These Microsoft Defender solutions focus on cloud security and target different aspects. They are complementary solutions, working together for a comprehensive cloud security strategy.
Defender for Cloud Focuses on securing your entire cloud environment, including infrastructure, workloads, and platforms. It offers Cloud Security Posture Management (CSPM) and DevSecOps functionalities, identifying vulnerabilities, misconfigurations, and recommending remediation steps. It can extend beyond Azure to AWS, GCP, and on-premises environments.
Defender for Cloud Apps primarily secures user access and data within SaaS applications. It offers features like Data Loss Prevention (DLP), User and Entity Behavior Analytics (UEBA), and Adaptive Access Control (AAC). It integrates with Microsoft Defender XDR for a broader security view.
For more reviews and insights about Microsoft's security solutions, get our Microsoft Security Suite guide.
"The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"Threat protection is comprehensive and simple."
"The solution's robust security posture is the most valuable feature."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"The most valuable feature of this solution is its monitoring."
"Defender helps us control which applications are being used and gain more security insight into remote and hybrid users based on user identity and log in location. You can also integrate Defender for Cloud Apps with Defender for Endpoint to extend its capabilities."
"The most valuable feature is its policy implementation."
"I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent."
"Better logging allows us to find problems and take appropriate steps to lock them out."
"The product helps us with privileged identity management to control who has access to what and for how long."
"The most valuable feature is the seamless integration across different clouds."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"The product must improve its UI."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"You cannot create custom use cases."
"We sometimes get errors when we create policies, which is somewhat annoying because some policies stop working due to misconfigurations. We find this challenging because it limits our options for troubleshooting an issue."
"I want them to enhance in-session policy."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"Defender could integrate better with multi-cloud and hybrid environments. It requires some additional configuration to ingest data from non-Azure environments and integrate it with Sentinel."
"Generally, the pricing can always be improved along with the management system."
"I would prefer to have filtering options incorporated within the policies, enabling the solution to perform tasks beyond mere blocking or allowing."
"Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."
"Defender for Cloud apps is primarily useful for Azure apps. It has limited capabilities for applications based on other cloud platforms."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews while Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews. Microsoft Defender for Cloud is rated 8.0, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR. See our Microsoft Defender for Cloud vs. Microsoft Defender for Cloud Apps report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
