Microsoft Defender for Cloud Reviews

I primarily use the solution just for the networking of virtual machines.

It is very scalable.

The product has been very easy to use and simple set up. 

The maintenance and updating are part of the service, so that brings great value.

It's a stable product.

Technical support is helpful.

It's got a lot of great features. 

I can't speak to any features that are missing. I need time to get a little bit more into it before making any kinds of suggestions. 

They could always work to make the pricing a bit lower.

I've been using the solution for a few months. 

The stability is great. There are no bugs or glitches. It doesn't crash or freeze. It's reliable and the performance has been quite good in general.

Its ability to scale is impressive. It's one of the main selling points. If a company needs to expand it, it can do so. It's not a problem.

We have about 25 or so people using the solution. Some of them are new.

From my experience, technical support is good. They're quick to respond and knowledgeable. I haven't seen a need for improvement in any aspect of their support services. We are quite satisfied with them.

We did use other solutions, however, they were more for training or educational purposes. 

The setup is extremely straightforward and simple. It's not a complex or difficult process. You can get as involved as you want in it, or you can keep it simple.

The maintenance is also part of their service, which means we don't have to worry about it at all. They take care of everything. It doesn't require personnel watching over it. 

The pricing is mid to high. It's not the cheapest or least expensive option.

It's a good solution for, I'd say, small to medium business startups. It's also viable for enterprise solutions.

I'd rate the solution at a ten out of ten. We have been very happy with its capabilities. 

I am working in a security domain where Azure Security Center is playing a key role. We are primarily using Azure Security Center to secure our infrastructure. We are also able to use Azure Security Center for many other purposes.

In terms of deployment, we have a hybrid cloud. It is a combination of both on-prem and cloud. Azure Security Center is deployed on-prem, and then there are OMS agents that are provided by Microsoft that can be installed at any location, such as on-prem or on the cloud. These agents collect Windows and Linux logs from the machines on various clouds for Azure Security Center, which is something interesting for me.

It has improved our security posture a lot. The Azure Security Center provides a score that shows where is your organization at the moment in terms of security. After some time, you can see how much you have improved and where you can improve your score. We are getting this kind of advice from Azure Security Center.

It has definitely affected our end-user experience. With the help of this tool, we can investigate more security incidents in a very good manner. It has also enriched my career and improved me as a professional in terms of understanding various features and security incidents. 

Before implementing Azure Security Center, we had so many issues with our infrastructure in terms of security monitoring. With the implementation of Azure Security Center, we have resolved many issues. One of the issues that we have resolved is that we are now able to do security monitoring of the complete infrastructure. It not only supports cloud security monitoring; it also supports on-prem security monitoring. It has an OMS agent that can be installed on on-prem Windows servers, Linux, or other platforms for collecting logs. These agents can also be used on other cloud platforms, such as AWS, GCP, or Google Cloud. 

The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra. 

It has so many security monitoring features, such as compromised accounts. For example, if I'm working for abc.com company, and I'm using the same company email address for registering to another hotel or some other place where it gets hacked or something goes wrong, they will alert us. If my credentials are dumped somewhere on the dark web, they trigger an alert stating that you should go and reset your credentials. There are many more interesting alerts, and such features are pretty awesome in terms of security monitoring. In terms of security, it gives a very good overview of our estate. It also has many features from the cloud administration side.

Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark.

Sometimes, we are getting backdated logs, and there could be more correlation.

So far, its stability is good. I don't see any issues with the stability part.

In terms of new features, we are able to scale up to our requirements. New features get added immediately. So far, I don't see any issues in our environment.

Our company is an MNC, and there are around 180,000 endpoints that we are protecting or monitoring with this solution. Currently, its adoption is around 70%. We cannot achieve 100% coverage because of some of the legacy products. There are legacy servers, and then there are some people who are working in customer environments where they are not utilizing our laptops. We still need to cover 20% more.

Their support during the implementation was awesome. They provided very good support. After the implementation, they scheduled weekly calls to check with us if everything is going well. They helped us with troubleshooting and more understanding. If there are any product improvements, they have been announcing them over the course.

I was not involved in its implementation, but it was a pretty straightforward process. 

There is a separate cloud team for implementation. We just review whatever they have implemented from the security perspective. We review whether they have implemented it correctly or whether we are getting correct alerts. 

