Try our new research platform with insights from 80,000+ expert users
reviewer2315772 - PeerSpot reviewer
Architect at a tech services company with 11-50 employees
Real User
Provides good stability and a valuable SQL database
Pros and Cons
  • "The product’s most valuable feature is SQL database."
  • "Microsoft Defender for Cloud Apps’s technical support services needs improvement."

How has it helped my organization?

I am not sure if the product has improved our organization yet. However, it certainly gives another level of confidence that the assets are secure. We are aware of the activity in the tenant.

What is most valuable?

The product’s most valuable feature is SQL database. It notifies us even in case of false positives when people log in after a long time and when we're out of compliance with the security baseline.

What needs improvement?

Microsoft Defender for Cloud Apps’s technical support services needs improvement.

For how long have I used the solution?

We have been using Microsoft Defender for Cloud Apps for three years.


Buyer's Guide
Microsoft Defender for Cloud Apps
March 2025
Learn what your peers think about Microsoft Defender for Cloud Apps. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,672 professionals have used our research since 2012.

What do I think about the stability of the solution?

The product has good stability.

What do I think about the scalability of the solution?

The product has good scalability.

How are customer service and support?

The technical support services need improvement. They take a while to get responses. Their first-level engineers are generally not skilled. It takes time to get an engineer who can help us. Usually, whenever we come up with a problem, it is something that we can’t figure out on our own. We have to go through the process of submitting a ticket, waiting for a callback, and then finally getting help.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have used other products while working at other places. They all are more expensive than Microsoft Defender for Cloud Apps.

How was the initial setup?

The initial setup process was simple. We had to merge the landing zone and part of a template. Later, we started the portal and selected resources we wanted to protect along with the level of protection. The implementation strategy is to just start using it.

What about the implementation team?

We did the product implementation ourselves.

What was our ROI?

I haven't tracked an ROI for the product. It was set by default while setting up Azure Tenant. It has been successful in monitoring activities and keeping the network safe. It is less expensive than buying a separate license. It provides ease and convenience of use. We just turn the product on by default.

What's my experience with pricing, setup cost, and licensing?

The product has helped save a medium amount of money. It has pretty good pricing.

What other advice do I have?

I don’t know if the product provides a single pane for managing immune access. We connect it with the Active Directory and other similar tools. It helps save a low amount of time.

I advise others to try using Microsoft Defender for Cloud Apps. I rate it an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sujeet Bhardwaj - PeerSpot reviewer
Principal Security Engineer at a tech services company with 5,001-10,000 employees
Real User
Good usability with helpful policies and a straightforward initial setup
Pros and Cons
  • "The general usability of the solution is very straightforward."
  • "I want them to enhance in-session policy."

What is our primary use case?

I used to deploy it in the customer's environment and set the requirements. It's used for blocking downloads, for example, and is a security feature for data centers.

How has it helped my organization?

The solution is helping a lot. We get a lot of very detailed reporting on security that really shows what users are doing, including what they've opened, what else they're sharing, downloading, viewing, et cetera, as well as when they are logging in. It's a very detailed activity and reporting of my units.

What is most valuable?

The file policy and activity policy are very useful aspects of the solution.

I can get information, for example, data location, IP address, et cetera. I use it for getting information about what's happening in my environment with certain files. I can see, for example, which user is sharing files externally, and if they're downloading or might be downloading, the documents on their personal device, a corporate device, or if they are sharing any folders with the outside world.

The initial setup is straightforward.

The general usability of the solution is very straightforward.

What needs improvement?

We've had an issue where an in-session policy was not working. I want them to enhance the in-session policy. It's something I came across while adding the application into MCAS as I wanted to apply some MCAS policies on those applications.

For how long have I used the solution?

I've been using the solution for about five years now. 

What do I think about the stability of the solution?

The solution is 99.99% stable.

What do I think about the scalability of the solution?

The solution is extremely scalable. 

How are customer service and support?

