We performed a comparison between Azure Key Vault and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Azure Key Vault is the secret storage of data."
"Azure Key Vault's performance is excellent. It makes infrastructure management easier."
"We only use the basic features and those are the ones that have the ability to tie into the app, the secrets, and the passwords and encrypt them."
"The solution can scale up as needed."
"Azure Key Vault allows only identified users to get the credentials and rotates the keys automatically."
"I am satisfied with the product overall."
"The solution does an excellent job of storing and retrieving our stored keys."
"The solution's technical support is good. My company received support from Microsoft whenever we needed it."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"Good compliance policies."
"It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening."
"The technical support is very good."
"It is complicated to use different services and products along with Azure Key Vault."
"The solution does not allow you to integrate with XML parties if it is not inside Azure itself."
"If multiple clouds are to be used it can be difficult and a third party should assist in the implementation."
"The slow response from the support team is one of the shortcomings of the solution that needs to be improved."
"The solution could be cheaper."
"It would be great if Azure allowed more third-party vendors into the ecosystem."
"I can see that other people are doing the infrastructure as code, they are able to easily manage and cycle their passwords as needed using their own interface they created. It would be nice if Microsoft provided more guidance in that area."
"It needs to offer dynamic secrets management."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
Azure Key Vault is ranked 12th in Microsoft Security Suite with 46 reviews while Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews. Azure Key Vault is rated 8.6, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Azure Key Vault writes "Allows us to securely store our keys to prevent unauthorized access to unwanted users". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Azure Key Vault is most compared with AWS Secrets Manager, HashiCorp Vault, CyberArk Enterprise Password Vault, AWS Certificate Manager and Delinea Secret Server, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our Azure Key Vault vs. Microsoft Defender for Cloud report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