Our admin team had one week of training, and they implemented it with the help of Microsoft. Our environment is a bit complex, but we did it.

We have absolutely got a return on the investment. Our company is a managed security service provider (MSSP). When we get more projects, we mention the products that we are currently using to secure our environment. We also do a proof of concept (PoC) or a demo about how we installed such products in our environment and how secure we are. There are so many security scoring systems, and they give the score. Our score is on the highest side, which is useful for providing a security service to our client or customer. We have implemented Azure Security Center at many places for our customers.

I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive.

For cloud security posture, Azure Security Center is a good product. It is different from a Security Information and Event Management (SIEM) tool. We are also using a SIEM tool. Microsoft has a SIEM tool called Sentinel, and there are many SIEM tools out there in the market such as Splunk, QRadar, and ArcSight. Azure Security Center is not a replacement for Sentinel. It gives the complete posture of your cloud. It was started with the purpose of finding any anomalies and malfunctioning for Azure AD, which is related to login and logout of employees, but then they elaborated it a bit more.

I would rate Azure Security Center a nine out of 10.

This solution replaces, in many ways, the on-premises operations manager that used to be part of the System Center.

The most valuable feature of this solution is the support for a multi-cloud environment.

The policy-related features are good. For example, there is a compliance policy that is related to PCI and another related to NIST.

The support for dynamic networking is good.

Alerting and incident management are valuable features.

The integration with Logic Apps allows for automated responses to incidents. It is also integrated with Microsoft Defender.

They added new functionality into the pretty long list of features and it is constantly being updated. 

There is no perfect product in the world and there are always features that can be added. Innovation is something that is always on the table.

I have been working with Azure Security Center for more than four years.

This product is much more stable than anything else. The SLA has four nines of stability and it is impossible to compare it with anything that is on-premises. Cloud systems are much more stable.

Scalability is not something that we talk about because this product only exists in the cloud. We talk about it in terms of regions. There are approximately 50 zones across the globe, where for example, Canada has three zones that are split into Central, East, and West.

This is an example of Software as a Service, so scalability is out of the question.

If you need tech support, you need to go to the support site, find the proper program, and subscribe to it. Only basic support is included. If you need premium support or if you need a developer, the support is available, you just need to go to the site and find it.

It is extremely easy to subscribe, and extremely easy to understand. It depends on your requirements and on exactly what you need but a description of every program is readily available.

If you have questions, go to the FAQ, and on the same page, you will have access to the documentation. The documentation is crystal clear. It's very practical and actionable. It explains in simple phrases, or words, what the action is, what the purpose is, and what the benefit or value of it is. 

There is no need to find anything else. You start from the price calculator, and then click and get more information, and from the same page, you find what you need. 

You don't need to do anything else.

With respect to implementation, you just switch it on.

If you need to deploy something else then there are step-by-step instructions available. Setup and deployment will be easy for those who have experience working with this type of solution.

For those not used to this type of operation or not working in this area, it is absolutely possible to talk to their partners, such as the one that I work for, and they will help you.

If you hire the consulting service from a partner then they will help you to plan and design, including performing a capacity review to see what is required and what services need to be integrated. You will identify needs such as an on-premises data center versus using a third-party cloud.

This is a worldwide service and depending on the country, there will be different prices. 

There is a price calculator for Azure Services. You select the service that you are interested in, and the basic or the standard is there immediately, which has support options. Different levels of support are available for different prices. A subscription is part of the Azure Service. You will need to find what type of service you need.

If you need to negotiate the price, based on the enterprise agreement or per commitment, the price schema is available. You just need to speak with a partner.

You can also pay with your credit card, but you will need to read the documentation online.

In summary, if you would like to work with a product that addresses security in the cloud, or in a multi-cloud environment then this is exactly the product. There is no need to implement anything else.

There are multiple things that are absolutely nice about this product. That said, there is no such thing as a perfect product.

I would rate Azure Security Center a nine out of ten.

We are using this solution to implement our CAS policy and it monitors compliance with the Security Center.

Also, we use it for thereat protection. It detects any threats and provides threat recommendations.

Azure Security Center should be more easily understood by a non-technical person. It's more about the security before getting into the product.

It needs to be simplified and made more user-friendly for a non-technical person.

In the next release, I would like to see a better dashboard and more integration with IT sales Management.

I have been using Azure Security Center for one year.

We are working with the latest version.

