Microsoft Defender for Cloud Primary Use Case

HS
IT Architect at a real estate/law firm with 10,001+ employees

We have deployed Microsoft Defender for Cloud to identify vulnerabilities across various log sources for our client.

We implemented Defender to improve the security posture of our client's landscape.

View full review »
Anurag Awasthi - PeerSpot reviewer
Senior Consultant at HCL

The solution provides a security score based on the environment and gives recommendations for improving that score. For example, a manual server may require patches to strengthen security, and MS Defender for Cloud informs us. We can also run a vulnerability assessment in the background of work processes to detect server vulnerabilities. We primarily operate a hybrid cloud environment with some specific on-prem integrations.

One of our clients, operating in the electronics industry, has around 1,300 endpoints, 700 users on the Windows server, and 300 other devices. There are also 100-150 users on Unix servers.

We use multiple Microsoft security products, including Defender for Cloud, Sentinel, and Defender for Endpoint. The products are integrated, and there is nothing complicated about integrating them; we provide the APIs or the credentials, and they are automatically integrated.

View full review »
Srikanth Matsa - PeerSpot reviewer
Senior DevOps Engineer at a tech services company with 501-1,000 employees

Our company policy is to onboard all the resources, which are supported by Microsoft Defender because it gives us a good amount of recommendations regarding security and vulnerability issues. We have a lot of new users that are not familiar with security protocols and the solution helps protect our systems. Some people don't have experience with security measures like enabling HTTPS, and FTPS security, setting up encryption on virtual machines, or they don't know how to set up private endpoints. For someone who is new, or doesn't have a lot of experience in this field, it is difficult to monitor everything. Microsoft Defender provides recommendations based on severity. High-severity recommendations are more important, while low-severity recommendations may not be as critical. Security reviewers can review all recommendations to make sure they are appropriate. Microsoft Defender is important for a whole variety of reasons, one of which is that it can help improve the security posture of our environment. This is important for organizations of all sizes but is particularly critical for businesses that are delivering services to customers.

View full review »
Buyer's Guide
Microsoft Defender for Cloud
March 2024
Learn what your peers think about Microsoft Defender for Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
ES
CEO at Wood IT Security

I use the solution for threat hunting. We've installed it on a lot of devices. I look for specific version numbers or threats within the environment.

View full review »
Junior Pierre-Toussaint - PeerSpot reviewer
Senior Information Technology Security Officer at CLEAR (clearme.com)

Defender for Cloud is used for scenarios, including internal threats, threat hunting, in-depth analysis, and scanning the environment. We don't use Microsoft Defender for ATP or Sentinel for our security score, we have a third-party solution.

View full review »
Nimesh Aggarwal - PeerSpot reviewer
Principal Consultant - Cyber Security & Cloud Infra. at RPS Consulting Pvt. Ltd.

We typically use Azure Defender for securing our infrastructure-based virtual machines and database solutions on the Azure subscription. We've integrated a couple of the Defender agents into our on-premise servers too.

View full review »
IS
Senior Cloud Solutions Architect at a tech services company with 11-50 employees

Defender for Cloud is a unified platform. Within that, you have Defender for virtual machines, Defender for Servers, Defender for App Services, and Defender for Containers. It is a centralized solution, which you can leverage to bring your security practices in place so centralized security auditing can be done. 

You can use it for approximately 90% to 95% of Azure workloads for infrastructure, platform as a service, or database as a service. You can use it for all these.

I am working for a service-based company. We provide Azure Cloud Services. We are a Gold-Certified partner from Microsoft in the GCC region. We are the only ones for whom Microsoft hands over their business. 

We mostly use it for public cloud, but it can also be used with hybrid cloud and on-premises. We also use private clouds with government entities.

We have had many customers where we deployed this solution. They are secured and guarded by this solution, so they are happy now.

It can be done as a multi-regional deployment.

View full review »
PratikSavla - PeerSpot reviewer
Principal Product Security Officer at a tech vendor with 201-500 employees

Defender acts as a CSPM solution, a post-share management solution for cloud security. We use it to find weak spots in our cloud configuration and strengthen the overall security posture of our cloud environment. With this particular tool, we seek to protect workloads across various environments. We have about 3,000 endpoints and 100 users in the United States alone. 

