We performed a comparison between Cisco SecureX and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions. Microsoft Defender for Cloud could use enhancements in automation and ease of use.
Service and Support: Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.
Ease of Deployment: Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.
Pricing: A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.
ROI: Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.
Comparison Results: Our users prefer Cisco SecureX over Microsoft Defender for Cloud. Cisco SecureX's centralized platform enables efficient management, and SecureX can aggregate data from multiple sources on one dashboard. Users appreciate the convenience and visibility it offers. Additionally, Cisco SecureX stands out with its valuable automation and orchestration tools, as well as its ability to integrate with third-party systems. Microsoft Defender for Cloud falls short in terms of integration with non-Microsoft solutions and needs improvements in pricing, support, and customization options.
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"Integrates well with our existing security infrastructure."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"The product has given us more insight into potential avenues for attack paths."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"Enhancing automation capabilities could further improve the product."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"what's missing right now is the multi-tenant capability."
"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"I would suggest building a single product that addresses endpoint server protection, attack surface, and everything else in one solution. That is the main disadvantage with the product. If we are incorporating some features, we end up in a situation where this solution is for the server, and that one is for the client, or this is for identity, and that is for our application. They're not bundling it. Commercially, we can charge for different licenses, but on the implementation side, it's tough to help our end-customer understand which product they're getting."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"The documentation could be much clearer."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"They could always work to make the pricing a bit lower."
Cisco SecureX is ranked 16th in Vulnerability Management with 13 reviews while Microsoft Defender for Cloud is ranked 7th in Vulnerability Management with 46 reviews. Cisco SecureX is rated 9.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Cisco SecureX is most compared with Microsoft Defender XDR, Trend Vision One, Cortex XDR by Palo Alto Networks, Splunk SOAR and Cisco AnyConnect Secure Mobility Client, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our Cisco SecureX vs. Microsoft Defender for Cloud report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.