Microsoft Defender for Cloud Reviews

At the moment, we work with Sophos, SentinelOne, or Microsoft Defender. Most of our customers have Microsoft infrastructure, and they are cloud-only customers with Microsoft business licensing. I primarily recommend Microsoft Defender for customers who already have Microsoft infrastructure.

The most valuable feature is the hunting feature, which integrates well into the entire Microsoft ecosystem. It allows customers to have all security settings in one panel, providing a unified admin site. This feature significantly aids in threat detection and enhances the user experience by streamlining security management.

The pricing could be improved, as it is somewhat high for smaller companies. Additionally, the artificial intelligence features could be expanded to allow the system to autonomously manage security issues without needing intervention from admins.

We have customers on Defender.

I have not had contact with Microsoft technical support at this moment.

At the moment, we work with Sophos, SentinelOne, or Microsoft Defender. We also work with SentinelOne and other security products integrated in our remote management tools.

The cost savings vary by customer, however, for those with 100 to 150 licenses, there are noticeable savings at a higher level.

Microsoft Defender for Cloud is considered competitive in pricing.

In addition to Microsoft Defender, we evaluate products like SentinelOne.

For smaller companies, the product is too expensive. I usually recommend SentinelOne, as it is included in our remote management tools. I rate Microsoft Defender for Cloud an eight out of ten.

Public Cloud

We use Microsoft Defender for Cloud primarily to scan storage buckets and ensure no sensitive data, such as PCI or PII data, is present. We also use it for general resources, including resource groups, storage accounts, and Azure Key Vault.

We don't use it for detection and response. It's more for scanning architecture and data to ensure we have the latest infrastructure configuration. I don't think we're using it for Entra ID. Another team does that. I'm more on the operation side. 

Defender works in tandem with Wiz, so we get insights and email alerts if something isn't compliant. For example, we get an alert if TLS 1.2 isn't enabled. It keeps track of what's compliant and what isn't. 

It alerts us to our vulnerabilities and ensures compliance by marking off a compliance tool checklist. We use Defender's free CSPM functionality, including the Microsoft Cloud Security Benchmark. It's not our primary policy compliance tool, but we get some excellent insights. 

Defender covers a wide range of workloads. It's suitable for key vaults for storage accounts and services. However, there are some gaps in terms of covering entire apps. 

Defender could provide more in-depth visibility into vulnerabilities and services. For instance, we wanted to scan Azure NetApp for sensitive data, but they didn't have that feature. It was only for storage accounts. I want Azure Defender features to cover all Azure resources rather than a few.

Defender for Cloud's prioritized list of remediation for security issues is pretty good but not as extensive as Wiz or other third-party tools. 

I have been using Microsoft Defender for Cloud for about two to three years.

Microsoft Defender for Cloud is stable and reliable as advertised.

It is scalable as it integrates seamlessly across services once activated. However, it needs more features across all resources.

I rate Microsoft support seven out of 10. Customer support is decent, but it varies depending on who you get. My main complaint is the you get bounced around a lot, and you have to explain the issue again to the next technician. When you finally get someone good, the service is excellent. 

Neutral

We use multiple solutions, but Wiz and Prisma are among the notable alternatives we've employed. Defender's advantage is that it's native to the cloud, but it's drawback is that the services are limited. While the services it provides are great, they stop at the Azure level. Wiz has wider coverage, but Defender supplements it. 

The initial setup was straightforward, but as we expanded and went through audits, it became more complex.

We did everything in-house without using any third-party assistance.

Our primary return on investment is that we avoid audits and penalties because we're highly regulated. If we're out of compliance, it costs us time and money to remedy the issue. Defender provides proactive, preventative controls. 

Pricing is satisfactory with no significant concerns.

I would rate Microsoft Defender for Cloud a six out of 10 due to its lack of necessary features to operate as a standalone solution.

Hybrid Cloud

We use Microsoft Defender for Cloud to secure our environments across the company. We have the full E5 suite, including Microsoft Defender for Identity and Endpoint. The solution integrates the total spectrum of Microsoft products. 

