We performed a comparison between Microsoft Defender for Cloud and Tenable.sc based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Microsoft Defender for Cloud focuses on regulatory compliance, ransomware protection, and access controls, while also providing real-time assessment, incident alerts, and UEBA features. On the other hand, Tenable.sc's strengths lie in accuracy in vulnerability detection, prioritization, automation, and risk-based approach. In terms of room for improvement, some users have cited issues with Microsoft Defender for Cloud's reporting capabilities and ease of use. On the other hand, Tenable.sc users have mentioned a need for more user-friendly interfaces and better integration with other security tools.
Service and Support: Some Microsoft Defender users faced challenges with slow response times and difficulty reaching the appropriate support level. Tenable.sc's support is generally positive, with some users finding it prompt and helpful, but others reporting delays and a lack of helpful information.
Ease of Deployment: The setup process for both Microsoft Defender for Cloud and Tenable.sc is reportedly easy, with Microsoft's requiring less maintenance. However, the on-prem version of Tenable.sc can take longer to deploy and needs integration with other solutions.
Pricing: The cost of Microsoft Defender for Cloud depends on the license and metrics, but is often seen as reasonable. Tenable.sc's pricing is based on the number of addresses to be scanned and can include extra costs for advanced support, leading to mixed opinions on its affordability.
ROI: Microsoft Defender for Cloud and Tenable.sc are two different tools that offer unique benefits. Microsoft Defender for Cloud has improved security measures and saved time, while Tenable.sc is useful for reducing the workload and has impressive reporting features.
Comparison Results: Microsoft Defender for Cloud is the preferred option over Tenable.sc due to its comprehensive cloud environment features, including regulatory compliance, ransomware protection, and access controls. Tenable.sc has accurate vulnerability detection and a user-friendly interface, but it lacks some critical cloud environment features and has mixed reviews on customer support and pricing.
"Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure."
"Threat protection is comprehensive and simple."
"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"The technical support is very good."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"The Auto-Remediate feature is good."
"The solution has a lean and easy-to-use interface that is not confusing to first-time users."
"The most valuable features in Tenable SC are scanning and analysis."
"Tenable also helps us to focus resources on the vulnerabilities that are most likely to be exploited. And since it is continuously updated, it allows us to reevaluate quickly if there are new vulnerabilities found..."
"Very customizable with a lot of templates."
"Has a great advanced scanning feature."
"It basically reviews our threat landscape vulnerability."
"It is a very good and user-friendly product."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"There is no perfect product in the world and there are always features that can be added."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"The documentation could be much clearer."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"The most significant areas for improvement are in the security of our identity and endpoints and the posture of the cloud environment. Better protection for our cloud users and cloud apps is always welcome."
"Certain aspects require manual effort, such as exporting and analyzing data for our dashboards. The built-in components of the Tenable solution are somewhat clumsy that require external tools. So, this is an area of improvement."
"Its reporting can be improved. It is not easy to generate a scan report the way we want. The data is okay, but we can't easily change the template to make it look the way we want."
"The product could be user-friendly, and they could enhance the web application's security features."
"Tenable SC can improve by making it easier to create complicated reports and have more effectiveness in the remediation area for comparison between the scans."
"Tenable has some problems with agents going offline during scanning and lag between agents and the security center."
"It's good at creating information, it's good creating dashboards, it's good at creating reports, but if you want to take that reporting metadata and put it into another tool, that is a little bit lacking."
"The GUI could be improved to have all concerns and priorities use the same GUI, allowing them to see all tickets, assign vulnerabilities, and assign variation failures to each member of their team."
"There's a lot of information being streamed out of the reports. What would be nice, and maybe we just haven't found it, would be more of an executive-type view. We still expect it to collect all this information, but we would like a feature that would allow us to show it to an executive or a director or someone like that and give them some type of high-level overview but not get into the nitty-gritty."
Microsoft Defender for Cloud is ranked 7th in Vulnerability Management with 46 reviews while Tenable Security Center is ranked 1st in Vulnerability Management with 48 reviews. Microsoft Defender for Cloud is rated 8.0, while Tenable Security Center is rated 8.2. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Tenable Security Center writes "A security solution for vulnerability assessment with automated scans". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Tenable Security Center is most compared with Tenable Vulnerability Management, Qualys VMDR, Tenable Nessus, Rapid7 InsightVM and XM Cyber. See our Microsoft Defender for Cloud vs. Tenable Security Center report.
See our list of best Vulnerability Management vendors and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