View full review »
Nicolo-De Jesus - PeerSpot reviewer
Senior Information Security Manager at a recruiting/HR firm with 1,001-5,000 employees

We use Microsoft Defender for Cloud to manage our cloud security posture. We also use Container Protection, which provides additional security for our containerized workloads. This gives us the visibility we need to ensure that our cloud resources are secure.

View full review »
KK
Modern Work and Security Lead at Cloud Productivity Solutions

I use it for managing our customers' server vulnerability assessments for regular and SQL servers. I also use it to get a security score for the resources of our customers that are on Azure, as well as security posture management. 

We also have regulatory benchmarks to audit our customers' resources that are on Azure to check whether they're meeting regulatory standards like ISO 27000.

View full review »
RonBrouwer - PeerSpot reviewer
Architect Information Security at a agriculture with 1,001-5,000 employees

We use Microsoft Defender for Cloud as one of the sources for our Azure environment. We have a managed detection response solution, and we add data sources to it, like SOC, SIEM, and SOAR solutions. We also want to have data in our Azure cloud environment.

We deploy this solution in multiple regions like Europe and Oceania.

We have multiple solutions like our data analytics platform and our system development platform. Our web shops use it. Almost everything is in the cloud.

We have approximately 2,000 end users.

The solution is deployed on the Microsoft Azure cloud.

View full review »
HJ
Cloud Architect at CloudShapers

My client, a construction company, needed to replace their antivirus solution, including their Azure and on-prem services. They decided they wanted to use Defender for Cloud, so I started to implement it for them. The license for their antivirus software was about to expire, and they didn't want to spend much money. They opted for Defender for Cloud to replace Symantec. System Center (endpoint protection), Security Center and Advanced Threat Protection were all consolidated into one product called  Defender for Cloud. 

The company I worked for was divided into several teams. We had an Azure Infrastructure team and workplace teams providing local on-premise services. The client was the biggest construction company in the country, with multiple locations. 

The strong point of Defender, especially when using Azure Arc to bring in on-premises systems, is that it doesn't matter where these systems are. They're just resources in the portal. If you see them and can install agents on them, it's fine. It doesn't matter how it's distributed or where the locations are. 

View full review »
SF
Network & Security Manager at SNP Technologies, Inc.

Typically, when we have a scenario where a client wants to migrate their resources to Azure, they might migrate their IaaS platforms, such as virtual machines; they might migrate their applications or their databases; they could also migrate into Kubernetes services. There are a variety of projects. I work for many types of customers where all these different scenarios are involved, including applications, app services, database as a service, IaaS by default, and Kubernetes.

View full review »
Hari Prasad M - PeerSpot reviewer
Senior Security Engineer at a tech company with 1,001-5,000 employees

I have a highly specific use case for Azure Defender, so I don't think I've used most of its features. We primarily use it to secure Kubernetes clusters in other cloud environments. For example, I have Kubernetes in Amazon AWS, and we're trying out Azure Defender to protect those Kubernetes clusters.

We also use Defender to scan the image repositories held in Azure Container Repository or ACR. We use Defender plus Azure ARC and Windows Defender. All three products work in conjunction to give us some security insights into our cluster.

View full review »
Daniel Piessens - PeerSpot reviewer
CEO at RevealRx LLC

We use it to manage the overall compliance of our products.

View full review »
NS
Security Analyst at a financial services firm with 10,001+ employees

We use Defender for network security.

View full review »
JJ
Managing Partner at Digitaiken

We had multiple use cases at my previous company. I changed companies during their implementation stages of this solution. From what I saw, the solution has a good use case for SIEM.

View full review »
AA
Manager at a tech services company with 10,001+ employees

I work as a SOC manager. We use it for incident security, incident monitoring, threat analysis, and looking at remediation or suppression.

View full review »
DD
Senior Architect at a tech services company with 10,001+ employees

We are working for a major client in the UK. So, we are moving all the products of clients from their on-premises environment to the cloud. One of the biggest challenges we face, “Once the infrastructure is created in the cloud, how can we make sure that the infrastructure is secure enough?” For that purpose, we are using Azure Security Center, which gives us all the security loopholes and vulnerabilities for our infrastructure. That has been helpful for us.

