IT Manager at Discover Dollar Technologies Pvt Ltd.
Real User
Top 5
2024-09-13T10:18:00Z
Sep 13, 2024
We use Microsoft Defender for Cloud security, including endpoint detection and response, and user monitoring. We utilize every feature and functionality that Defender provides.
I use Microsoft Defender for Cloud mainly for cybersecurity, threat prevention and detection, and implementing zero trust principles. It serves as an endpoint security tool for securing our cloud services.
We use Microsoft Defender for Cloud primarily for cloud security management, which includes vulnerability management. In a security environment, managing vulnerabilities is a top priority. Defender for Cloud helps identify and mitigate these vulnerabilities and protect against threats like viruses, worms, and spyware.
Learn what your peers think about Microsoft Defender for Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
IT Architect at a real estate/law firm with 10,001+ employees
Real User
Top 5
2023-11-08T17:06:00Z
Nov 8, 2023
We have deployed Microsoft Defender for Cloud to identify vulnerabilities across various log sources for our client. We implemented Defender to improve the security posture of our client's landscape.
Senior Information Security Manager at a recruiting/HR firm with 1,001-5,000 employees
Real User
Top 20
2023-05-12T09:47:00Z
May 12, 2023
We use Microsoft Defender for Cloud to manage our cloud security posture. We also use Container Protection, which provides additional security for our containerized workloads. This gives us the visibility we need to ensure that our cloud resources are secure.
Senior DevOps Engineer at a tech services company with 501-1,000 employees
Real User
Top 5
2022-12-05T08:58:00Z
Dec 5, 2022
Our company policy is to onboard all the resources, which are supported by Microsoft Defender because it gives us a good amount of recommendations regarding security and vulnerability issues. We have a lot of new users that are not familiar with security protocols and the solution helps protect our systems. Some people don't have experience with security measures like enabling HTTPS, and FTPS security, setting up encryption on virtual machines, or they don't know how to set up private endpoints. For someone who is new, or doesn't have a lot of experience in this field, it is difficult to monitor everything. Microsoft Defender provides recommendations based on severity. High-severity recommendations are more important, while low-severity recommendations may not be as critical. Security reviewers can review all recommendations to make sure they are appropriate. Microsoft Defender is important for a whole variety of reasons, one of which is that it can help improve the security posture of our environment. This is important for organizations of all sizes but is particularly critical for businesses that are delivering services to customers.
Business Analyst at a agriculture with 10,001+ employees
Real User
2022-11-02T02:31:00Z
Nov 2, 2022
There were many use cases. We were monitoring auto IT applications and creating internal processes to understand which ones were going to be allowed and which were going to be blocked. We created the policies internally. It's an IT tool to monitor employees' usage on the internet and of web apps. We created policies so that, for example, when employees reached certain websites, like games, they would be blocked. We created a message for the email that they would receive, and there were links for whom to contact if they needed to override it. We created all the processes behind it.
Information Security Specialist-Associate Consultant at a tech services company with 5,001-10,000 employees
Reseller
2022-10-23T16:10:00Z
Oct 23, 2022
We use Microsoft Defender to scan for vulnerabilities related to any container or server in the cloud environment in Azure. Microsoft Defender suggests recommendations and security alerts according to the default framework. We can also use other frameworks like ISO benchmarks to assess our infrastructure and get recommendations on what can be fixed. The solution is deployed on a public cloud, and Azure is the cloud provider. We use Microsoft Defender for Cloud to natively support Azure. We are resellers. We customize the solution and sell it to clients.
Senior Information Technology Security Officer at CLEAR (clearme.com)
Real User
Top 20
2022-10-07T23:09:00Z
Oct 7, 2022
Defender for Cloud is used for scenarios, including internal threats, threat hunting, in-depth analysis, and scanning the environment. We don't use Microsoft Defender for ATP or Sentinel for our security score, we have a third-party solution.