We are not a multi-cloud environment. We're entirely on Azure. It's not a hybrid environment. Defender only covers the cloud, and we have a different solution for our on-prem environment. 

Microsoft Defender for Cloud has made our environment more secure. We don't have to worry about it as much, and we've never had a breach, giving us a lot of peace of mind. We've improved our security posture because Defender extends the capabilities of a whole range of products, so we don't have any gaps.

Microsoft Defender for Cloud monitors our entire cloud environment. It enables conditional access and incorporates features like number matching and single sign-on for all our cloud apps. It is great for protecting against ransomware and various security threats.

The solution's native integration with our other Microsoft security solutions gives us security insights. It alerts us to potential breaches, old accounts, and nonhuman identities that we need to be aware of. 

It notifies us in time, and we don't have to worry about it. If something comes up, Defender immediately detects it. It lets us choose what we want to do and remedy the issue from the console, whether that's implementing a conditional access policy or an MFA.

We haven't experienced issues with Microsoft Defender for Cloud for our company size of about five hundred people. However, I've heard there might be issues with scalability for larger enterprises.

I joined the company about two and a half years ago, and Microsoft Defender for Cloud was already installed.

Microsoft Defender for Cloud seems stable from my point of view, so I hope it stays like that.

For our company size, Microsoft Defender for Cloud has been great, but there might be scalability issues as you scale up to large enterprises.

I rate Microsoft support seven out of 10. Customer support has been good. We have a portal to request support, and they typically solve our problems within a week. However, we often need to escalate to the second level, as the first level is mainly contractors without the full security insight. Once escalated, a higher-level technician usually resolves the issue.

Neutral

We have always had Microsoft Defender for Cloud since I've been at the company.

It's hard to quantify an ROI with security, but because we haven't had a breach or serious security incident, which would cost millions of dollars, we can consider it a return on investment

The pricing and licensing of Microsoft Defender for Cloud have been good for us. We appreciate the licensing approach based on employee count rather than a big enterprise license.

We haven't considered another solution. We're a Microsoft Partner of the Year. We're one hundred percent integrated with the Microsoft ecosystem. So we've never even looked to evaluate another solution because Microsoft has been great for us, and we have all our integrations tied up into it. It would be a huge workload to move to another solution.

I rate Microsoft Defender for Cloud eight or 10. While there are areas for improvement, it has been great for a company of our size.

Public Cloud

Microsoft Azure

We have over three hundred customers, and mostly they're using Microsoft Defender for Cloud with any type of virtual machines and other services. We suggest that they purchase Microsoft Defender for Cloud. We have provided the solution to almost ninety percent of our customers, whether they are using virtual machines, Linux, Windows, or other services.

The most valuable feature is the advanced threat protection. Every client wants their data to be safe and secure, with no external threats. We also have the dashboards configured for clients, offering them a comprehensive overview, complete with notifications and email alerts. Clients greatly value this feature and have transformation across their security operations. The system provides dashboards, emails, and easy notifications.

Microsoft Defender for Cloud needs to improve its log space by adding an additional five to ten gigabytes. Furthermore, support for hybrid systems should be enhanced by allowing the Azure Arc agent to collect data from systems that may not be up-to-date. There is also room for improving the first line of support, as these representatives often lack technical expertise.

We have been using Microsoft Defender for Cloud for the past five years.

Deployment is straightforward for technical people. When integrating other services, there are some tricky steps. For instance, deploying Microsoft Defender on hybrid systems requires onboarding the system with Azure Arc, adding a Log Analytics workspace, and configuring Microsoft Sentinel for logs collection.

Microsoft Defender for Cloud is stable. It is given a stability rating of nine out of ten. Occasionally, there is a disconnectivity between the agent and on-premises server. This is generally due to Azure Arc, and mainly arises when systems lack the latest updates or security patches.