I've handled technical support for my customers. 

Which solution did I use previously and why did I switch?

I've only really worked with this solution. 

How was the initial setup?

The initial setup is straightforward. I already have experience putting the solution into place and therefore I'm pretty adept at setting it up. The implementation simply requires understanding how the customer wants to use it and what they want to monitor. 

It's an ongoing deployment and I've been deploying the solution for almost six years now. 

I basically use authority to integrate all users and exchanges together. We have basically a Microsoft-oriented system.

When I deployed it, I applied it to around 4,000 users. I indirectly did it myself and it took around one month for me to integrate everything and to meet those policies to ensure they were in line and working as to my expectations and that I was getting the expected results that I wanted.

You only need one person to handle the deployment. Maybe two people.

What about the implementation team?

We do not need the assistance of an integrator or consultant. 

What's my experience with pricing, setup cost, and licensing?

I'm not acquainted with the licensing and pricing of the solution. 

Which other solutions did I evaluate?

I did not evaluate other options previously. 

What other advice do I have?

I don't have a business relationship with Microsoft. I deploy the solution and I am managing MCAS for customers.

If a person has an Office-specific environment and they are looking for a solution, this is a good option. It's a good native application. Even if they were in a different cloud, I'd advise migration to a Microsoft environment. 

I'd rate the solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Microsoft Defender for Cloud Apps
March 2025
Learn what your peers think about Microsoft Defender for Cloud Apps. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,672 professionals have used our research since 2012.
PeerSpot user
Senior Solutions Engineer at a tech vendor with 1,001-5,000 employees
Real User
Stable and meets business requirements but provides too many false positives
Pros and Cons
  • "If your business requirements are relatively simple, it can get the job done."
  • "There are challenges with detection and there are challenges with false-positive rates."

What is our primary use case?

The solution is primarily used for cloud visibility and getting a better understanding of what the data footprint is, including what kinds of files are exposed, and getting our heads around compliance. It's a component that adds DLP. Presently, there are two separate DLP policies between Microsoft's traditional DLP and the MCA DLP. 

What is most valuable?

The solution is bundled with E3 and E5 licenses. That's the reason it's most commonly deployed. It's part of the bundle. It's not a separate cost.

If your business requirements are relatively simple, it can get the job done. 

What needs improvement?

If you have more elaborate needs or if you have some more sophisticated use cases, for example, if you need an in-line component, or if you need to distinguish between sanctioned and unsanctioned applications, this solution doesn't cut it. You need to have some other solution.

Microsoft seems to want to mitigate that visible gap by deploying Microsoft DTP Defender for the in-line component. If you consume Microsoft, the more pieces you have, the better it is, although that's not necessarily true, technically speaking. They have limited deployment options. You have limited use cases for an endpoint with the firewalls port for IP tunnels for real-time traffic interception. You have to rule the endpoint. It's a less flexible deployment than the more mature players.

There are challenges with detection and there are challenges with false-positive rates.

They're improving it all the time. I haven't looked at it for six months or so, however, the last time I looked at it, they had to be configured in two different spots.

For how long have I used the solution?

I've been dealing with the solution for a while, on and off. 

A lot of customers that we work with have the solution installed today and we see them running it by themselves as well.

What do I think about the stability of the solution?

The solution is stable. I haven't bumped any stability issues.

What do I think about the scalability of the solution?

I haven't tested the scalability. I don't have any opinion on the scalability. It seems to me that it fits the customer's needs from a scalability perspective.

How are customer service and support?

I don't work with technical support directly.

How was the initial setup?

The solution is super easy to configure. All it requires is an admin for the various apps. Once it's authorized it can start the scans. Mainly, you need to be mindful of policies and what you're looking for. Tuning policies and making sure that your policies are set properly is important. It's very easy to do, especially the out-of-box stuff. 

What's my experience with pricing, setup cost, and licensing?