CEO / Owner at a tech services company with 11-50 employees
Real User
2022-08-31T22:43:00Z
Aug 31, 2022
We have a managed detection and response solution, a type of SOC/SIEM/SOAR product, and we are adding data sources to our solution. We want to have data for our Azure cloud environment as well, so we use Microsoft Defender for Cloud as one of the sources for our Azure environment. We use it as an extra way to gain trust for our environment. We have purposely secured the total Azure cloud environment with firewalls, application gateways, et cetera, but we also want to have trust in our resource groups. That's an extra line of defense we have for our security.
Senior Cloud Solutions Architect at a tech services company with 11-50 employees
MSP
2022-07-26T11:34:00Z
Jul 26, 2022
Defender for Cloud is a unified platform. Within that, you have Defender for virtual machines, Defender for Servers, Defender for App Services, and Defender for Containers. It is a centralized solution, which you can leverage to bring your security practices in place so centralized security auditing can be done. You can use it for approximately 90% to 95% of Azure workloads for infrastructure, platform as a service, or database as a service. You can use it for all these. I am working for a service-based company. We provide Azure Cloud Services. We are a Gold-Certified partner from Microsoft in the GCC region. We are the only ones for whom Microsoft hands over their business. We mostly use it for public cloud, but it can also be used with hybrid cloud and on-premises. We also use private clouds with government entities. We have had many customers where we deployed this solution. They are secured and guarded by this solution, so they are happy now. It can be done as a multi-regional deployment.
Cyber Security Specialist at a tech services company with 1,001-5,000 employees
Real User
2022-07-26T07:23:00Z
Jul 26, 2022
We use it to keep our Azure infrastructure up to date with the security best practices that Microsoft suggests. We also use it to have better visibility into changes in our databases.
My client, a construction company, needed to replace their antivirus solution, including their Azure and on-prem services. They decided they wanted to use Defender for Cloud, so I started to implement it for them. The license for their antivirus software was about to expire, and they didn't want to spend much money. They opted for Defender for Cloud to replace Symantec. System Center (endpoint protection), Security Center and Advanced Threat Protection were all consolidated into one product called Defender for Cloud. The company I worked for was divided into several teams. We had an Azure Infrastructure team and workplace teams providing local on-premise services. The client was the biggest construction company in the country, with multiple locations. The strong point of Defender, especially when using Azure Arc to bring in on-premises systems, is that it doesn't matter where these systems are. They're just resources in the portal. If you see them and can install agents on them, it's fine. It doesn't matter how it's distributed or where the locations are.
I work on micro-segmentation for my master's thesis, and I was looking for ways to implement micro-segmentation using Defender. I work on the assumption that small businesses can't implement expensive virtualization solutions, so I'm looking for alternatives to implement micro-segmentation for their network security. I use the latest version of the solution. It's a test deployment. I created the entire network. It's more like a laboratory setup.
I have a highly specific use case for Azure Defender, so I don't think I've used most of its features. We primarily use it to secure Kubernetes clusters in other cloud environments. For example, I have Kubernetes in Amazon AWS, and we're trying out Azure Defender to protect those Kubernetes clusters. We also use Defender to scan the image repositories held in Azure Container Repository or ACR. We use Defender plus Azure ARC and Windows Defender. All three products work in conjunction to give us some security insights into our cluster.
Principal Consultant - Cyber Security & Cloud Infra. at RPS Consulting Pvt. Ltd.
Real User
2022-03-02T12:37:00Z
Mar 2, 2022
We typically use Azure Defender for securing our infrastructure-based virtual machines and database solutions on the Azure subscription. We've integrated a couple of the Defender agents into our on-premise servers too.
We are primarily using Azure Security Center to bring a level of security into the environment. Before I started to work with this solution, I was a Kubernetes and Azure Cloud architect. I was working for a service provider where I did not get the opportunity to look at how do they secure the resources, but in the last one and a half years, I had to get into those aspects because the organization I was working for wanted to introduce Kubernetes into the ecosystem, and the main concern was regarding all the hacking that was going on. For introducing Kubernetes as a platform, all business managers wanted to know if it was secure or how to make it secure. We started to look at Azure Security Center and its capabilities because Azure was their main solution. We also used AWS and GCP to some extent, but predominantly, we had Azure. So, we first took Azure Security Center and started to leverage its features.
