirus is installed on a VM. If an antivirus is installed, it checks whether the antivirus is updated to the latest signature package or not. All these things are beautifully done by McAfee Cloud Workload Security. For communicating with the McAfee server, you need to install an agent on the VM. McAfee Cloud Workload Security gives you a direct opportunity to install an agent on a Windows machine. If you have a Windows cloud, you can directly push that agent onto the VM through your McAfee portal. It provides you a single dashboard view of all servers present in the cloud. It shows the servers on which the antivirus is already installed as well as the servers for which the antivirus installation is still pending. This dashboard view is a much-needed thing. It also has a centralized management, which makes it easy to use."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing."
"We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks."
"PingSafe can be improved by developing a comprehensive set of features that allow for automated workflows."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"We had a glitch in PingSafe where it fed us false positives in the past."
"While it is good, I think the solution's console could be improved."
"I felt that there was disconnection in terms of understanding the UI. The communication for moving from the old UI to the new UI could be improved. It was a bit awkward."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"The documentation and implementation guides could be improved."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"The product must improve its UI."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"It needs to be simplified and made more user-friendly for a non-technical person."
"The documentation could be much clearer."
"Its vulnerability assessment is not the best. We cannot identify the vulnerabilities that are related to the operating system by using McAfee Cloud Workload Security. I wish McAfee would add a vulnerability assessment tool that will not only identify the vulnerability but will also be able to generate a report so that the required patching can be done for the servers. Currently, McAfee Cloud Workload Security only integrates with AWS and Azure. If it can also integrate with GCP, Alibaba, and other cloud services available in the market, it would be good because not all people are using Azure and AWS."
"There is room for improvement in the pricing model."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Trellix Cloud Workload Security Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews while Trellix Cloud Workload Security is ranked 19th in Cloud Workload Protection Platforms (CWPP) with 2 reviews. Microsoft Defender for Cloud is rated 8.0, while Trellix Cloud Workload Security is rated 9.0. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Trellix Cloud Workload Security writes "Easy policy designing and highly scalable solution". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Trellix Cloud Workload Security is most compared with AWS GuardDuty, Trend Vision One - Cloud Security and Prisma Cloud by Palo Alto Networks. See our Microsoft Defender for Cloud vs. Trellix Cloud Workload Security report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.