Microsoft Defender for Cloud and Zscaler Cloud Protection aren't direct alternatives, but rather complementary solutions that work together to enhance cloud security. Microsoft Defender for Cloud, is a cloud protection platform, that focuses on securing cloud applications and workloads. Zscaler Cloud Protection encompasses several Zscaler security solutions, including Zscaler Internet Access and Zscaler data protection solutions that inspects and filters all cloud traffic.
The summary above is based on 46 interviews we conducted recently with Microsoft Defender for Cloud and Zscaler Cloud Protection users. To access the review's full transcripts, download our report.
"It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"The solution is very easy to deploy."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening."
"This secure connection allows users to connect to the Zscaler VPN and access the resources on the office network, making it a highly valuable component of our system."
"The product provides a seamless user experience."
"The agent's versatility is notable, used for digital experience monitoring to collect valuable endpoint metrics for troubleshooting."
"The most valuable feature is its seamless integration capabilities, streamlining the process by eliminating the need for extensive installations."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"It needs to be simplified and made more user-friendly for a non-technical person."
"No possibility to write or edit any capability."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"You cannot create custom use cases."
"The documentation could be much clearer."
"Having a Zscaler-specific device could streamline this process and provide a more consistent user experience across diverse branches."
"The product is not reliable."
"Occasionally, there are certain delays in report generation."
"Occasionally, issues arise in the LogStack by a third party, particularly for government websites accessed by numerous users."
Microsoft Defender for Cloud is ranked 3rd in Cloud Security Posture Management (CSPM) with 46 reviews while Zscaler CSPM is ranked 22nd in Cloud Security Posture Management (CSPM) with 4 reviews. Microsoft Defender for Cloud is rated 8.0, while Zscaler CSPM is rated 8.2. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Zscaler CSPM writes "Secure and scalable internet access, maintaining stability, providing robust technical support and ensuring consistent policy enforcement across various user locations". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Zscaler CSPM is most compared with Wiz, Orca Security, Prisma Cloud by Palo Alto Networks and AWS Security Hub. See our Microsoft Defender for Cloud vs. Zscaler CSPM report.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