We use the solution internally. Azure Security Center works with Azure Defender. Azure Defender is used for identifying the vulnerabilities and loopholes inside our system that we can deploy on multiple layers either from the subscription level, the source level, or on the devices. You can connect multiple devices to this. That's not specific to only servers. You can connect with ER80 as well as SQL servers. Most of the services are covered within the Microsoft Defender.
We had multiple use cases at my previous company. I changed companies during their implementation stages of this solution. From what I saw, the solution has a good use case for SIEM.
We are consultants and we have customers using Azure Defender for the protection of their businesses. Many of our customers are in the financial industry.
Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.
The solution also provides automated...
Mostly, it's related to the vulnerability management.
We use Microsoft Defender for Cloud security, including endpoint detection and response, and user monitoring. We utilize every feature and functionality that Defender provides.
I use Microsoft Defender for Cloud mainly for cybersecurity, threat prevention and detection, and implementing zero trust principles. It serves as an endpoint security tool for securing our cloud services.
We use the solution as a VPN and for endpoint security.
We use Microsoft Defender for Cloud primarily for cloud security management, which includes vulnerability management. In a security environment, managing vulnerabilities is a top priority. Defender for Cloud helps identify and mitigate these vulnerabilities and protect against threats like viruses, worms, and spyware.
We use Microsoft Defender for Cloud for our cloud security.
We have deployed Microsoft Defender for Cloud to identify vulnerabilities across various log sources for our client. We implemented Defender to improve the security posture of our client's landscape.
I use the solution for threat hunting. We've installed it on a lot of devices. I look for specific version numbers or threats within the environment.
We use Microsoft Defender for Cloud to manage our cloud security posture. We also use Container Protection, which provides additional security for our containerized workloads. This gives us the visibility we need to ensure that our cloud resources are secure.
We use Defender for network security.
Our company policy is to onboard all the resources, which are supported by Microsoft Defender because it gives us a good amount of recommendations regarding security and vulnerability issues. We have a lot of new users that are not familiar with security protocols and the solution helps protect our systems. Some people don't have experience with security measures like enabling HTTPS, and FTPS security, setting up encryption on virtual machines, or they don't know how to set up private endpoints. For someone who is new, or doesn't have a lot of experience in this field, it is difficult to monitor everything. Microsoft Defender provides recommendations based on severity. High-severity recommendations are more important, while low-severity recommendations may not be as critical. Security reviewers can review all recommendations to make sure they are appropriate. Microsoft Defender is important for a whole variety of reasons, one of which is that it can help improve the security posture of our environment. This is important for organizations of all sizes but is particularly critical for businesses that are delivering services to customers.
There were many use cases. We were monitoring auto IT applications and creating internal processes to understand which ones were going to be allowed and which were going to be blocked. We created the policies internally. It's an IT tool to monitor employees' usage on the internet and of web apps. We created policies so that, for example, when employees reached certain websites, like games, they would be blocked. We created a message for the email that they would receive, and there were links for whom to contact if they needed to override it. We created all the processes behind it.
We use Microsoft Defender to scan for vulnerabilities related to any container or server in the cloud environment in Azure. Microsoft Defender suggests recommendations and security alerts according to the default framework. We can also use other frameworks like ISO benchmarks to assess our infrastructure and get recommendations on what can be fixed. The solution is deployed on a public cloud, and Azure is the cloud provider. We use Microsoft Defender for Cloud to natively support Azure. We are resellers. We customize the solution and sell it to clients.
Defender for Cloud is used for scenarios, including internal threats, threat hunting, in-depth analysis, and scanning the environment. We don't use Microsoft Defender for ATP or Sentinel for our security score, we have a third-party solution.
We have a managed detection and response solution, a type of SOC/SIEM/SOAR product, and we are adding data sources to our solution. We want to have data for our Azure cloud environment as well, so we use Microsoft Defender for Cloud as one of the sources for our Azure environment. We use it as an extra way to gain trust for our environment. We have purposely secured the total Azure cloud environment with firewalls, application gateways, et cetera, but we also want to have trust in our resource groups. That's an extra line of defense we have for our security.
