These Microsoft Defender solutions focus on cloud security and target different aspects. They are complementary solutions, working together for a comprehensive cloud security strategy.
Defender for Cloud Focuses on securing your entire cloud environment, including infrastructure, workloads, and platforms. It offers Cloud Security Posture Management (CSPM) and DevSecOps functionalities, identifying vulnerabilities, misconfigurations, and recommending remediation steps. It can extend beyond Azure to AWS, GCP, and on-premises environments.
Defender for Cloud Apps primarily secures user access and data within SaaS applications. It offers features like Data Loss Prevention (DLP), User and Entity Behavior Analytics (UEBA), and Adaptive Access Control (AAC). It integrates with Microsoft Defender XDR for a broader security view.
For more reviews and insights about Microsoft's security solutions, get our Microsoft Security Suite guide.
"Defender is user-friendly and provides decent visibility into threats."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"Good compliance policies."
"The solution is very easy to deploy."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"The solution does not affect a user's workflow."
"Defender helps us control which applications are being used and gain more security insight into remote and hybrid users based on user identity and log in location. You can also integrate Defender for Cloud Apps with Defender for Endpoint to extend its capabilities."
"It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place."
"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."
"The most valuable feature is the ease of management. It's important."
"The most valuable feature is the seamless integration across different clouds."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"The documentation could be much clearer."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"No possibility to write or edit any capability."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"Defender for Cloud apps is primarily useful for Azure apps. It has limited capabilities for applications based on other cloud platforms."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"There are challenges with detection and there are challenges with false-positive rates."
"Sometimes the support is actually lacking."
"The integration with macOS operating systems needs to be better."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews while Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews. Microsoft Defender for Cloud is rated 8.0, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR. See our Microsoft Defender for Cloud vs. Microsoft Defender for Cloud Apps report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.