We performed a comparison between Microsoft Defender for Cloud and Sysdig Monitor based on real PeerSpot user reviews.
Find out in this report how the two Cloud-Native Application Protection Platforms (CNAPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"My favorite feature is Storyline."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"The real-time detection and response capabilities overall are great."
"There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring."
"The management console is highly intuitive to comprehend and operate."
"The agentless vulnerability scanning is great."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"Technical support is helpful."
"The most valuable feature is that it's intuitive. It's very intuitive."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"Docker containers are completely supported, kind of like "first class citizens"."
"The ability to stop/pause and capture logs when something happens is the most valuable feature."
"The main area for improvement I want to see is for the platform to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is."
"Implementing single sign-on requires a pre-class account feature, which is currently not available."
"Crafting customized policies can be tricky."
"Bugs need to be disclosed quickly."
"We had a glitch in PingSafe where it fed us false positives in the past."
"A beneficial improvement for PingSafe would be integration with Jira, allowing for a more streamlined ticketing system."
"One of our use cases was setting up a firewall for our endpoints, specifically for our remote users... We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to."
"We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"The product must improve its UI."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
""Events" reporting (errors, crashes, etc.) is not clear at all in a Mesos environment (i.e., it's not clear what specific container is the one that went down). In a Docker Compose environment, it may be way better."
"It is needs to automate the actions to take when an alert is triggered."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Earn 20 points
Microsoft Defender for Cloud is ranked 3rd in Cloud-Native Application Protection Platforms (CNAPP) with 46 reviews while Sysdig Monitor is ranked 22nd in Cloud-Native Application Protection Platforms (CNAPP). Microsoft Defender for Cloud is rated 8.0, while Sysdig Monitor is rated 7.6. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Sysdig Monitor writes "The ability to stop and capture logs when something happens is the most valuable feature". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Sysdig Monitor is most compared with CrowdStrike Falcon Cloud Security, Prisma Cloud by Palo Alto Networks and Dynatrace. See our Microsoft Defender for Cloud vs. Sysdig Monitor report.
See our list of best Cloud-Native Application Protection Platforms (CNAPP) vendors.
We monitor all Cloud-Native Application Protection Platforms (CNAPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.