Microsoft Defender for Cloud Reviews

We are using Azure Security Center for software development.

It's a cloud service that includes the security center and tailoring certain options.

The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce.

Pricing could be improved. There are limited options based on pricing for the government.

The initial setup could be simplified.

In the next release, I would like to see more development in the area of NECES scanning or Splunk, or Universal Forwarding. 

I have been working with Azure Security Center for six months.

We are working with Microsoft Azure for the government version of the cloud.

This solution is stable. It's 100% guaranteed and I've never had any problems with it other than some planned IT downtime.

Azure Security Center is scalable. We've been able to scale pretty well for a workforce that has over 400 developers.

My experience with technical support was more like a consultation. "Tell us what you need and we'll see if we can do that for you."

In some cases, they had to develop on top of the commercial product just to conform to certain government regulations and cybersecurity requirements.

Previously, we did not use a different solution, this is the first option.

It was pretty complex. We had to go back and negotiate with Azure on a few of the options that were commercially available, but not in the government products.

I'm not privy to pricing information, but I know it's probably close to a million dollars a year.

The pricing is comparable. The features that we're getting are tailored to what we need.

It was the best fit for us.

In the future, we will be looking at government brands of the same thing that are part of the DISA.

After looking at DISA's product options, they usually select commercial versions and government versions of commercial products like Azure. For example, Amazon Web Services, and Google cloud.

This was our first option or our first go-to solution because we were considering not only Microsoft but Amazon and Google as well.

Microsoft seemed to have most of what we need.

I am currently working on my Cloud Security Certification.

For anyone who is considering this solution, from a cybersecurity standpoint, if they are doing any kind of scanning, vulnerability scanning for software or systems and they're feeding into the cloud, make sure to check whether the security center doesn't offer adequate options for them to work with. If not, then look into other software like Spunk. They look into everything and they have plenty of conversations with the staff. That's the cloud security provider.

I would rate Azure Security Center an eight out of ten.

The solution is used for risks, vulnerabilities, and compliance. The solution helps us with CPS 234 and CIS compliance. We know what is onboarded onto Microsoft Defender, and we can see the compliance around those and how much we are compliant.

The solution is not very effective at integrating with EDR and other integrations. Features like code scanning and pipeline scanning are not included in the solution. The correlation between all the findings is completely missing, and the product is not mature.

Microsoft Defender has other native tools; it is not under one umbrella. You want one umbrella to see everything for your entire cloud posture.

I have been using Microsoft Defender for Cloud for four years.

A couple of products, like Orca and Wiz, are leaders in the CSPM and CNAPP space. I'll rate them way above Microsoft Defender for Cloud. The world is currently moving from CSPM towards CNAPP. That is why we are evaluating other products like Wiz.

The solution is fine for the native resources and native tools. However, it is not that great at integrating with EDR and other integrations.

Overall, I rate the solution a five out of ten.

We are using this solution to implement our CAS policy and it monitors compliance with the Security Center.

Also, we use it for thereat protection. It detects any threats and provides threat recommendations.

Azure Security Center should be more easily understood by a non-technical person. It's more about the security before getting into the product.

It needs to be simplified and made more user-friendly for a non-technical person.

In the next release, I would like to see a better dashboard and more integration with IT sales Management.

I have been using Azure Security Center for one year.

We are working with the latest version.

It's a stable solution.

Azure Security Center is scalable. We have ten users in our organization.

The technical support is very good.

The initial setup was straightforward, but you have to understand the product.

It took us 48 hours to deploy.

We have a team of two to maintain this solution. One is an architect and the other is a service engineer.

We did not use a vendor team to implement this solution. I did it myself.

We are using the free version of the Azure Security Center.

I plan to continue using this solution and I recommend it to others.

I would rate Azure Security Center a seven out of ten.

We use it to keep our Azure infrastructure up to date with the security best practices that Microsoft suggests. We also use it to have better visibility into changes in our databases.

It helps me know if a new virtual machine or an app gateway or a functional service has come online that doesn't have the best security practices enforced on them. The impact we've had is a better security posture being enforced throughout our Azure environment.

The solution has also simplified management of endpoints and servers and gives us visibility in a single pane of glass. And it's easy to identify security corrections in the environment.

It has helped save us SOC time and increased their efficiency. While we haven't measured by how much, we see it in their day-to-day activities. And it has likely improved our time to detection, but we just haven't had anything to detect.

The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts.

We have also integrated Microsoft 365 and Microsoft Defender for Cloud with Microsoft Sentinel and the integration was easy.

In addition, it's good at helping us proactively discover unknowns and defend against threats.

I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features.

I have been using Microsoft Defender for Cloud on a day-to-day basis for about a year.

It's quite stable. We don't have many problems.

The scalability is very good.

We have 100 internal users and we are deployed across multiple sites. It's 100 percent cloud and our infrastructure handles API responses for our clients.

For the cloud infrastructure, their technical support is good.

Positive

In my previous company, I used the native portal, which is pretty much what Defender does, on AWS.

The intelligent threat hunting provided by Microsoft 365 and Microsoft Sentinel based on the alerts, incidents, and logs passed along by Microsoft Defender for Cloud is moderate.

The ability of Microsoft solutions to work natively together to deliver integrated protection as well as coordinated detection and responses across the environment is improving a lot, but it still has a ways to go.

Overall, if you are worried about security, you should have Microsoft Defender for Cloud. It's the minimum you should have.

The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance.

The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available. 

