Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Cloud vs Trivy comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
107
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
Microsoft Defender for Cloud
Ranking in Container Security
4th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
75
Ranking in other categories
Vulnerability Management (7th), Container Management (9th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)
Trivy
Ranking in Container Security
16th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 1.0% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 7.2%, down from 8.3% compared to the previous year. The mindshare of Trivy is 5.5%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.
Utsav Sharma - PeerSpot reviewer
Maintain operational efficiency by detecting misconfigurations and vulnerabilities
The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma. It also offers repository scanning in the source code domain, allowing pre-push code scans. The misconfiguration detection works well for CloudFormation, Docker files, and Terraform. Its compliance support, like NIST, ensures that configurations align with standards. Trivy helps me significantly detect misconfigurations missed by the ops engineers or in Terraform by the naked eye. It ensures that my deployments are free of misconfigurations and vulnerabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"PingSafe provides email alerts and ranks issues based on severity, such as high, critical, etc., that help us prioritize issues."
"Cloud Native Security is a tool that has good monitoring features."
"The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue."
"Singularity Cloud Security's most valuable features are its ease of scalability and comprehensive security measures."
"Its performance impact on the systems is low, which means there is a minimal impact on system performance compared to traditional antivirus solutions."
"SentinelOne Singularity Cloud Security has improved our security posture."
"The tool identifies issues quickly."
"We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."
"The most valuable feature is that it's intuitive. It's very intuitive."
"My favorite part of Microsoft Defender for Cloud is the compliance features. Defender covers a wide range of workloads, on par with competing products on the market."
"The pricing is good."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"The technical support is very good."
"The most valuable feature is the regulatory compliance aspect, where we utilize predefined initiatives like NIST."
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"Trivy is easy to integrate with CI/CD and can be installed on desktops to scan images."
"The most valuable feature of Trivy is its easy integration with the CI/CD pipeline."
"It's customizable, allowing me to add any rules and format HTML templates as I wish."
"Trivy's open source nature and wide functionality are incredibly valuable."
"The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma."
"It is open-source."
"I rate Trivy a nine out of ten."
"Trivy's open source nature and wide functionality are incredibly valuable."
 

Cons

"The cost has the potential for improvement."
"They can work on policies based on different compliance standards."
"Scanning capabilities should be added for the dark web."
"In some cases, the rules are strictly enforced but do not align with real-world use cases."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"Bugs need to be disclosed quickly."
"Their search feature could be better."
"The documentation could be better."
"For improvements, I'd like to see more use cases integrated with Microsoft Sentinel and support for multi-cloud environments beyond just Azure."
"However, some Copilot features aren't available in the GCP environment. This is something we hope will be addressed in the future."
"The documentation and implementation guides could be improved."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
"Most customer teams need more training on this type of product."
"Customer service and support from Microsoft are very poor. Even for high-severity cases, response or resolution time can extend to three or four weeks."
"Currently, the container image scanning is static. A dynamic scanning capability during runtime would be a significant advantage."
"In our CI/CD pipelines, Trivy lacks built-in functionality for report analysis."
"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."
"The reporting could be a little better."
"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."
"A dynamic scanning capability during runtime would be a significant advantage."
"For malware detection, I need to use two tools: Trivy as my anomaly scanner and ClamAV. I am integrating these two tools into the CI pipeline. If both malware and anomaly detection could be managed by one tool, I would not need to depend on two tools. That would be my suggestion."
"Trivy can improve by providing an output in PDF format."
 

Pricing and Cost Advice

"I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
"Their pricing appears to be based simply on the number of accounts we have, which is common for cloud-based products."
"Pricing is based on modules, which was ideal for us."
"PingSafe is fairly priced."
"PingSafe falls within the typical price range for cloud security platforms."
"I am not involved in the pricing, but it is cost-effective."
"The tool is cost-effective."
"It's a fair price for what you get. We are happy with the price as it stands."
"I am not involved much with the pricing but the bundle offering is good."
"The cost is fair. There aren't any costs in addition to the standard licensing fee."
"It has global licensing. It comes with multiple licenses since there are around 50,000 people (in our organization) who look at it."
"The solution is expensive, and I rate it a five to six out of ten."
"Azure Defender is a bit pricey. The price could be lower."
"Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
"We only use the free tier, so we haven't faced any pricing, setup costs, or licensing challenges."
"There are improvements that have to be made to the licensing. Currently, for servers, it has to be done by grouping the servers on a single subscription... We don't have an option whereby, if all those resources are in one subscription, we can have each of the individual servers subject to different planning."
Information not available
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
11%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of criti...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem h...
What needs improvement with Trivy?
One drawback I have observed with Trivy is the difficulty in building or integrating a UI, particularly for an operat...
What is your primary use case for Trivy?
The main use case for Trivy is to scan Docker images or packages for CVEs, specifically for vulnerabilities. I use th...
What advice do you have for others considering Trivy?
I rate Trivy an eight out of ten. This rating reflects its open-source nature, comprehensive scanning capabilities, a...
 

Also Known As

PingSafe
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Information Not Available
Find out what your peers are saying about Microsoft Defender for Cloud vs. Trivy and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.