Defender for Cloud is a unified platform. Within that, you have Defender for virtual machines, Defender for Servers, Defender for App Services, and Defender for Containers. It is a centralized solution, which you can leverage to bring your security practices in place so centralized security auditing can be done. You can use it for approximately 90% to 95% of Azure workloads for infrastructure, platform as a service, or database as a service. You can use it for all these. I am working for a service-based company. We provide Azure Cloud Services. We are a Gold-Certified partner from Microsoft in the GCC region. We are the only ones for whom Microsoft hands over their business. We mostly use it for public cloud, but it can also be used with hybrid cloud and on-premises. We also use private clouds with government entities. We have had many customers where we deployed this solution. They are secured and guarded by this solution, so they are happy now. It can be done as a multi-regional deployment.
We use it to keep our Azure infrastructure up to date with the security best practices that Microsoft suggests. We also use it to have better visibility into changes in our databases.
My client, a construction company, needed to replace their antivirus solution, including their Azure and on-prem services. They decided they wanted to use Defender for Cloud, so I started to implement it for them. The license for their antivirus software was about to expire, and they didn't want to spend much money. They opted for Defender for Cloud to replace Symantec. System Center (endpoint protection), Security Center and Advanced Threat Protection were all consolidated into one product called Defender for Cloud. The company I worked for was divided into several teams. We had an Azure Infrastructure team and workplace teams providing local on-premise services. The client was the biggest construction company in the country, with multiple locations. The strong point of Defender, especially when using Azure Arc to bring in on-premises systems, is that it doesn't matter where these systems are. They're just resources in the portal. If you see them and can install agents on them, it's fine. It doesn't matter how it's distributed or where the locations are.
I work on micro-segmentation for my master's thesis, and I was looking for ways to implement micro-segmentation using Defender. I work on the assumption that small businesses can't implement expensive virtualization solutions, so I'm looking for alternatives to implement micro-segmentation for their network security. I use the latest version of the solution. It's a test deployment. I created the entire network. It's more like a laboratory setup.
I have a highly specific use case for Azure Defender, so I don't think I've used most of its features. We primarily use it to secure Kubernetes clusters in other cloud environments. For example, I have Kubernetes in Amazon AWS, and we're trying out Azure Defender to protect those Kubernetes clusters. We also use Defender to scan the image repositories held in Azure Container Repository or ACR. We use Defender plus Azure ARC and Windows Defender. All three products work in conjunction to give us some security insights into our cluster.
We typically use Azure Defender for securing our infrastructure-based virtual machines and database solutions on the Azure subscription. We've integrated a couple of the Defender agents into our on-premise servers too.
I primarily use the solution just for the networking of virtual machines.
We are primarily using Azure Security Center to bring a level of security into the environment. Before I started to work with this solution, I was a Kubernetes and Azure Cloud architect. I was working for a service provider where I did not get the opportunity to look at how do they secure the resources, but in the last one and a half years, I had to get into those aspects because the organization I was working for wanted to introduce Kubernetes into the ecosystem, and the main concern was regarding all the hacking that was going on. For introducing Kubernetes as a platform, all business managers wanted to know if it was secure or how to make it secure. We started to look at Azure Security Center and its capabilities because Azure was their main solution. We also used AWS and GCP to some extent, but predominantly, we had Azure. So, we first took Azure Security Center and started to leverage its features.
We use the solution internally. Azure Security Center works with Azure Defender. Azure Defender is used for identifying the vulnerabilities and loopholes inside our system that we can deploy on multiple layers either from the subscription level, the source level, or on the devices. You can connect multiple devices to this. That's not specific to only servers. You can connect with ER80 as well as SQL servers. Most of the services are covered within the Microsoft Defender.
We had multiple use cases at my previous company. I changed companies during their implementation stages of this solution. From what I saw, the solution has a good use case for SIEM.
We are consultants and we have customers using Azure Defender for the protection of their businesses. Many of our customers are in the financial industry.
I work as a SOC manager. We use it for incident security, incident monitoring, threat analysis, and looking at remediation or suppression.