Even though the TLS is only allotted for a single application, single box, and everything else is completely up to date, it just gives us an inaccurate reporting of how secure the environment actually is.

The solution could use a bit more granularity.

I believe we've been using the solution for one and a half to two years at this point.

I haven't had any real problems with the solution's stability. I'm trying to think of any complaints that anybody may have had. It's always worked whenever we needed it to. I'd describe it as reliable.

The solution is actually easy to scale. You'd be surprised how many cloud solutions out there that aren't scalable. I don't even know why some are in the cloud. As far as this solution is concerned, I've taken it up to a higher medium-sized company. I've scaled as high as 4,500 users. I'm just not sure if it is infinitely scalable. I don't know if it would scale into the tens of thousands. 

In terms of increasing usage in the future, we'll use it as required. It all depends on the client for us. We're solely dependent on what they want and which solution they want to go with.

It's like with any vendor, it's hit and miss. Sometimes you get the new person, sometimes you get the person that's been there for five years. You have to go in asking exactly what you want and use probing questions, and if you work with them enough, you learn what the right answer is. However, you ask those same questions, anyway, upfront. It gives you a baseline at least of where their technical expertise is. Just because they're on the help desk doesn't mean that they know what they're doing.

We use Intune for a lot of the app security purposes with Office 365, and then once we actually get into the AD section, it's just that a lot of people are really getting Office Secure Scores right now.

I've had both complex and straightforward implementations. Some of them can be extremely complex. It's all just tailored to what the client wants. I have other setups where everything is very basic ad easy and all the client wants is some basic reporting and a few easy policies. 

If you utilize everything, then it might take a while for deployment, and also the implementation could be extended. It's all very client-specific.

We're an MSP, so we have massive teams all over the place and I couldn't accurately say how many people it takes to maintain the solution. I know that, generally, you have one project manager and then you would have the main admin who was setting up the portal, but then you have other security personnel that goes in there and does the work on the different sections. It takes a couple of people, but I couldn't give you a hard number as to how many people a typical setup would need for maintenance.

I don't have any idea what the cost of the solution is. That aspect of the product is handled by a separate department.

We're a Microsoft partner.

The solution works for us, however, a client has its own needs and requirements. It's not a one-size-fits-all solution.

I'd rate the solution seven out of ten.

Our primary use case of this solution is to monitor infrastructure. I'm a senior security architect and we are customers of Azure Security Center. 

The most valuable feature for me are the compliance policies.

I think that the documentation and implementation guides could be improved. It would make the implementation process easier.

I've been using this solution for a couple of years. 

This solution is stable. 

The solution is scalable, we have a couple of hundred people using it. 

The technical support is fine. 

The initial setup was reasonably straightforward. Implementation took a couple of months and was carried out internally. It required four or five staff, including engineers, managers and admins.

The licensing costs are included and wrapped up in a suite of other products that we are also using. 

I would recommend this product. 

I would rate this solution an eight out of 10. 

We are consultants and we have customers using Azure Defender for the protection of their businesses. Many of our customers are in the financial industry.

The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications. 

This solution has been very useful for securing core funds and preventing them from being hijacked by any application or spyware for our banking customers. People can be susceptible to scams easily because they are not aware of the current threat trends. We are able to scan for threats which have helped us limit the risks in the future.

The solution could improve by being more intuitive and easier to use requiring less technical knowledge.

In a future release, the solution could improve by providing more automation and clarity in the autoanalysis. When we provide our customers with a Microsoft solution for security, Microsoft has to go beyond the basic expectations to impress the customers.

I have been using Azure Defender for approximately one year.

The solution is very stable.

Azure Defender is scalable. We have not found any issue.

The technical support has been responsive. However, we need to be connected to the right level of support. For example, if you are a customer or if you purchased this solution as part of a certification, your level of satisfaction for support will depend on the provider you purchased it from. Microsoft will not be the one doing support for you. If you do not have premier support with Microsoft, as a cloud provider, you will have to support your customers when they are in need. Without Microsoft's premier support you only have break-fix support and if there is a major issue you will not have the help to understand what is happening, or how to prevent it from happening in the future.

The implementation can be difficult if there is not any prior training. There is a lot of elements that have to be understood.

We have an advisor that provides us with information to help us control and configure the solution. Additionally, they have assisted us with automation.

The price of the solution is good for the features we receive and there is an additional cost for Microsoft premier support. However, some of my potential customers have found it to be expensive and have gone on to choose another solution. Additionally, if the customer does not take the full package from Azure Defender it makes it difficult for us to manage the solution for them.

I rate Azure Defender an eight out of ten.

The most valuable features of this solution are the vulnerability assessments and the glossary of compliance.

As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains. Azure Defender does not have this capability and that is one of the features that is very crucial. 

When we receive an alert on suspicious domains, we have to do it manually. We go to VirusTotal, or AlienVault to confirm. It would be useful to have it done automatically.

I have been using Azure Defender for three months.

We are using the latest version.

It's a stable solution. We have not had any issues.

We have not paid for Azure technical support. We have not contacted technical support.

We have not worked with any other solution.

The initial setup was straightforward. It was easy, very easy.

Azure Defender is a bit pricey. The price could be lower.

We are also researching Darktrace. We wanted to see the capabilities that it offers. 

Azure Defender and Azure Resource Manager are all a part of Microsoft Azure. We use all of them.

This solution has the best security center, security manager dashboard that I have ever seen. I would recommend using this solution. It has everything in one place, and it's easy to configure and easy to deploy.

I would rate Azure Defender an eight out of ten.