Microsoft Defender for Cloud vs Vanta comparison

"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."

"The tool's most valuable feature is its support for cloud-native services like Kubernetes, containers, managed storage, and databases. Protecting these without Microsoft Defender for Cloud would be extremely challenging. For threat protection specifically, I find the signature-based detection and heuristic detection features very effective."

"Microsoft Defender for Cloud monitors our entire cloud environment. It enables conditional access and incorporates features like number matching and single sign-on for all our cloud apps. It is great for protecting against ransomware and various security threats."

"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."

"The feature of Microsoft Defender for Cloud that I have found most valuable is the alerts, which are pretty standard for security."

"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."

"The integration with Logic Apps allows for automated responses to incidents."

"The most valuable features are the security recommendations provided by Defender for Cloud."

"The product has provided automated security controls for our cloud provider. It helps to automate security checks. Vanta offers a list of things that can be done to achieve ISO 27001 compliance."

"It helps us track the compliance of the components listed in our partner's directory. We can also check if the password manager, XML, and three log policies have been properly implemented on the desktop."

"Task management and vendor assurance are the most valuable features. It is also an easy tool to use."

"The most valuable feature of Vanta is its prebuilt control frameworks."

"They integrate into New Relic as a performance monitoring tool."

"The most valuable feature of Vanta would be the time savings from the automation and the continuous compliance monitoring once set up."

"Features like code scanning and pipeline scanning are not included in the solution."

"The remediation process could be improved."

"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."

"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."

"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."

"It needs to be simplified and made more user-friendly for a non-technical person."

"Defender could improve how data is represented. It can be unstructured or slow to load. The recent update allowing policy grouping into control groups is beneficial, but further enhancements for speed and clarity are needed."

"With the new Copilot functionality available everywhere, it is challenging to pinpoint areas for improvement. If I put in a lot of thought, I might identify things, but right now, nothing significant pops into my mind, but there is always room for more transparency, especially in pricing."

"The main area for improvement in Vanta is the user interface's refresh rate."

"Some of the tool's automated tests do not work the way it should."

"There is a delay with customer support and they are unsure of the answers we need."

"Scalability could be improved."

"They have an AI generator for the system description for SOC 2, however, the outline is a little sketchy."

"Currently, Vanta's user access review module is still in development, and we've been giving them continuous feedback to help them improve that."

"I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."

"Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."

"The licensing is straightforward but can become expensive if you cover everything. You must balance the cost against the importance of what needs covering."

"The cost is fair. There aren't any costs in addition to the standard licensing fee."

"I rate Microsoft Defender a three out of ten for affordability. The price could be a little lower."

"Defender for Cloud is pretty costly for a single line. It's incredibly high to pay monthly for security per server. The cost is considerable for an enterprise with 500-plus virtual machines, and the monthly bill can spike."

"It has global licensing. It comes with multiple licenses since there are around 50,000 people (in our organization) who look at it."

"We are using the free version of the Azure Security Center."

"Vanta is expensive."