You can buy it alone, however, it's not worth it. Nobody buys it alone as it's not that good as a standalone product. It's better as a part of the E3 and E5 suites. We don't sell it.

What other advice do I have?

We're a Microsoft partner.

I'd rate the solution at a seven out of ten.

Mainly you want to just be clear on what your use cases are, and what you're trying to accomplish, as everything's use case driven. If you know what you need to accomplish from a security strategy standpoint, it's better. For example, it might be helpful for compliance or having an understanding of where sensitive data is. It might be part of a broader initiative around classification and data protection. Having those use cases written out first and going from there is better. Then, I suggest taking a measured approach as you go in. Implement it right. Test for or validate that the policies that you have in place are working as expected. However, you have to build out requirements for the policies. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Information Technology Manager at a educational organization with 201-500 employees
Real User
Hybrid active directory that is easy to manage, but integration with Apple products is needed
Pros and Cons
  • "The most valuable feature is the ease of management. It's important."
  • "Generally, the pricing can always be improved along with the management system."

What is our primary use case?

We have an educational institution and we are using this solution to personally teach our students these applications.

What is most valuable?

The most valuable feature is the ease of management. It's important. The management is cloud-based and we can work inside or outside on public networks.

What needs improvement?

Generally, the pricing can always be improved along with the management system.

We are using new Apple products increasingly in our company, such as iPads and Mac computers. The integration with Apple products would be good. They have started with some implementation using Microsoft Softbox from Apple products in there.

For how long have I used the solution?

I have been using this solution for two years.

We are using the Microsoft 365 Version. It is a hybrid Azure Active Directory.

They have an in-tune modified in this platform that we are using.

What do I think about the scalability of the solution?

We have plans to increase our usage.

We have 1000 students at the moment, but not all of them are using this solution right now. In total, we have between 300 and 500 users.

What's my experience with pricing, setup cost, and licensing?

We have an educational licensing agreement. It's a customer agreement for multiple years.

What other advice do I have?

We have experience with Microsoft products, Windows Server Data Centers, Microsoft Office 365, and they have a new branch called M365 products, Cloud systems, and Branch Management systems.

We are working on implementing the MDM system and we are looking for alternatives.

We are using an Apple-based system as well as Microsoft.

Generally, there is always room for improvement. It can always be better.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1176120 - PeerSpot reviewer
IT Planning Manager at a construction company with 5,001-10,000 employees
Real User
Robust, straightforward integration with strong capabilities and a vast number of features
Pros and Cons
  • "The most valuable feature of this solution is its monitoring."
  • "Sometimes the support is actually lacking."

What is our primary use case?

They were testing Microsoft Defender and performing some checks with Microsoft Defender. On the Microsoft side of the same security cloud app, I believe.

We have a complete portfolio of election solutions. These election solutions, in general, require a high level of security. There are preparations to have within them, such as cloud apps or websites, or even an off-premise or on-premise type of solution. As a result, we must have both types of services and products in order to secure them. For example, we used the Microsoft denial-of-service attack. It's a software subscription service from Asia that you get for a set period of time.

If you are running a live elections operation, you should seriously consider using such a service from them because it is extremely reliable. It essentially protects your entire environment. So you wouldn't be too concerned about someone hacking into your environment or anything because you need to have results that you should be publishing. That is when having a security system becomes extremely important for you. That's on the app side of things, then, on the web, we publish these results. You must also have a system that will never fail due to an attack. That's also one of the things we usually think about when we have an election operation going on.

What is most valuable?

The most valuable feature of this solution is its monitoring. The monitoring of the application. 

Integration is simple, and you can monitor your applications at the enterprise level. As a result, you can have a holistic view of all applications and their statuses. 

It's very robust and it's very good.

The capabilities are very good. It has a lot of features in it, which is why many people recommend it.

What needs improvement?

It's not the cheapest. I believe it can be more reasonably priced. 

Sometimes the support is actually lacking. But we are talking about Microsoft.

