Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Cloud vs Trivy comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
108
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
Microsoft Defender for Cloud
Ranking in Container Security
4th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
75
Ranking in other categories
Vulnerability Management (7th), Container Management (9th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (4th), Compliance Management (3rd)
Trivy
Ranking in Container Security
16th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 1.0% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 7.2%, down from 8.3% compared to the previous year. The mindshare of Trivy is 5.5%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.
Utsav Sharma - PeerSpot reviewer
Maintain operational efficiency by detecting misconfigurations and vulnerabilities
The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma. It also offers repository scanning in the source code domain, allowing pre-push code scans. The misconfiguration detection works well for CloudFormation, Docker files, and Terraform. Its compliance support, like NIST, ensures that configurations align with standards. Trivy helps me significantly detect misconfigurations missed by the ops engineers or in Terraform by the naked eye. It ensures that my deployments are free of misconfigurations and vulnerabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are automated threat response, AI detection, and static and dynamic detection."
"As a frequently audited company, we value PingSafe's compliance monitoring features. They give us a report with a compliance score for how well we meet certain regulatory standards, like HIPAA. We can show our compliance as a percentage. It's also a way to show that we are serious about security."
"SentinelOne Singularity Cloud Security offers valuable scalability suitable for organizations of all sizes, from small businesses to large enterprises."
"The management console is highly intuitive to comprehend and operate."
"PingSafe stands out for its user-friendly interface and intuitive software, making it easy to navigate and use."
"SentinelOne Singularity Cloud Security has significantly improved our risk posture."
"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats."
"I find Microsoft Defender for Cloud's KQL very flexible and powerful. It's really easy to search through with KQL queries to find the security breaches and incidents and to track down the breach itself."
"The most valuable feature of Microsoft Defender for Cloud is its ability to assess an environment and give us a clear idea of what security components are lacking and which are not."
"It's quite a good product. It helps to understand the infections and issues you are facing."
"Microsoft Defender for Cloud can find potential phishing links and malicious code in data at rest."
"The most valuable feature is the hunting feature, which integrates well into the entire Microsoft ecosystem."
"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."
"The product has given us more insight into potential avenues for attack paths."
"Defender for Cloud is an improvement over Trend Micro, our previous solution. We like integrating our endpoints and visualizing everything in one place. It provides comprehensive coverage for endpoints, servers, and overall environmental security."
"It is open-source."
"Trivy's open source nature and wide functionality are incredibly valuable."
"Trivy is easy to integrate with CI/CD and can be installed on desktops to scan images."
"Trivy's open source nature and wide functionality are incredibly valuable."
"I can see vulnerabilities in the images of any applications deployed in the Kubernetes environment or as container applications."
"It's customizable, allowing me to add any rules and format HTML templates as I wish."
"I definitely recommend Trivy."
"The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma."
 

Cons

"A beneficial improvement for PingSafe would be integration with Jira, allowing for a more streamlined ticketing system."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors."
"If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"A vulnerability alert would appear, and we'd fix it, but then the same alert would return the next day."
"While SentinelOne offers robust security features, its higher cost may present a challenge for budget-conscious organizations."
"They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority."
"Although Microsoft Defender for Cloud is based on security, I wish it went beyond providing assessments, reports, and generic steps. More detailed procedures would be helpful, especially for lower-level support staff."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"Defender could improve how data is represented. It can be unstructured or slow to load. The recent update allowing policy grouping into control groups is beneficial, but further enhancements for speed and clarity are needed."
"The user interface of Microsoft Defender for Cloud, like many Microsoft portals, undergoes frequent changes and feature relocation."
"Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters. It could be cheaper."
"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."
"Trivy generates many false positives, flagging non-existent vulnerabilities."
"In our CI/CD pipelines, Trivy lacks built-in functionality for report analysis."
"Trivy generates many false positives, flagging non-existent vulnerabilities. Improvements could include better contextual analysis or granular filtering."
"The reporting could be a little better."
"Trivy can improve by providing an output in PDF format. Additionally, it takes longer to scan container images built with many layers."
"The reporting could be a little better. When integrating Trivy with CI, the interpretation of the reports could be improved."
"In our CI/CD pipelines, Trivy lacks built-in functionality for report analysis."
 

Pricing and Cost Advice

"Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at."
"As a partner, we receive a discount on the licenses."
"The cost for PingSafe is average when compared to other CSPM tools."
"Its pricing was a little less than other providers."
"PingSafe is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less."
"It is cheap."
"I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
"While I'm slightly out of touch with pricing, I know SentinelOne is much cheaper than other products."
"This solution is more cost-effective than some competing products. My understanding is that it is based on the number of integrations that you have, so if you have fewer subscriptions then you pay less for the service."
"Understanding the costs of cloud services can be complicated at first. As with a lot of things in the cloud, it can be quite hard to understand the end cost, but it becomes clearer over time. Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something. It is clever marketing, and there is room for improvement there. There should be clarity from the start."
"Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters."
"This is a worldwide service and depending on the country, there will be different prices."
"There are two different plans. We're using the secure basic plan, but we have used the end security plan as well. There are additional costs, but it gives us more functionalities compared to the basic plan."
"Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
"The tool is pretty expensive."
"Currently, Microsoft offers only one plan at the enterprise level which is $15 per machine."
Information not available
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
845,589 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
11%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
The documentation could be better. Besides improving the documentation, obtaining a professional or partner specializ...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem h...
What needs improvement with Trivy?
One drawback I have observed with Trivy is the difficulty in building or integrating a UI, particularly for an operat...
What is your primary use case for Trivy?
The main use case for Trivy is to scan Docker images or packages for CVEs, specifically for vulnerabilities. I use th...
What advice do you have for others considering Trivy?
I rate Trivy an eight out of ten. This rating reflects its open-source nature, comprehensive scanning capabilities, a...
 

Also Known As

PingSafe
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Information Not Available
Find out what your peers are saying about Microsoft Defender for Cloud vs. Trivy and other solutions. Updated: March 2025.
845,589 professionals have used our research since 2012.