It's a stable solution.

Azure Security Center is scalable. We have ten users in our organization.

The technical support is very good.

The initial setup was straightforward, but you have to understand the product.

It took us 48 hours to deploy.

We have a team of two to maintain this solution. One is an architect and the other is a service engineer.

We did not use a vendor team to implement this solution. I did it myself.

We are using the free version of the Azure Security Center.

I plan to continue using this solution and I recommend it to others.

I would rate Azure Security Center a seven out of ten.

We are using Azure Security Center for software development.

It's a cloud service that includes the security center and tailoring certain options.

The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce.

Pricing could be improved. There are limited options based on pricing for the government.

The initial setup could be simplified.

In the next release, I would like to see more development in the area of NECES scanning or Splunk, or Universal Forwarding. 

I have been working with Azure Security Center for six months.

We are working with Microsoft Azure for the government version of the cloud.

This solution is stable. It's 100% guaranteed and I've never had any problems with it other than some planned IT downtime.

Azure Security Center is scalable. We've been able to scale pretty well for a workforce that has over 400 developers.

My experience with technical support was more like a consultation. "Tell us what you need and we'll see if we can do that for you."

In some cases, they had to develop on top of the commercial product just to conform to certain government regulations and cybersecurity requirements.

Previously, we did not use a different solution, this is the first option.

It was pretty complex. We had to go back and negotiate with Azure on a few of the options that were commercially available, but not in the government products.

I'm not privy to pricing information, but I know it's probably close to a million dollars a year.

The pricing is comparable. The features that we're getting are tailored to what we need.

It was the best fit for us.

In the future, we will be looking at government brands of the same thing that are part of the DISA.

After looking at DISA's product options, they usually select commercial versions and government versions of commercial products like Azure. For example, Amazon Web Services, and Google cloud.

This was our first option or our first go-to solution because we were considering not only Microsoft but Amazon and Google as well.

Microsoft seemed to have most of what we need.

I am currently working on my Cloud Security Certification.

For anyone who is considering this solution, from a cybersecurity standpoint, if they are doing any kind of scanning, vulnerability scanning for software or systems and they're feeding into the cloud, make sure to check whether the security center doesn't offer adequate options for them to work with. If not, then look into other software like Spunk. They look into everything and they have plenty of conversations with the staff. That's the cloud security provider.

I would rate Azure Security Center an eight out of ten.

The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance.

The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available. 

Even though the TLS is only allotted for a single application, single box, and everything else is completely up to date, it just gives us an inaccurate reporting of how secure the environment actually is.

The solution could use a bit more granularity.

I believe we've been using the solution for one and a half to two years at this point.

I haven't had any real problems with the solution's stability. I'm trying to think of any complaints that anybody may have had. It's always worked whenever we needed it to. I'd describe it as reliable.

The solution is actually easy to scale. You'd be surprised how many cloud solutions out there that aren't scalable. I don't even know why some are in the cloud. As far as this solution is concerned, I've taken it up to a higher medium-sized company. I've scaled as high as 4,500 users. I'm just not sure if it is infinitely scalable. I don't know if it would scale into the tens of thousands. 

In terms of increasing usage in the future, we'll use it as required. It all depends on the client for us. We're solely dependent on what they want and which solution they want to go with.

It's like with any vendor, it's hit and miss. Sometimes you get the new person, sometimes you get the person that's been there for five years. You have to go in asking exactly what you want and use probing questions, and if you work with them enough, you learn what the right answer is. However, you ask those same questions, anyway, upfront. It gives you a baseline at least of where their technical expertise is. Just because they're on the help desk doesn't mean that they know what they're doing.

We use Intune for a lot of the app security purposes with Office 365, and then once we actually get into the AD section, it's just that a lot of people are really getting Office Secure Scores right now.

I've had both complex and straightforward implementations. Some of them can be extremely complex. It's all just tailored to what the client wants. I have other setups where everything is very basic ad easy and all the client wants is some basic reporting and a few easy policies. 

If you utilize everything, then it might take a while for deployment, and also the implementation could be extended. It's all very client-specific.

We're an MSP, so we have massive teams all over the place and I couldn't accurately say how many people it takes to maintain the solution. I know that, generally, you have one project manager and then you would have the main admin who was setting up the portal, but then you have other security personnel that goes in there and does the work on the different sections. It takes a couple of people, but I couldn't give you a hard number as to how many people a typical setup would need for maintenance.