For how long have I used the solution?

I have been doing the testing for the past six or eight months.

Because it is a cloud-based solution, I believe that versioning is not a critical factor to consider.

What do I think about the stability of the solution?

Microsoft Defender for Cloud Apps is a stable product.

What do I think about the scalability of the solution?

Microsoft Defender for Cloud Apps is scalable.

How are customer service and support?

Sometimes you don't get to the appropriate support channel from the start. When you open a ticket, you don't always get what you're looking for right away. We tend to get stuck in loops or go from one support guy to the next until we escalate. That happens quite frequently. I believe that this is one of the areas that should be looked into.

Which solution did I use previously and why did I switch?

We have an in-house ABAP development team that works on ABT software. I have heard the technical team conducting this evaluation, but I'm not sure which SAP application they're testing.

What's my experience with pricing, setup cost, and licensing?

The price could be better and should be reconsidered.

Which other solutions did I evaluate?

We're evaluating Microsoft. We're also looking into SAPs, and other options are being considered at the moment.

What other advice do I have?

From what I've seen, it's a good product. We occasionally encounter some, inefficiencies in its performance. But not all of the time, because our country has a lot of internet problems. As a result, the synchronization side tends to disconnect from time to time. So whenever we get disconnected, it causes some problems. You have to have a good connection after all because it is a cloud service, you must have a good internet connection in order to connect to it. We believe it is one of the best on the market. I believe it is a good option for anyone to use. But, once again, there are other players in the mix, which is why we are always doing some benchmarking and continuing with trials for other solutions.

I would rate Microsoft Defender for Cloud Apps an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
reviewer1538016 - PeerSpot reviewer
SOC Analyst at a consultancy with 10,001+ employees
Real User
Top 20
Good security, good interface, and easy to understand
Pros and Cons
  • "I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
  • "There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."

What is our primary use case?

We use it for security alerts for any possible trouble for users. 

In terms of deployment, we have on-prem servers for now for one of the customers. We also have several customers on the Azure cloud.

What is most valuable?

I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with.

What needs improvement?

There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default.

For how long have I used the solution?

I have been using this solution for about six months. 

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is scalable. We have 100 licenses for one company, and we probably have 1,000 licenses for another company.

How are customer service and support?

I haven't used it yet.

Which solution did I use previously and why did I switch?

The customer with 100 licenses used Sophos EDR. Microsoft Defender is more manageable. Sophos EDR is not a bad product. It is a complete product, but the Microsoft Defender is better.

How was the initial setup?

It was more or less straightforward. 

What about the implementation team?

It was implemented in-house.

What's my experience with pricing, setup cost, and licensing?

It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive.

What other advice do I have?

My advice would be to try it first and compare it with other solutions.

I would rate it an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Business System Analyst at a tech company with 201-500 employees
Real User
Good logging, offers a single pane of glass for administration, and has effective anti-spam capabilities
Pros and Cons
  • "Better logging allows us to find problems and take appropriate steps to lock them out."
  • "In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis."

What is our primary use case?

Our primary reason for implementing this product is to deal with spam email.

How has it helped my organization?

In general, this product helps to best secure our network.

It has features that help to improve our security posture that include better logging and better detection of threats. Since implementing it, we have been finding more malicious emails and files. Better logging allows us to find problems and take appropriate steps to lock them out.

We really like the fact that we have a single web-based pane of glass for administration. We can use our Azure Active Directory accounts to access it, and we don't need a local application.

What is most valuable?

The most valuable feature is the anti-spam capabilities.

What needs improvement?

Since implementing this solution, we have had more support calls regarding false positives. This means that we have had to do a little more work finding these issues, although it is getting better. It is just a matter of fine-tuning the system at this point.

The false positives we have experienced so far are rare and have come from customer-specific programs. I can't say that it would be easy for Microsoft to solve them. Fortunately, we have not had any false positives for known software.

