Microsoft Defender for Cloud Reviews

We use Microsoft Defender for Cloud to fill a gap temporarily by providing a platform solution for PaaS scanning, as there wasn't an enterprise-wide product available.

Microsoft Defender for Cloud offers a good range of workload coverage that effectively meets our current needs.

Microsoft Defender for Cloud enhances security operations by providing a prioritized list of remediation for security issues identified through Azure Policy and Sentinel. This integration offers unprecedented visibility into PaaS resources which we have not been able to do before.

It enhanced our security posture by enabling us to scan PaaS resources.

Microsoft Defender for Cloud has worked well coordinating detection and response across our devices, identities, apps, emails, data, and cloud workloads.

Microsoft Defender for Cloud is a valuable tool that integrates seamlessly with Azure Policy and our Security SIEM, simplifying implementation and enhancing security posture. Furthermore, its integration with Sentinel provides prioritized remediation steps for security issues identified through both Azure Policy and Sentinel, increasing visibility into PaaS resources and streamlining our security operations.

Microsoft Defender for Cloud could be improved by adding capabilities for NetApp files and more PaaS resources from other vendors, not just Microsoft.

I have been using Microsoft Defender for Cloud for a year and a half.

Microsoft Defender for Cloud is stable.

Microsoft Defender for Cloud is scalable.

Microsoft customer support has been great so far.

Microsoft Defender for Cloud is easily deployed using Azure Policy and a workspace.

So far, Microsoft Defender for Cloud essentially plugs the security gap we were looking to fill, so it has shown a return on investment.

Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters. It could be cheaper. Wiz is a little better from a reporting perspective.

We did not evaluate other solutions because Microsoft Defender for Cloud was the easiest to implement under the circumstances and the most readily available. Otherwise, the application would have been subject to the standard intake and other corporate processes.

I would rate Microsoft Defender for Cloud an eight out of ten.

Public Cloud

Microsoft Azure

As a consultant, I implement Microsoft Defender for Cloud for different customers with various use cases. The primary goal is to enhance security for cloud usage in many different ways.

Microsoft Defender for Cloud provides a prioritized list of remediation for security issues. We implemented routines to go through all the recommendations on a weekly basis because there are new recommendations all the time. It has definitely made it easier to stay on top of things.

Microsoft Defender for Cloud has definitely improved the security posture. There is at least a 50% improvement.

The coordinated detection and response across our devices, identities, apps, email, data, and cloud workloads is very good. The implementation of Copilot for security brings it to a whole different level where you can use normal language to ask things.

The most valuable feature is the recommendations provided on how to improve security. It has made the cloud environment more secure, thanks to all the recommendations we can get. They often come with step-by-step instructions, making it easy to implement the suggestions. This greatly increases the security of the cloud environment.

It seems to be very comprehensive in terms of the range of workloads. I have not found anything that is missing. It covers pretty much all the common scenarios.

With the new Copilot functionality available everywhere, it is challenging to pinpoint areas for improvement. If I put in a lot of thought, I might identify things, but right now, nothing significant pops into my mind, but there is always room for more transparency, especially in pricing.

I have been using Microsoft Defender for Cloud for a few years, probably two or three years.

Microsoft Defender for Cloud is very stable. I have never experienced any downtime.

The solution seems scalable. You can use most of these cloud platforms as you need. If you need more of it, you can do that. I appreciate the flexibility of the usage.

Being a Microsoft partner company, we have direct lines into Microsoft. Although Microsoft is a large organization, once you work with something for a while, you know where to go. It is a big company, and all big companies might have problems with communication at times.

Positive

I did not use a different solution before Microsoft Defender for Cloud. 

The initial setup is easy. It is straightforward and well-documented. If you need more information, there is always good information on Microsoft's documentation website.

In terms of the implementation strategy, you need to do some research beforehand. Once you have done that, you know what you want to protect and at what level. After you start using it, you get the recommendations, and then you just follow them. It is quite easy.

I am the consultant who manages the initial deployment.

The biggest return on investment is the rapid improvement of security posture. It takes time to find all these small things and recommendations on my own. The system's ability to provide prioritized lists of issues saves a lot of time, allowing me to focus on other tasks.

Understanding the costs of cloud services can be complicated at first. As with a lot of things in the cloud, it can be quite hard to understand the end cost, but it becomes clearer over time. Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something. It is clever marketing, and there is room for improvement there. There should be clarity from the start.

We did not evaluate other solutions before deploying Microsoft Defender for Cloud. We are quite heavily invested in Microsoft's ecosystem.

