Microsoft Defender for Cloud Apps Reviews

We have an educational institution and we are using this solution to personally teach our students these applications.

The most valuable feature is the ease of management. It's important. The management is cloud-based and we can work inside or outside on public networks.

Generally, the pricing can always be improved along with the management system.

We are using new Apple products increasingly in our company, such as iPads and Mac computers. The integration with Apple products would be good. They have started with some implementation using Microsoft Softbox from Apple products in there.

I have been using this solution for two years.

We are using the Microsoft 365 Version. It is a hybrid Azure Active Directory.

They have an in-tune modified in this platform that we are using.

We have plans to increase our usage.

We have 1000 students at the moment, but not all of them are using this solution right now. In total, we have between 300 and 500 users.

We have an educational licensing agreement. It's a customer agreement for multiple years.

We have experience with Microsoft products, Windows Server Data Centers, Microsoft Office 365, and they have a new branch called M365 products, Cloud systems, and Branch Management systems.

We are working on implementing the MDM system and we are looking for alternatives.

We are using an Apple-based system as well as Microsoft.

Generally, there is always room for improvement. It can always be better.

I would rate this solution a seven out of ten.

They were testing Microsoft Defender and performing some checks with Microsoft Defender. On the Microsoft side of the same security cloud app, I believe.

We have a complete portfolio of election solutions. These election solutions, in general, require a high level of security. There are preparations to have within them, such as cloud apps or websites, or even an off-premise or on-premise type of solution. As a result, we must have both types of services and products in order to secure them. For example, we used the Microsoft denial-of-service attack. It's a software subscription service from Asia that you get for a set period of time.

If you are running a live elections operation, you should seriously consider using such a service from them because it is extremely reliable. It essentially protects your entire environment. So you wouldn't be too concerned about someone hacking into your environment or anything because you need to have results that you should be publishing. That is when having a security system becomes extremely important for you. That's on the app side of things, then, on the web, we publish these results. You must also have a system that will never fail due to an attack. That's also one of the things we usually think about when we have an election operation going on.

The most valuable feature of this solution is its monitoring. The monitoring of the application. 

Integration is simple, and you can monitor your applications at the enterprise level. As a result, you can have a holistic view of all applications and their statuses. 

It's very robust and it's very good.

The capabilities are very good. It has a lot of features in it, which is why many people recommend it.

It's not the cheapest. I believe it can be more reasonably priced. 

Sometimes the support is actually lacking. But we are talking about Microsoft.

I have been doing the testing for the past six or eight months.

Because it is a cloud-based solution, I believe that versioning is not a critical factor to consider.

Microsoft Defender for Cloud Apps is a stable product.

Microsoft Defender for Cloud Apps is scalable.

Sometimes you don't get to the appropriate support channel from the start. When you open a ticket, you don't always get what you're looking for right away. We tend to get stuck in loops or go from one support guy to the next until we escalate. That happens quite frequently. I believe that this is one of the areas that should be looked into.

We have an in-house ABAP development team that works on ABT software. I have heard the technical team conducting this evaluation, but I'm not sure which SAP application they're testing.

The price could be better and should be reconsidered.

We're evaluating Microsoft. We're also looking into SAPs, and other options are being considered at the moment.

From what I've seen, it's a good product. We occasionally encounter some, inefficiencies in its performance. But not all of the time, because our country has a lot of internet problems. As a result, the synchronization side tends to disconnect from time to time. So whenever we get disconnected, it causes some problems. You have to have a good connection after all because it is a cloud service, you must have a good internet connection in order to connect to it. We believe it is one of the best on the market. I believe it is a good option for anyone to use. But, once again, there are other players in the mix, which is why we are always doing some benchmarking and continuing with trials for other solutions.

I would rate Microsoft Defender for Cloud Apps an eight out of ten.

We use it for security alerts for any possible trouble for users. 

In terms of deployment, we have on-prem servers for now for one of the customers. We also have several customers on the Azure cloud.

I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with.

There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default.

I have been using this solution for about six months. 

It is stable.

It is scalable. We have 100 licenses for one company, and we probably have 1,000 licenses for another company.

I haven't used it yet.

The customer with 100 licenses used Sophos EDR. Microsoft Defender is more manageable. Sophos EDR is not a bad product. It is a complete product, but the Microsoft Defender is better.

It was more or less straightforward. 

It was implemented in-house.

It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive.

My advice would be to try it first and compare it with other solutions.