I don't have any idea what the cost of the solution is. That aspect of the product is handled by a separate department.

We're a Microsoft partner.

The solution works for us, however, a client has its own needs and requirements. It's not a one-size-fits-all solution.

I'd rate the solution seven out of ten.

Primary use case of this solution has changed depending on the company I've been working in. In my previous job they were using it as a CWPP, cloud workload protection. In my current job it's used for the same purpose but we also use it for monitoring security policies, to enforce new policies and audit them. We also use it to meet some of the compliance requirements as well. We're partners with Azure and I'm the cloud security design lead. 

I personally like the features of the daily recommendations because that's a major deal, and it hosts Microsoft products so it has visibility. If you are bringing in a third party to get a high level of visibility, then a lot of work is required to get that level of capability. This product gives a very good view of the entire security setup of your organization which can be used by the security and operation teams. It provides alerts to the security team on the one hand, and all the AI and ML based detections on the other. It's very beneficial for our security and assault teams. In addition, it provides recommendations for the operations teams who need to sustain a high level of security. It's an important capability. 

I'm quite active on the Azure product blogs. We're able to provide recommendations to Microsoft and they work together with Azure towards achieving them. One of the issues with the product is that it's not possible to write or edit any capability. For example, if there is a false positive detection on the security center, the only option I have is to flag it off. I can dismiss the alert, but there is no option to provide comments or reviews, so that somebody else looking into the portal can brief them. 

I'd like to see some additional features that would include an option for the security team to provide comments on the alerts and also to improve the recommendations. I would like to see them fine tuned. We're also getting a lot of false positive alerts and Azure can reduce that using the Microsoft AI and ML feature.

I've been using this solution for two and a half years. 

This is a very stable solution. 

We've never had issues with scalability. We have over 50 engineers using the solution.

Our company has subscribed to premium support from Microsoft so we can open premium tickets. The support team are always available and we haven't come across any issues in the past.

The initial setup is very straightforward. 

We don't have a say in pricing, it's up to the product vendor. When you compare with other CWPP or server cloud protection products, I believe the Center is well priced. The customer has flexibility to choose which modules they want to use. There is a free version and a paid version and the customer makes a choice based on the organization's security strategy. If you're going to use add-ons or anything more feature rich, then you'd have to pay extra, but the standard product is a fixed price.

If you're in the world of cloud and your company is using Azure as their primary cloud, I think Azure Security Center is a must-have feature, because it provides a bird's eye view of the entire security position of the organization. The solution is integrated and there is service from Microsoft. New features are being added regularly and I think it's a great solution. 

I would rate this solution an eight out of 10. 

We are consultants and we have customers using Azure Defender for the protection of their businesses. Many of our customers are in the financial industry.

The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications. 

This solution has been very useful for securing core funds and preventing them from being hijacked by any application or spyware for our banking customers. People can be susceptible to scams easily because they are not aware of the current threat trends. We are able to scan for threats which have helped us limit the risks in the future.

The solution could improve by being more intuitive and easier to use requiring less technical knowledge.

In a future release, the solution could improve by providing more automation and clarity in the autoanalysis. When we provide our customers with a Microsoft solution for security, Microsoft has to go beyond the basic expectations to impress the customers.

I have been using Azure Defender for approximately one year.

The solution is very stable.

Azure Defender is scalable. We have not found any issue.

The technical support has been responsive. However, we need to be connected to the right level of support. For example, if you are a customer or if you purchased this solution as part of a certification, your level of satisfaction for support will depend on the provider you purchased it from. Microsoft will not be the one doing support for you. If you do not have premier support with Microsoft, as a cloud provider, you will have to support your customers when they are in need. Without Microsoft's premier support you only have break-fix support and if there is a major issue you will not have the help to understand what is happening, or how to prevent it from happening in the future.

The implementation can be difficult if there is not any prior training. There is a lot of elements that have to be understood.

We have an advisor that provides us with information to help us control and configure the solution. Additionally, they have assisted us with automation.

The price of the solution is good for the features we receive and there is an additional cost for Microsoft premier support. However, some of my potential customers have found it to be expensive and have gone on to choose another solution. Additionally, if the customer does not take the full package from Azure Defender it makes it difficult for us to manage the solution for them.

I rate Azure Defender an eight out of ten.