We performed a comparison between Microsoft Defender for Cloud and Tenable.sc based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Microsoft Defender for Cloud focuses on regulatory compliance, ransomware protection, and access controls, while also providing real-time assessment, incident alerts, and UEBA features. On the other hand, Tenable.sc's strengths lie in accuracy in vulnerability detection, prioritization, automation, and risk-based approach. In terms of room for improvement, some users have cited issues with Microsoft Defender for Cloud's reporting capabilities and ease of use. On the other hand, Tenable.sc users have mentioned a need for more user-friendly interfaces and better integration with other security tools.
Service and Support: Some Microsoft Defender users faced challenges with slow response times and difficulty reaching the appropriate support level. Tenable.sc's support is generally positive, with some users finding it prompt and helpful, but others reporting delays and a lack of helpful information.
Ease of Deployment: The setup process for both Microsoft Defender for Cloud and Tenable.sc is reportedly easy, with Microsoft's requiring less maintenance. However, the on-prem version of Tenable.sc can take longer to deploy and needs integration with other solutions.
Pricing: The cost of Microsoft Defender for Cloud depends on the license and metrics, but is often seen as reasonable. Tenable.sc's pricing is based on the number of addresses to be scanned and can include extra costs for advanced support, leading to mixed opinions on its affordability.
ROI: Microsoft Defender for Cloud and Tenable.sc are two different tools that offer unique benefits. Microsoft Defender for Cloud has improved security measures and saved time, while Tenable.sc is useful for reducing the workload and has impressive reporting features.
Comparison Results: Microsoft Defender for Cloud is the preferred option over Tenable.sc due to its comprehensive cloud environment features, including regulatory compliance, ransomware protection, and access controls. Tenable.sc has accurate vulnerability detection and a user-friendly interface, but it lacks some critical cloud environment features and has mixed reviews on customer support and pricing.
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"Good compliance policies."
"Technical support is helpful."
"DSPM is the most valuable feature."
"Provides a very good view of the entire security setup of your organization."
"Tenable Security Center scans networks and gives reports."
"It's a very useful tool."
"I found the dashboard features very useful. It made it easy to track remediation progress. I could publish dashboards to remediation teams and track the progress on the dashboards."
"The product is our second solution, and we are happy that it meets our requirements."
"I like Tenable.sc's analytics and reporting. You can also configure your on-prem network monitors to talk to your Tenable.sc control panel."
"The solution is completely stable and operation is user-friendly."
"The Auto-Remediate feature is good."
"I think that this is a good solution for evaluating vulnerability in the network."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"They could always work to make the pricing a bit lower."
"The most significant areas for improvement are in the security of our identity and endpoints and the posture of the cloud environment. Better protection for our cloud users and cloud apps is always welcome."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
"Sometimes, it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or certain kinds of products. That's not an issue directly with the product, though."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"I felt that there was disconnection in terms of understanding the UI. The communication for moving from the old UI to the new UI could be improved. It was a bit awkward."
"The biggest issue I have with the solution is when I'm using the scanning it picks up the original DNS of that device. That means, before we image it and actually change the DNS to something within our company structure, it'll just be random numbers and letters and Tenable will stick to that DNS for a long time."
"Tenable SC can improve by making it easier to create complicated reports and have more effectiveness in the remediation area for comparison between the scans."
"I will say it's a lot slower compared to an MS scan. It takes so much longer, so the performance could definitely be worked on."
"The tool's initial configuration is not so easy."
"Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers."
"Current web page needs improvement, slows down processes."
"The reporting needs a lot of work on the template."
"I think the vendor training provided for Tenable.sc could be a lower price. It's quite expensive for the training."
Microsoft Defender for Cloud is ranked 7th in Vulnerability Management with 46 reviews while Tenable Security Center is ranked 1st in Vulnerability Management with 48 reviews. Microsoft Defender for Cloud is rated 8.0, while Tenable Security Center is rated 8.2. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Tenable Security Center writes "A security solution for vulnerability assessment with automated scans". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Tenable Security Center is most compared with Tenable Vulnerability Management, Qualys VMDR, Tenable Nessus, Rapid7 InsightVM and XM Cyber. See our Microsoft Defender for Cloud vs. Tenable Security Center report.
See our list of best Vulnerability Management vendors and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.