I would rate it an eight out of ten.

Our primary reason for implementing this product is to deal with spam email.

In general, this product helps to best secure our network.

It has features that help to improve our security posture that include better logging and better detection of threats. Since implementing it, we have been finding more malicious emails and files. Better logging allows us to find problems and take appropriate steps to lock them out.

We really like the fact that we have a single web-based pane of glass for administration. We can use our Azure Active Directory accounts to access it, and we don't need a local application.

The most valuable feature is the anti-spam capabilities.

Since implementing this solution, we have had more support calls regarding false positives. This means that we have had to do a little more work finding these issues, although it is getting better. It is just a matter of fine-tuning the system at this point.

The false positives we have experienced so far are rare and have come from customer-specific programs. I can't say that it would be easy for Microsoft to solve them. Fortunately, we have not had any false positives for known software.

In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis. For example, it could make more suggestions that include specific points, or offer to have something configured in the standard way.

We have been using Microsoft Cloud App Security for approximately three months.

Stability-wise, so far, I'm satisfied and it works well. We haven't had any issues that I attribute to Microsoft. There were a couple of days where we had problems logging on but I think that it was related to an issue with SolarWinds. My understanding is that some sites were shut down and a lot of companies had the same problem.

At this point, we have not had the need to scale up or scale down. We have approximately 250 devices that we are protecting.

We have not needed to contact technical support.

We were using F-Secure before implementing Microsoft Cloud App Security, and we are still using it. In fact, it is just another layer of protection. If in the future we see that the Microsoft product is good enough, then we might stop using F-Secure. However, that is not the plan at the moment.

The main reason that we chose this product is for its good compatibility with Office 365 and Azure Active Directory.

The initial setup was pretty straightforward. There were some Azure Active Directory options that we needed to tweak before we got everything running properly.

Our deployment took approximately one month to complete. Part of this time was spent adjusting for false positives.

We followed a step-by-step process for deployment where we started with the computers in our location, then moving to other devices. After our location was complete, we moved to other offices.

We set it up with the help of an external consultant. The company sold us the product, set it up, and we use it. We have an ongoing support contract with them. Our experience with them was good and the consultant's knowledge of Microsoft products was very good. They are a Microsoft partner.

We are still learning the product and over time, we are getting more versed in it. There are two of us, myself and my colleague, responsible for the maintenance. We are both system administrators.

The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD. These features make it worth the cost.

We did not evaluate other options before choosing this one.

My advice for anybody who is implementing this product is to get assistance with deployment from somebody who can help you. Don't do it by yourself, if you're not a reseller for it. As a company, get somebody who has experience with the product.

In summary, we have just begun using this product but so far, it works well and we are satisfied with it.

I would rate this solution an eight out of ten.

We are a solution provider and this is one of the products that we implement for our customers.

Our customers have applications that are running across different clouds or on different platforms. Microsoft Cloud App Security brings them together onto the same platform from a security standpoint. The application can run seamlessly across different clouds, which helps.

The most valuable feature is the seamless integration across different clouds.

If this solution were more robust then it would be much more useful.

The interface needs to be more user-friendly.

Cloud App Security should be more lightweight.

We have been working with Microsoft Cloud App Security for almost eight years.

I have not seen any trouble in terms of stability. We have not experienced bugs to this point in time.

We have had no problem with scalability.

I have not personally been in contact with technical support. The feedback that I have heard from the teams is more or less good.

I have experience with Netskope and I think that it has higher marks. It is more lightweight.

The initial setup is straightforward and absolutely fine.

This product is not expensive.

This is a product that I recommend.

Overall, it is a good product but the robustness should be improved.

I would rate this solution an eight out of ten.

It's used for data governance and security. It's a cloud security tool providing very good discovery around whatever is happening in your organization, such as what users are doing on the internet and how data is flowing out of your organization. It is then used to put controls around what information can go out, who downloads what, and how much they can download. It helps put controls around these types of things to create secure collaboration between your organization and its partners, customers, and vendors.

It's a SaaS platform. It's not like hardware or software where you install new updates or new versions. It's controlled by Microsoft in the backend.

They have made built-in templates. If you integrate your AWS account with Microsoft MCAS, using the predefined templates it will scan all the functionalities that are available or accessible after the integration. It will then provide security posture recommendations around issues such as how many buckets you have publicly available, what data is not encrypted, what is publicly available and insecure, and which devices are not backed up. It helps you to understand your security posture and to enhance it.

