Azure Key Vault vs Microsoft Defender for Cloud comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
605 views|446 comparisons
97% willing to recommend
Microsoft Logo
9,753 views|7,447 comparisons
95% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Azure Key Vault and Microsoft Defender for Cloud based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Azure Key Vault vs. Microsoft Defender for Cloud Report (Updated: March 2024).
770,765 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution does an excellent job of storing and retrieving our stored keys.""It stores sensitive information in an encrypted way. We don't have to worry about data loss or data theft because no one can see our information.""The security on offer seems to be quite good.""The most valuable feature is that you can retrieve user account details from the cloud.""We use Azure Key Vault to store secrets.""Among the features that have helped improve our security posture are storing secrets in a secure location to create a trusted situation, trusted resources, and incorporating identity access management so that we know who has access to what.""I am satisfied with the product overall.""This solution speeds up the product development life cycle. That is, the time from the development of the product to the time to market is drastically reduced because of the CI/CD pipelines. You can have your code deployed within a matter of minutes."

More Azure Key Vault Pros →

"The solution's robust security posture is the most valuable feature.""Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand.""The integration with Logic Apps allows for automated responses to incidents.""Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender.""It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it.""It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop.""Good compliance policies.""Threat protection is comprehensive and simple."

More Microsoft Defender for Cloud Pros →

Cons
"One area for improvement is the notification system for secret expiration. It would be beneficial if the service could handle this more autonomously, eliminating the need for additional integrations.""Inability to access the solution on the phone.""Azure has great documentation, but I would like to see more use cases pertaining to specific industries. For example, case studies on how to use HIPAA compliant solutions in the healthcare industry or how to use PCI compliant data analytics solutions in the financial technology industry would be helpful.""It needs to offer dynamic secrets management.""I can see that other people are doing the infrastructure as code, they are able to easily manage and cycle their passwords as needed using their own interface they created. It would be nice if Microsoft provided more guidance in that area.""I would like more code examples.""The solution needs to improve its cost.""We've experienced issues with configuration."

More Azure Key Vault Cons →

"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services.""Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research.""Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do.""For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful.""The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions.""The product must improve its UI.""From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it.""The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."

More Microsoft Defender for Cloud Cons →

Pricing and Cost Advice
  • "The cost of the Azure Key Vault is very high and the pricing model is based on the number of keys that you store and retrieve."
  • "The pricing is decent. It has a pretty low price. It is a straightforward cost based on usage."
  • "Pricing is quite reasonable and support is included, although premium support is available for an additional fee."
  • "Key Vault, like every Azure service, has a cost associated with it, but you don't have to spend thousands of dollars to spin up an environment to build a key management system. It's already there."
  • "The price of the solution is reasonable for what we are using it for."
  • "Azure is cheaper than CyberArk... CyberArk is good, but it's quite expensive."
  • "The price isn't high. Any sized organization could easily adopt it. The first 250 keys are available for $5 per month."
  • "The pricing is reasonable and flexible, especially for those already using Microsoft Azure Cloud services. There is a cost associated with retrieval and storage, which is a few dollars. Otherwise, the price can be customized according to requirements, such as how many keys need to be stored."
  • More Azure Key Vault Pricing and Cost Advice →

  • "I'm not privy to that information, but I know it's probably close to a million dollars a year."
  • "We are using the free version of the Azure Security Center."
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
    770,765 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Azure Key Vault is a SaaS solution. You can easily store passwords and secrets securely and encrypt them. Azure Key Vault is a great solution to ensure you are compliant with security and governance… more »
    Top Answer:With Azure Key Vault, we can generate our own keys and then import them inside the system, which provides a higher level of security than provider-managed keys.
    Top Answer:Azure Key Vault is a very, very expensive solution. Currently, the solution's pricing is based on the number of transactions, which is very high in some cases.
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a… more »
    Top Answer:The entire Defender Suite is tightly coupled, integrated, and collaborative.
    Top Answer:Our clients complain about the cost of Microsoft Defender for Cloud. Microsoft needs to bring the cost down. What we're doing to their detriment is simply lowering the amount of log retention we're… more »
    Ranking
    11th
    Views
    605
    Comparisons
    446
    Reviews
    32
    Average Words per Review
    424
    Rating
    8.8
    2nd
    Views
    9,753
    Comparisons
    7,447
    Reviews
    20
    Average Words per Review
    1,073
    Rating
    8.0
    Comparisons
    Also Known As
    Microsoft Azure Key Vault, MS Azure Key Vault
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Learn More
    Interactive Demo
    Overview

    Microsoft Azure Key Vault is a cloud-based data security and storage service that allows users to keep their secrets safe from bad actors.