View full review »
VA
Senior DevSecOps Engineer at a consumer goods company with 11-50 employees

I use this solution in two different scenarios. The first is for the security and monitoring of Azure accounts. Another is for SIEM integration and the Azure Gateway WAF. Essentially, it's a one-stop solution where you can integrate all of the other Azure security products. This means that instead of maybe going to Firewall Manager, Azure Defender, or WAF, you can have all of them send statistics or logs to Azure Security Center, and you can do your analysis from there.

View full review »
DS
Azure Solution Architect at a tech services company with 10,001+ employees

We use the solution internally.

Azure Security Center works with Azure Defender. Azure Defender is used for identifying the vulnerabilities and loopholes inside our system that we can deploy on multiple layers either from the subscription level, the source level, or on the devices. You can connect multiple devices to this. That's not specific to only servers. You can connect with ER80 as well as SQL servers. Most of the services are covered within the Microsoft Defender.

View full review »
Daniella Duran - PeerSpot reviewer
Business Analyst at a agriculture with 10,001+ employees

There were many use cases. We were monitoring auto IT applications and creating internal processes to understand which ones were going to be allowed and which were going to be blocked. We created the policies internally. 

It's an IT tool to monitor employees' usage on the internet and of web apps. We created policies so that, for example, when employees reached certain websites, like games, they would be blocked. We created a message for the email that they would receive, and there were links for whom to contact if they needed to override it. We created all the processes behind it.

View full review »
SL
Student with 1,001-5,000 employees

I work on micro-segmentation for my master's thesis, and I was looking for ways to implement micro-segmentation using Defender. I work on the assumption that small businesses can't implement expensive virtualization solutions, so I'm looking for alternatives to implement micro-segmentation for their network security.

I use the latest version of the solution.

It's a test deployment. I created the entire network. It's more like a laboratory setup.

View full review »
Drew Moen - PeerSpot reviewer
CEO / Owner at a tech services company with 11-50 employees

We have a managed detection and response solution, a type of SOC/SIEM/SOAR product, and we are adding data sources to our solution. We want to have data for our Azure cloud environment as well, so we use Microsoft Defender for Cloud as one of the sources for our Azure environment.

We use it as an extra way to gain trust for our environment. We have purposely secured the total Azure cloud environment with firewalls, application gateways, et cetera, but we also want to have trust in our resource groups. That's an extra line of defense we have for our security.

View full review »
TD
Global Cloud Security Architect at a consumer goods company with 5,001-10,000 employees

It is our main solution for our Azure cloud infrastructure. We do about 1.1 million dollars in cloud spending every year. It's a quite big infrastructure and pretty much in our main system and we are planning on integrating with Microsoft Sentinel, which is going to be our SIM solution. Right now we don't use a Microsoft solution, however, Microsoft Sentinel is very complete and we're excited to dive into a POC. Right after I joined the company, that was one of the first things that I advised them to do and a couple of weeks later, we caught at least two big vulnerabilities that could have caused a catastrophic problem for our business. That's a true testament to the power of the tool.

View full review »
SS
Information Security Specialist-Associate Consultant at a tech services company with 5,001-10,000 employees

We use Microsoft Defender to scan for vulnerabilities related to any container or server in the cloud environment in Azure. Microsoft Defender suggests recommendations and security alerts according to the default framework. We can also use other frameworks like ISO benchmarks to assess our infrastructure and get recommendations on what can be fixed.

The solution is deployed on a public cloud, and Azure is the cloud provider.

We use Microsoft Defender for Cloud to natively support Azure.

We are resellers. We customize the solution and sell it to clients.

View full review »
RP
Associate Principal - Cloud Solutions at Apexon

We are primarily using Azure Security Center to bring a level of security into the environment. Before I started to work with this solution, I was a Kubernetes and Azure Cloud architect. I was working for a service provider where I did not get the opportunity to look at how do they secure the resources, but in the last one and a half years, I had to get into those aspects because the organization I was working for wanted to introduce Kubernetes into the ecosystem, and the main concern was regarding all the hacking that was going on. For introducing Kubernetes as a platform, all business managers wanted to know if it was secure or how to make it secure. We started to look at Azure Security Center and its capabilities because Azure was their main solution. We also used AWS and GCP to some extent, but predominantly, we had Azure. So, we first took Azure Security Center and started to leverage its features.

