Share your experience using Panorays

I mostly use Amazon Inspector for vulnerability scanning on AWS native applications. For hybrid applications, we have different security scanners.

I assess that the integration part with CloudTrail and CloudWatch is good for application monitoring. CloudTrail basically creates the trail. CloudWatch is mostly for native application monitoring, but it's not something we can use as a centralized monitoring tool. It's not a tool that can be used as a security incident event management SIEM solution. It's a monitoring tool for native applications.

They might launch support for third-party environments in the next version regarding the best features in Amazon Inspector from my perspective.

The false positive rate of Amazon Inspector is a little high, and it is not covering all different applications and scanning. It mostly covers specific native applications, and I think as per my understanding, it doesn't cover third-party environments or hybrid environments.

I have been working with Amazon Inspector for approximately six to seven years.

My experience with AWS technical support is very good. I didn't face any specific challenges, and even the documentation of AWS is good for both Microsoft, which is Azure, and AWS.

Positive

The setup of Amazon Inspector is straightforward. It's not a very simple implementation.

I am not honestly sure about the pricing side of Amazon Inspector, but that is taken care of by a separate team. I believe it's cheaper than the other third-party solutions.

My advice is that Amazon Inspector is a good tool for covering the cloud environment, but if organizations want to go with a hybrid environment, there are other solutions that are much better than Inspector.

On a scale from one to ten, I rate this solution a six.

Microsoft Secure Score can mainly be used for calculating security principles in your environment. For example, if you have modern authentication, your score will increase by 1%. If you have legacy authentication, your score will decrease by 0.5%. If you have your admin account as a cloud-only account, you receive a certain score. If you are blocking access from different countries where your business is not operating, you will get 0.1%. In Exchange, when modern authentication is used instead of legacy versions, the score increases. In all Microsoft 365 aspects, Microsoft provides recommendations for security controls, and based on how much we implement these recommendations, the score increases.

The biggest advantage of the product is that all security principles come in M365. There are numerous benefits as all data, communication, and business operations exist in M365. All security tools are useful to cover data inside M365, including access, Windows sign-in, and everything else. It serves as an all-in-one solution.

Regarding reporting, in one view we can determine our current security posture. In one overall report, we get all security principles recommendations, what we have done, and the benefits.

Microsoft Secure Score is not only for identity and access protection but for the whole M365 environment. The score is available for Exchange, Purview, Data Loss Prevention, EDR, XDR solution, Entra, InTune, SharePoint, and everything else.

The recommendations come directly from Microsoft, and we proceed based on their guidance.

In the Microsoft Secure Score portal, we can easily determine whether we can implement specific recommendations based on our license. For instance, if there are 5,000 users in an organization and a recommendation is implemented for 3,500 users, the report will reflect this partial implementation. The score will increase by 0.75% instead of 0.1% because the recommendation was only applied to 3,500 users.

The security score can be divided into categories such as Identity Access Management, Data Security, Exchange, SharePoint, and InTune. We can easily determine how much the secure score has increased in each separate aspect. This makes it simple to identify areas where cloud apps score lower and identity scores higher, allowing for targeted improvements.

There are some technical limitations where certain features might support Windows but not Android devices. The compatibility between Windows and macOS also shows significant differences. Microsoft continuously works on improvements, and when we find issues and report them to Microsoft, they address them.

To get full benefits from the EDR solution, Microsoft EDR solution needs to be set as the primary antivirus in the system. Without this configuration, many features cannot be accomplished.

A specific example occurred in a recent project where the requirement was for emails sent outside the organization to require manager approval before being sent. While the approval system works on Windows, it does not support Android devices, limiting the functionality on mobile platforms.

I have been using this solution for almost three years.

There are stability issues present, as with any tool. Latency issues occur for some clients, requiring cases to be raised with Microsoft to get fixes. However, these issues are not widespread.

The solution is completely scalable and flexible. Manual intervention has been highly reduced compared to one, two, three years ago.

The technical support from Microsoft is very good, with only one out of ten customers experiencing issues.

Positive

The installation of Microsoft Secure Score is seamless. It requires downloading and enrolling a device, after which the device can be managed. The installation includes all Office 365 tools in one package, which is highly beneficial. Once enrollment is completed, the device will be under control. The solution works without requiring any agents to implement policies.

Microsoft Secure Score offers better pricing because all security tools are included in one payment. Purchasing EDR solution, Data Loss Prevention solution, compliance manager tool, and data backup separately would be more expensive, but this solution covers everything in one licensing cost.