Microsoft Defender for Cloud is highly scalable. According to our experience, it deserves a score of ten out of ten. It has multiple licenses and features, covering infrastructures from a hundred to five hundred virtual machines, without any issues.

The customer service at Microsoft has room for improvement. The first line of support is not technically adept and often requires engaging higher-level technicians to resolve issues. There have been situations where we needed multiple calls to resolve a single issue.

Neutral

We previously replaced other solutions with Microsoft Defender for Cloud because those solutions had limitations in features.

The initial setup is good and straightforward for IT personnel. However, integrating additional services or hybrid deployments can involve complex steps.

Most of our customers find value in not having to purchase additional solutions since Microsoft Defender for Cloud offers comprehensive coverage for their needs.

The cost is generally reasonable. Microsoft Defender for Cloud Plan 2 costs $15 per server, per month. For a normal customer with ten to twenty servers, the cost is about $300 per month, which is affordable.

I would rate Microsoft Defender for Cloud a ten out of ten. It is a well-known and scalable product that provides comprehensive protection for environments and infrastructures, whether cloud-based or on-premises. It offers centralized management, email notifications, and dashboards, making it a better solution compared to others.

Hybrid Cloud

Microsoft Azure

We primarily use Defender for policies, such as compliance checks and vulnerability management. We have introduced a new system for rolling out policies across the organization, monitoring compliance closely.

Microsoft Defender for Cloud has significantly improved vulnerability management by tracking compliance, networking issues, storage accounts that shouldn't be public, etc. 

The most valuable feature is the regulatory compliance aspect, where we utilize predefined initiatives like NIST. Alert management is another useful feature. Alerts are directly integrated with our email or DevOps board for easy viewing, allowing us to identify problem areas efficiently.

Two or three months ago, they released an update that we liked. Now, you can set up control groups based on policies, giving you a clear overview of where you're lacking. Defender covers almost all our workloads. We don't use a multi-cloud environment, but it covers Azure and AWS well. 

Defender could improve how data is represented. It can be unstructured or slow to load. The recent update allowing policy grouping into control groups is beneficial, but further enhancements for speed and clarity are needed. It would be nice if Defender prioritized vulnerabilities more. It provides an overview of what needs improvement, but I don't know if it's correctly prioritized.

I have used Microsoft Defender for Cloud for about two years.

The stability could be improved, as it can be slow to load at times, but overall it provides the expected recommendations.

It is very scalable, especially in a cloud environment, allowing for extensive resource coverage for vulnerability management.

I have not used customer service for Defender for Cloud, but generally, I am satisfied with Microsoft's support. They are quick to respond and effectively resolve issues.

Positive

I rate Microsoft Defender for Cloud eight out of 10. 

We primarily use Microsoft Defender for Cloud for cloud security posture management.

Defender for Cloud improves our overall cloud security posture by identifying risks and vulnerabilities. It gave me a perspective on whether we comply with the industry's best practices and benchmarks we are pursuing.

My favorite part of Microsoft Defender for Cloud is the compliance features. Defender covers a wide range of workloads, on par with competing products on the market. I can get information from other cloud platforms and use Defender across AWS, Azure, GCP, containers, servers, etc. One tool provides a view across your entire hybrid environment.

Microsoft Graph needs improvement.

I have been using Microsoft Defender for Cloud for around two years.

The stability of Microsoft Defender for Cloud is good since it sits in the Cloud, and we have not had any challenges regarding stability.

I rate Microsoft support seven out of 10. The documentation about what is covered in the basic support versus premium is unclear. 

Neutral

We use multiple products that perform similar functions in our environment, including Prisma and Wiz. We use Defender for Cloud as our native Azure tool in addition to other third-party tools.

The initial setup is relatively simple and straightforward.

No integrated reseller or custom team was used for the deployment.

We have seen a return on investment because a lot of these native tools provide better reporting, which our team can consume.

Defender's basic version is free, which is good. Many of our teams are evaluating the paid version against third-party products.

We didn't evaluate other solutions before switching as we have multiple products performing similar functionalities.