And when it comes to secure collaboration, if you have information that you have already restricted and you don't want it to be shared outside of your organization, with the help of MCAS session policies you can put controls around it. It's integrated with storage solutions and you can put the controls around things using labels such "classified," "restricted," or "confidential."

Another scenario where MCAS is helpful is when people are leaving your organization soon. It can happen that they hide and start downloading certain documents and files. MCAS can help identify mass downloads or mass uploads and what the user is doing. That kind of detailed analysis is available to senior management or the security team so that they can take whatever steps are necessary.

There are a lot of features with benefits, including

• discovery 
• investigation
• putting controls around things.

You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works. Once the discovery of everything you feed into it is done, it gives you a nice dashboard. You can then plan what needs to be controlled and governed, and what should not be accessible in your environment.

It's quite well integrated with all Microsoft services, like Information Protection, Azure Portal, and Azure IoT, among other things. There are also integrations with AWS and Salesforce.

Although they are already doing it, I would like to see more integration with market leaders like Slack.

Another area that can be improved is to provide more reporting functionality. Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports.

We have been using Microsoft Cloud App Security for at least the last two and a half years. We are a Microsoft partner. We do everything for their products, from design to implementation.

It's stable. It's more stable than other Microsoft services. In my two and a half years of experience with MCAS, there have only been two times that it went down and was not accessible to us. The services, policies, and controls were there. It was just that we were not able to access them. 

Whatever Microsoft has committed to in terms of stability, "99 point something," is pretty much true.

It's a SaaS solution so the scalability depends purely on the organization: How many applications do they want to integrate with it and do they have the corporate licenses? MCAS itself is scalable. You don't need to deal with servers, or RAM, or finding a new data center. Scaling it is purely up to you and depends on how much data you want to feed it and on the use cases you want to use it for.

I use Microsoft tech support at the highest levels. The experience with their tech support, as a partner, purely depends on what kind of contract you have and what kind of a relationship you have. If you have a very good relationship, you get responses when you need them. But when you talk about bugs or you are asking for a feature, you have to wait for their product life cycle. Overall, their support is good. Not average, but not excellent.

Neutral

The initial setup of Cloud App Security is quite straightforward. It's not complex. Microsoft's documentation around it is absolutely great. It guides you through the settings you need to configure and whatever apps you need to integrate. There is no difficulty in getting it up and running. It is more seamless than any other solution. It is even easier to run on Windows machines because the documentation is very good. They have very clearly described what needs to be done.

Once you have all the requirements, like your user account and license, a person can configure it in a day because it's a SaaS solution. But the time it will take depends on the fine-tuning, and that is determined by why you are using MCAS. That's the important part. If you're looking at user behavior, or if you're looking at data, or if you're looking at infrastructure security posture, each of these will affect the time it takes. If it's just for shadow IT, it will take one or two days to configure. If you're integrating it with AWS to help with your security posture, it will take three or four days.

One engineer who has prior experience is more than enough, but having two guys for setup might be better.

Day-to-day maintenance, again, depends on how you are going to utilize it. If you already have a SOC running with four or five people in it and your environment is small to medium in size, five people can use this tool and get value out of it. If you are talking about an organization like Walmart or Microsoft or a multinational company that has users across regions, you will need more people to support it. MCAS is a tool. It will have the data, but you will need to use it.

I'm not involved with the cost side of the solution so I don't know how much has been invested in MCAS. But where it's adding value is around the controls. I'm sure there are savings in that regard.

I have not implemented any other solutions, but I looked into Zscaler cloud security. Because Zscaler is an independent company, it doesn't have that many solutions with Microsoft. A cloud app security solution should have native products as well as integration with many other products. On that point, Microsoft is way ahead. For example, 80 percent of the world is using Office 365 for email services and 60 percent are using SharePoint for information sharing. Because these tools are Windows products, the controls become easy to implement.

My advice is to use it to its fullest capabilities. It has a lot of features and it is being enhanced daily. It's a full engine that you can use to discover all your assets in the cloud, whether they are on a public cloud or a private cloud. Every month or every quarter, look at what's new and how you can leverage it. You're already paying for those enhancements so use them, fine-tune them, and optimize them. The tool has a lot of capabilities. A lot of people only utilize it for information protection or tracking user activity or for their cloud-based security posture. Use it all. There's a lot in it.

MCAS is not a tool that interacts with end-users because there is no client. They don't know that MCAS is in the picture, so it doesn't impact the end-user.