I would rate Microsoft Defender for Cloud a nine out of ten. There is always room for improvement, but it is a highly effective solution.

We use Microsoft Defender for Cloud primarily for security reasons, particularly focusing on cyber threats. It is utilized in the manufacturing industry.

The most valuable features of Microsoft Defender for Cloud include vulnerability management and threat intelligence. Additionally, security recommendations and attack surface reduction (ASR) rules are significant. ASR rules play a crucial role in attack surface reduction, where they ensure that asset devices are well-protected and streamlined for enhanced security.

There needs to be improvement in the security recommendations, particularly in attack path mapping. Sometimes, it misleads users about the real exposure of external-facing assets. It would be beneficial to streamline recommendations to avoid unnecessary alerts and to refine the severity of alerts based on specific environments or environmental attributes.

I have been using the solution for three years.

I have not experienced any difficulties or issues with the stability of Microsoft Defender for Cloud.

I would rate the scalability of Microsoft Defender for Cloud between eight and nine out of ten for our company.

I would rate Microsoft's technical support around seven to eight out of ten. They are supportive but sometimes slow, especially regarding new feature additions and managing their backlog.

Positive

I have not evaluated other solutions in this company before using Microsoft Defender for Cloud.

The setup is generally easy, particularly for Windows native operating systems. On a scale of one to ten, I would rate the setup an eight for Windows and a seven to eight for Linux devices.

Initially, the cost was reasonable, but additional services from Microsoft sometimes incur extra expenses that seem higher than expected.

Microsoft Defender for Cloud is compatible with the Microsoft ecosystem and provides decent integration with third-party tools. Overall, I would rate the solution an eight out of ten for its effectiveness and support.

Other

Our primary use case for Microsoft Defender for Cloud is mostly security posture management.

Defender for Cloud has improved our security posture. Defender provides us with a prioritized list of security issues to remedy, which improves our security operations because we know what to tackle first.

The most valuable feature is the comprehensive overview across different workloads. It allows us to see protection not just across one workload, such as virtual machines, containers, infrastructure, or data, but across all our workloads. This overall visibility is really helpful. The recommendations and prioritizations help us understand what to address first.

I use the free CSPM functionality. I don't always use the recommendations because I'm sometimes scared to implement those immediately.

The range of workloads is broad, but we'd love to add more workloads and make it a single security solution that covers all those workloads. Covering more would allow us to see and protect more workloads from a single pane of glass. Additional features should include protection for more AI workloads as it currently focuses primarily on OpenAI.

We have been using Microsoft Defender for Cloud for two years.

The sustainability of Microsoft Defender for Cloud is quite stable, especially with the free tier we're using. It provides a lot of value for being free.

Scalability is still to be determined. We have deployed it across several workloads, but we'll need to see how it performs as we expand to more resources and workloads.

We haven't had to reach out to customer service or technical support yet. Therefore, I can't rate it at this moment.

Positive

I didn't use any different solutions previously. We opted for Microsoft Defender for Cloud due to easy integration with our other Microsoft products.

It was easy to set up as we enabled it across our workloads in Azure.

We handled the deployment ourselves without any integrator, reseller, or consultant.

Being a free tool, it provides visibility and insights into workloads that we wouldn't have had otherwise. This is definitely a good return on investment.

We only use the free tier, so we haven't faced any pricing, setup costs, or licensing challenges.

We didn't evaluate any other solutions as Microsoft Defender for Cloud integrated easily with our existing Microsoft products.

I would rate Microsoft Defender for Cloud a nine out of 10. It offers free insights and extensive visibility into workloads for a free product, which is great for us.

Public Cloud

Microsoft Azure

We are using Defender for Cloud to check in on security and vulnerability management.

When we were switching from on-prem to the cloud, we did not have the vulnerability management tool to give us alerts on that. We were using Tenable Security Center on-prem. When we moved to the cloud, we needed a solution and chose Defender for Cloud. Now, when we do our vulnerability management meetings, we refer to Defender for Cloud recommendations. We can assign them to technicians or security personnel in case we need to change policies or make exceptions. It is set up to ensure only security personnel can dismiss a recommendation.

It lists the criticality that is the most insecure for our environment and the criticality score for it. This is helpful for us to know what we need to deal with first.

Defender for Cloud has improved our security posture. 

The most valuable features are the security recommendations provided by Defender for Cloud.

Tenable Security Center has a list of all of our vulnerabilities. I can sort it by vulnerability or by machine. Defender for Cloud does do that, but it is just not as clean and easy to get to. It sometimes gets too deep in the weeds, and I do not know how I got to that point. If they had an easier way to display all the vulnerabilities of the machines affected and remediation steps on one screen rather than having to dive deep into each of them, that would be a lot easier.