    Benefits of Microsoft Azure Key Vault

    Some of the benefits of using Microsoft Azure Key Vault include:

    • Secure your secrets in a single central location, enabling you to control how your information is disseminated.
    • Keep your data away from bad actors. Application administrators can store their application’s security information away from the actual application. Microsoft Azure Key Vault reduces the chance that a bad actor will be able to leak an application’s secrets. Because the data is not stored in the code of the application, hackers will be unable to steal the security information.
    • Retrieve your information securely. When the information is needed, the application can securely retrieve it by using a uniform resource identifier (URI) to connect to Microsoft Azure Key Vault.
    • Securely store your digital keys and secrets. Microsoft Azure Key Vault stores data behind layers of security protocol. No one can access the information stored in a Microsoft Azure Key Vault without first obtaining the necessary authentication and authorization. The authentication process allows the system to figure out who is trying to access the vault in question. This process is performed by Azure’s Active Directory. After the person or entity is authenticated, Microsoft Azure Key Vault then assigns them a level of authorization. This determines what sort of actions they will be able to perform.
    • Choose from two different authorization options. The level of a user’s authorization can be either role-based or dictated by a policy that the administrator sets. Azure’s role-based access control (Azure RBAC) enables users to both manage and access stored data. A key vault access policy limits users to data access.
    • Secure your data in the way that best fits your needs. Your data can be protected by either industry-standard algorithm software or hardware security modules (HSMs). Your data is even safe from Microsoft, as the vaults are designed so that not even Microsoft can get in and access the information.
    • Easily monitor who accesses your vault(s). Microsoft Azure Key Vault enables administrators to keep a close eye on their secrets. Users can activate a vault-logging feature that will track every piece of information. It will record who accessed the vault, when they accessed it, and other pertinent details.
    • Choose how you want to store your logs. Users can store logs in multiple ways. These logs can be archived, sent to the Azure monitor logs area, or streamed to an events hub. The logs can be secured to prevent unauthorized viewing and deleted when they are no longer needed.

    Reviews from Real Users

    Microsoft Azure Key Vault stands out among their competitors for a number of reasons. Two major ones are the overall robustness of the solution and its ability to protect and manage many different digital asset types. The many features that the solution offers allows users to tailor their experience to meet their specific needs. Its flexibility enables users to accomplish a wide variety of security and identity management related tasks. It empowers users to secure a wide array of assets. Users can keep many different types of secrets away from bad actors.

    A cloud architect at a marketing services firm writes, “All its features are really valuable. It's really well thought-out. It's a complete turnkey solution that has all the concerns taken care of, such as access control and management. You can use it in infrastructure as code to create key vaults, APIs, PowerShells, CLIs, even Terraform. You can also use it in different services across the board. If you have app services, or virtual machines, Kubernetes, or Databricks, they can all use Key Vault effectively. In my opinion, in a DevSecOps, DevOps, or even in a modern Azure implementation, you have to use Azure Key Vault to make sure you're addressing security and identity management concerns. By "identity" I mean usernames, passwords, cryptography, etcetera. It's a full-blown solution and it supports most breeds of key management: how you store keys and certify.”

    Roger L., the managing director of Cybersecurity Architecture at Peloton Systems, says, “The most valuable aspect of the product is its ability to keep our admin password accounts for keys and a lot of our high-value assets. It can manage those types of assets. So far, the product does a great job of managing keys.”

    Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

    The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

    Sample Customers
    Adobe, DriveTime, Johnson Controls, HP, InterContinental Hotels Group, ASOS
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Financial Services Firm23%
    Security Firm4%
    Manufacturing Company4%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm13%
    Manufacturing Company8%
    Government6%
    REVIEWERS
    Computer Software Company24%
    Agriculture10%
    Recruiting/Hr Firm10%
    Consumer Goods Company10%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company8%
    Government7%
    Company Size
    REVIEWERS
    Small Business28%
    Midsize Enterprise23%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise66%
    REVIEWERS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise65%
    Buyer's Guide
    Azure Key Vault vs. Microsoft Defender for Cloud
    March 2024
    Find out what your peers are saying about Azure Key Vault vs. Microsoft Defender for Cloud and other solutions. Updated: March 2024.
    770,765 professionals have used our research since 2012.

    Azure Key Vault is ranked 11th in Microsoft Security Suite with 46 reviews while Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews. Azure Key Vault is rated 8.6, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Azure Key Vault writes "Allows us to securely store our keys to prevent unauthorized access to unwanted users". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Azure Key Vault is most compared with AWS Secrets Manager, HashiCorp Vault, CyberArk Enterprise Password Vault, AWS Certificate Manager and Delinea Secret Server, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our Azure Key Vault vs. Microsoft Defender for Cloud report.

    See our list of best Microsoft Security Suite vendors.

    We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.