The biggest lesson I would take from the use of Microsoft Cloud App Security is that you are being monitored. Do not use your professional device for personal use because there are more eyes and controls around.

In addition, the way you use MCAS is that you discover and then you put the controls in place to govern things. That's how any other security tool works. You first put it in learning mode to see what will happen. For example, If I put in this or that control, how much will it impact my end-users? In those terms, MCAS has been really nice.

If you have a lot in the Microsoft environment or AWS or Google Cloud, it's going to help you a lot.

We are a consulting firm and we configure this service for our clients.

Our clients use it for Shadow IT systems and processes. It is used specifically for cloud services, such as services that reside in Microsoft Azure.

It is very easy to use, which is what we look for in these types of solutions. 

This service would be better if it had a separate license, only for this service, that could be used to track usage. 

We have been using Microsoft Cloud App Security for the past month.

This is a stable product.

This solution is scalable. You simply buy licenses and access the platform.

Currently, we have five people in the company who are using it. With new clients using our service and other clients moving to the cloud, I want to have a security broker in place so I expect to increase our usage.

I have not contacted technical support yet.

As a cloud-based service, there is no installation.

Our clients normally use the Microsoft E1 licensing, which is renewed yearly. It gives them access to many Microsoft services, and one of them is Microsoft Cloud App Security.

We are currently evaluating other products such as Netskope, to see what it can offer us. We primarily want to see if it is easier for our clients to use. It seems that the integration with the cloud service is much more difficult.

Licensing for this product is not as expensive as Netskope.

This is a pretty good service and I definitely recommend it if you are using Microsoft Azure or Microsoft services.

I would rate this solution an eight out of ten.

The use case is for getting visibility over cloud applications that our users are consuming, how they consume it, and using the protection which comes with Cloud App Security with that visibility. It provides monitoring and visibility into cloud apps that our users are using and has ;a layer of security wrapped around that. It identifies malicious activity, if it's occurring, and provides overall protection of our company data from things like data exfiltration and all the other integrations that it has with other Microsoft security products.

It is protecting approximately 800 users. We have four other sources feeding into it from other products that we use. We have several thousand applications for which we get reports and visibility.

It is one of our core tools for monitoring and managing our security posture. In the future, I don't see that changing much. At this stage, I think we are at a good level of how we are using it.

It has helped identify areas where we should improve, make changes to improve, the reason why we should make a change, and the impact of making the change. So, it helps drive us to make changes and see the benefits of those changes.

We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls.

It has all been very seamless to our users. It indirectly positively impacts them because we are keeping them more secure. No one has been saying, "Because we are using this product, it is slowing me down or causing me problems." As standard users, they wouldn't really need to know that this solution exists. They just rely on us to keep them safe.

• Helps us have a view into our overall security posture and how we can improve it. 
  
• The ability to perform investigations is very useful. 
• Identifying the number of applications, particularly connected via OAuth. 
• Has great, general overall visibility of who is using what and how. 
• We are using it as an indicator for any indicators of compromise that might be coming up.

Identity security posture points out a preset number of security posture improvements, or areas of focus, and whether they are being met. It also points out what changes need to be made in order to meet them. Therefore, we can have better security posture.

There is a feature called security configuration. This is across the whole Microsoft set of products regarding what changes can be done. Specifically within a product, we use it to improve the security posture by making changes.

They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing. However, the solution has already begun scaling to meet the needs of getting visibility through from other products as well.

About three years.

The stability has been fantastic. I have no complaints at all. It has been 100%.

The scalability is really good. It has improved while I have been using it. It definitely appears to be able to scale easily and well. 

The technical support is very good. They are responsive, knowledgeable, and skilled. We have great communication with them.

This is the only CASB product that I have ever used.

Anecdotally, I believe the initial setup is quite straightforward.

According to the person who originally set up the solution in our organization, but has since left, it was originally straightforward to set up.

My colleague and I share the day-to-day maintenance for one person. It needs only a few hours a day to get a lot out of it. 

We have seen ROI. Its main capabilities are:

• The protection that it gives.
• Visibility
• The protection for cloud products. 
• It helps with the improvement of our overall security posture.

Make full use of all the options available and focus a lot on policies. There are a lot of policies and alerts available which might not be used to their fullest extent. 

We are pretty happy with how it all works and fits together.

I would rate this solution as a solid nine (out of 10). The product is constantly improving. It has a low amount of false positives, i.e., true alerts identified as requiring attention.