There can be an easier-to-read dashboard. It would be nice to be able to see the top ten vulnerabilities that we have specific to a system on the dashboard. We can view the security score currently, but a cleaner and simpler display would be good.

I have been using Defender for Cloud for three years.

It is pretty stable and feels solid.

We have struggled with Microsoft customer service quite a bit. While experts are a ten, the overall experience is not always positive and we have had to make a complaint. When we are able to get to a call with their experts, it is great, but it can take time to get to that level. We have had to raise a ticket for the same thing about three times.

Positive

We were using Tenable Security Center on-prem. We switched because we were moving to a Microsoft-centric cloud solution.

It was easy. The setup was handled by a technician who did not report any significant issues.

We did not use any third party for deployment.

We have seen a return on investment, but I cannot quantify it.

We did not evaluate other solutions because we were only looking for a Microsoft-centric solution.

I would rate Defender for Cloud an eight out of ten.

I used Defender for Cloud in Azure Kubernetes Service and virtual machines to provide more security to these environments.

We are a financial company, so Defender for Cloud helps us create multiple layers to protect assets and ensure a more secure environment. The solution improves our efficiency. We've increased our security posture by around 30 percent. 

Defender for Cloud's most valuable features are the dashboard and alerts about issues inside virtual machines or containers. It covers a wide range of workloads. Defender provides a prioritized list of remediations that helps us improve our team's capacity. Integrating Defender for Cloud with Sentinel has increased our visibility. The solution's coordinated detection and response across devices and identities is impressive because it is complete.

I would like to see more connectors and plugins with other platforms.

I have used Defender for Cloud for three years.

The stability of the solution is good. I don't have a problem with it.

Its ability to scale is good.

I rate Microsoft support eight out of 10. Customer service is good. I deducted two points because the documentation could be clearer. 

Positive

I did not use a previous solution prior to using Defender for Cloud.

The rollout was good. It was easy.

I am a reseller. I am partnering with TD Synnex and TeleScenics.

The return on investment is high, it's about 20 percent.

I did not consider any other solutions.

I would rate Defender for Cloud an eight out of 10. 

Public Cloud

We use Defender for Cloud for workloads that involve large amounts of data.

It's cost-effective to create custom logs in Defender for Cloud. 

Defender for Cloud provides a prioritized list of remediations for security issues, reducing risk and improving security operations.

There is room for improvement in terms of cost-effectiveness when enabling every single log, including custom logs.

I've been using Defender for Cloud for a year and a half.

I have no issues with the stability of Microsoft Defender for Cloud.

Scalability is great, and I would rate it a ten out of ten.

It's hard to reach someone who understands my problems. I haven't had many issues, so I haven't called them.

Positive

I used an unspecified different solution before adopting Microsoft Defender for Cloud.

The solution is really easy to enable.

I interacted with a Microsoft representative for implementation, and the process was straightforward.

The setup costs are low because it's easy to enable. However, I'm not clear on other pricing details.

I didn't evaluate other solutions extensively before choosing this.

I rate Defender for Cloud 10 out of 10.

Hybrid Cloud

We are using the tool for checking for vulnerabilities over my website for my own personal purpose and within my corporate role. This is also a tool that we have deployed. In terms of usage, it's much more related to reporting and vulnerability management rather than setting up from an organizational perspective.

From an efficiency perspective, it has helped with reporting and the self-service availability of security postures.

The most valuable feature for me is the variety of APIs available. Additionally, the suggestions I get from Defender for security levels and recommendations on how to upgrade my security level are very appreciated.

I recommend that they extend the scope for legacy infra assets.

I have been working with it for more than a year now.

I rate the stability an eight out of ten.

There are no complaints about scalability, and I rate it an eight out of ten.

I rate customer support a nine out of ten. The support team was very responsive to queries.

Positive

Rating the setup, I would give it a six out of ten. The setup process took about two to three days due to waiting on support replies.

I had a support team to help with some of the setup aspects, and they were very responsive.

It's difficult to say because the volume of vulnerabilities and threats has increased, making it tough to compare efficiency between usage before and after implementation.

I don't have visibility into the specific costs, but it seems to be a significant concern for our organization. Every time we consider expanding usage, we carefully evaluate the necessity due to cost concerns.

I am familiar with Dataiku and Databricks, and we use SailPoint in conjunction.

Users must first understand the list of assets they have and whether there is out-of-the-box connectivity with them.

I'd rate the solution seven out of ten.

Public Cloud

Other