I rate Microsoft Defender for Cloud eight out of 10. Even though there are many third-party tools with more functionality, using native tools is beneficial, and we use them alongside third-party tools.

Public Cloud

We use Microsoft Defender for Cloud primarily as antivirus software. It covers a wide range of use cases, including scanning for threats and malware on servers and checking for alerts. It is integrated with our endpoints, allowing us to track everything in one seamless place.

Defender for Cloud has improved our security posture. We've trained on it, and it's becoming more helpful each time we use it. Viewing all the alerts in a single pane of glass is very handy.

Defender for Cloud is an improvement over Trend Micro, our previous solution. We like integrating our endpoints and visualizing everything in one place. It provides comprehensive coverage for endpoints, servers, and overall environmental security. 

Additionally, we appreciate its capacity to offer alerts and a prioritized list of mediations. It's integrated with our other solutions, including our DLP protections. That helps us protect our HIPAA and PII data. 

However, some Copilot features aren't available in the GCP environment. This is something we hope will be addressed in the future.

I have been using Microsoft Defender for Cloud for about three months since we moved to an E5 license that included this solution.

Defender's stability has been impressive. We have not faced real downtime, but we experienced some hiccups that lasted a few minutes.

Defender's scalability has been pretty good. We are not using many cloud resources for servers, but otherwise, it has been excellent for scalability.

I rate Microsoft support nine out of 10. There have been some issues here and there, but overall, the experience has been good.

Positive

We used various solutions before, including Trend Micro and GroupWise. We switched to Microsoft Defender for Cloud primarily due to cost efficiency. It was cheaper for us to make the switch than to continue with our previous solutions.

Setting up Defender was a bit of a challenge, but after that, everything went smoothly.

We used a company called Novakos for the migration. They provided all the services we needed and got everything set up effectively.

I am not able to comment on the return on investment, as I do not handle the financial aspects. However, I assume the organization is seeing positive results.

The decrease in costs from switching allowed the organization to allocate resources elsewhere.

I rate Defender for Cloud nine out of 10.

Hybrid Cloud

Other

Our primary use case for Microsoft Defender for Cloud is mostly security posture management.

Defender for Cloud has improved our security posture. Defender provides us with a prioritized list of security issues to remedy, which improves our security operations because we know what to tackle first.

The most valuable feature is the comprehensive overview across different workloads. It allows us to see protection not just across one workload, such as virtual machines, containers, infrastructure, or data, but across all our workloads. This overall visibility is really helpful. The recommendations and prioritizations help us understand what to address first.

I use the free CSPM functionality. I don't always use the recommendations because I'm sometimes scared to implement those immediately.

The range of workloads is broad, but we'd love to add more workloads and make it a single security solution that covers all those workloads. Covering more would allow us to see and protect more workloads from a single pane of glass. Additional features should include protection for more AI workloads as it currently focuses primarily on OpenAI.

We have been using Microsoft Defender for Cloud for two years.

The sustainability of Microsoft Defender for Cloud is quite stable, especially with the free tier we're using. It provides a lot of value for being free.

Scalability is still to be determined. We have deployed it across several workloads, but we'll need to see how it performs as we expand to more resources and workloads.

We haven't had to reach out to customer service or technical support yet. Therefore, I can't rate it at this moment.

Positive

I didn't use any different solutions previously. We opted for Microsoft Defender for Cloud due to easy integration with our other Microsoft products.

It was easy to set up as we enabled it across our workloads in Azure.

We handled the deployment ourselves without any integrator, reseller, or consultant.

Being a free tool, it provides visibility and insights into workloads that we wouldn't have had otherwise. This is definitely a good return on investment.

We only use the free tier, so we haven't faced any pricing, setup costs, or licensing challenges.

We didn't evaluate any other solutions as Microsoft Defender for Cloud integrated easily with our existing Microsoft products.

I would rate Microsoft Defender for Cloud a nine out of 10. It offers free insights and extensive visibility into workloads for a free product, which is great for us.

Public Cloud

Microsoft Azure