We performed a comparison between Microsoft Defender for Cloud and Red Hat Advanced Cluster Security for Kubernetes based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the features that I like about the solution is it is both a hybrid cloud and also multi-cloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well. It offers a single-panel blast across multiple clouds."
"The solution's robust security posture is the most valuable feature."
"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."
"DSPM is the most valuable feature."
"It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network."
"The integration with Logic Apps allows for automated responses to incidents."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"The most valuable feature is the ability to share resources."
"The technical support is good."
"I like virtualization and all those tools that come with OpenShift. I also like Advanced Cluster Management and the built-in security."
"The benefit of working with the solution is the fact that it's very straightforward...It is a perfectly stable product since the details are very accurate."
"One of the most valuable features I found was the ability of this solution to map the network and show you the communication between your containers and your different nodes."
"Segmentation is the most powerful feature."
"The most valuable feature of the solution is its monitoring feature."
"Scalability-wise, I rate the solution a nine out of ten."
More Red Hat Advanced Cluster Security for Kubernetes Pros →
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"Red Hat is somewhat expensive."
"The solution's price could be better."
"The solution lacks features when compared to some of the competitors such as Prisma Cloud by Palo Alto Networks and has room for improvement."
"The documentation about Red Hat Advanced Cluster Security available online is very limited... So it's very limited to the documentation."
"The deprecation of APIs is a concern since the deprecation of APIs will cause issues for us every time we upgrade."
"The testing process could be improved."
"The solution's visibility and vulnerability prevention should be improved."
"They're trying to convert it to the platform as a source. They are moving in the direction of Cloud Foundry so it can be easier for a developer to deploy it."
More Red Hat Advanced Cluster Security for Kubernetes Cons →
More Red Hat Advanced Cluster Security for Kubernetes Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Container Security with 46 reviews while Red Hat Advanced Cluster Security for Kubernetes is ranked 16th in Container Security with 10 reviews. Microsoft Defender for Cloud is rated 8.0, while Red Hat Advanced Cluster Security for Kubernetes is rated 8.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Red Hat Advanced Cluster Security for Kubernetes writes "Provides network mapping feature for visualizing container communication but complex setup ". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Red Hat Advanced Cluster Security for Kubernetes is most compared with Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform, SUSE NeuVector, CrowdStrike Falcon Cloud Security and BMC Helix Cloud Security. See our Microsoft Defender for Cloud vs. Red Hat Advanced Cluster Security for Kubernetes report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