In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis. For example, it could make more suggestions that include specific points, or offer to have something configured in the standard way.

For how long have I used the solution?

We have been using Microsoft Cloud App Security for approximately three months.

What do I think about the stability of the solution?

Stability-wise, so far, I'm satisfied and it works well. We haven't had any issues that I attribute to Microsoft. There were a couple of days where we had problems logging on but I think that it was related to an issue with SolarWinds. My understanding is that some sites were shut down and a lot of companies had the same problem.

What do I think about the scalability of the solution?

At this point, we have not had the need to scale up or scale down. We have approximately 250 devices that we are protecting.

How are customer service and technical support?

We have not needed to contact technical support.

Which solution did I use previously and why did I switch?

We were using F-Secure before implementing Microsoft Cloud App Security, and we are still using it. In fact, it is just another layer of protection. If in the future we see that the Microsoft product is good enough, then we might stop using F-Secure. However, that is not the plan at the moment.

The main reason that we chose this product is for its good compatibility with Office 365 and Azure Active Directory.

How was the initial setup?

The initial setup was pretty straightforward. There were some Azure Active Directory options that we needed to tweak before we got everything running properly.

Our deployment took approximately one month to complete. Part of this time was spent adjusting for false positives.

We followed a step-by-step process for deployment where we started with the computers in our location, then moving to other devices. After our location was complete, we moved to other offices.

What about the implementation team?

We set it up with the help of an external consultant. The company sold us the product, set it up, and we use it. We have an ongoing support contract with them. Our experience with them was good and the consultant's knowledge of Microsoft products was very good. They are a Microsoft partner.

We are still learning the product and over time, we are getting more versed in it. There are two of us, myself and my colleague, responsible for the maintenance. We are both system administrators.

What's my experience with pricing, setup cost, and licensing?

The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD. These features make it worth the cost.

Which other solutions did I evaluate?

We did not evaluate other options before choosing this one.

What other advice do I have?

My advice for anybody who is implementing this product is to get assistance with deployment from somebody who can help you. Don't do it by yourself, if you're not a reseller for it. As a company, get somebody who has experience with the product.

In summary, we have just begun using this product but so far, it works well and we are satisfied with it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1318380 - PeerSpot reviewer
Director Global Strategic Alliances at Larsen & Toubro Infotech Ltd.
Real User
A stable solution that integrates seamlessly across different clouds
Pros and Cons
  • "The most valuable feature is the seamless integration across different clouds."
  • "The interface needs to be more user-friendly."

What is our primary use case?

We are a solution provider and this is one of the products that we implement for our customers.

Our customers have applications that are running across different clouds or on different platforms. Microsoft Cloud App Security brings them together onto the same platform from a security standpoint. The application can run seamlessly across different clouds, which helps.

What is most valuable?

The most valuable feature is the seamless integration across different clouds.

What needs improvement?

If this solution were more robust then it would be much more useful.

The interface needs to be more user-friendly.

Cloud App Security should be more lightweight.

For how long have I used the solution?

We have been working with Microsoft Cloud App Security for almost eight years.

What do I think about the stability of the solution?

I have not seen any trouble in terms of stability. We have not experienced bugs to this point in time.

What do I think about the scalability of the solution?

We have had no problem with scalability.

How are customer service and technical support?

I have not personally been in contact with technical support. The feedback that I have heard from the teams is more or less good.

Which solution did I use previously and why did I switch?

I have experience with Netskope and I think that it has higher marks. It is more lightweight.

How was the initial setup?

The initial setup is straightforward and absolutely fine.

What's my experience with pricing, setup cost, and licensing?

This product is not expensive.

What other advice do I have?

This is a product that I recommend.

Overall, it is a good product but the robustness should be improved.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user

An honest review with utmost sincerity

Buyer's Guide
Download our free Microsoft Defender for Cloud Apps Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free Microsoft Defender for Cloud Apps Report and get advice and tips from experienced pros sharing their opinions.