View full review »
EV
IT Advisor / Principal Architect at a tech services company with 1-10 employees

We use Microsoft Defender for Cloud for our cloud security.

View full review »
MS
Cloud Architect at a legal firm with 5,001-10,000 employees

Security is at the forefront of everything that we have been doing, fundamentally. Both in my previous organization and the current one, Azure Security Center has given us a great overview of the current state of security, through the recommendations given by Microsoft. There are potential situations where risk exists because you're not compliant with a specific recommendation, or to specific regulatory compliance. Such guidance is critical for us.

We implement a wide range of solutions in our environment. We have solutions that are purely SaaS. We have some things that are just purely IaaS, and, of course, we have PaaS for services as well. So, we really have a wide range of deployments on all services as a service.

View full review »
OB
Cloud & Infra Security, Group Manager at a tech vendor with 10,001+ employees

This solution replaces, in many ways, the on-premises operations manager that used to be part of the System Center.

View full review »
MP
Cybersecurity Student at a university with 1,001-5,000 employees

I primarily use the solution just for the networking of virtual machines.

View full review »
BN
Senior Project Engineer at a tech services company with 10,001+ employees

I am from a Citrix background and in our organization, we implement solutions and provide them to end-users. In our past couple of deployments, we have been using hybrid cloud scenarios where the complete workload is on the Azure platform and the management is done on the Citrix cloud.

The workloads include tasks for Windows 7, Windows 8, and Windows 10 devices, and they are all running on Azure. We have to make sure that they are compliant with our organization's security standards, which is why we are using the Azure Security Center.

We integrate each workload with the Azure Security Center, where we can use things like Azure Defender and use the Azure Log Analytics Workspace.

Our environment is completely virtual. We have a virtual desktop infrastructure, like a Desktop as a Service.

View full review »
Thiago Alves De Santana - PeerSpot reviewer
Cyber Security Specialist at a tech services company with 1,001-5,000 employees

We use it to keep our Azure infrastructure up to date with the security best practices that Microsoft suggests. We also use it to have better visibility into changes in our databases.

View full review »
MK
Security architect at a retailer with 10,001+ employees

Primary use case of this solution has changed depending on the company I've been working in. In my previous job they were using it as a CWPP, cloud workload protection. In my current job it's used for the same purpose but we also use it for monitoring security policies, to enforce new policies and audit them. We also use it to meet some of the compliance requirements as well. We're partners with Azure and I'm the cloud security design lead. 

View full review »
AP
Senior Consultant at a recruiting/HR firm with 51-200 employees

We use Azure Security Center in our own company, and we have also deployed it for one of our clients. Our biggest use case is the enforcement of regulatory compliance on our cloud.

View full review »
DB
Sr Cybersecurity Engineer at a computer software company with 10,001+ employees

We are using Azure Security Center for software development.

It's a cloud service that includes the security center and tailoring certain options.

View full review »
GT
Founder & CEO at Cloud Steroids

We are consultants and we have customers using Azure Defender for the protection of their businesses. Many of our customers are in the financial industry.

View full review »
JJ
Cyber Security Consultant at a tech services company with 10,001+ employees

I am working in a security domain where Azure Security Center is playing a key role. We are primarily using Azure Security Center to secure our infrastructure. We are also able to use Azure Security Center for many other purposes.

In terms of deployment, we have a hybrid cloud. It is a combination of both on-prem and cloud. Azure Security Center is deployed on-prem, and then there are OMS agents that are provided by Microsoft that can be installed at any location, such as on-prem or on the cloud. These agents collect Windows and Linux logs from the machines on various clouds for Azure Security Center, which is something interesting for me.

View full review »
SV
Cloud Architect at a pharma/biotech company with 10,001+ employees

We are using this solution to implement our CAS policy and it monitors compliance with the Security Center.

Also, we use it for thereat protection. It detects any threats and provides threat recommendations.

View full review »
PW
Senior Security Architect at a transportation company with 5,001-10,000 employees

Our primary use case of this solution is to monitor infrastructure. I'm a senior security architect and we are customers of Azure Security Center. 

View full review »
Buyer's Guide
Microsoft Defender for Cloud
March 2024
Learn what your peers think about Microsoft Defender for Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.