Microsoft Defender for Cloud Reviews

My main use cases for Microsoft Defender for Cloud include application protection and Azure protection, as I use it for all our Azure infrastructure and everything.

The biggest benefit of Microsoft Defender for Cloud for us is specifically around being able to identify threats very quickly and being able to shut them down. As a small organization, the extra help with the tools makes it significantly better.

I do not think there are any features of Microsoft Defender for Cloud that I dislike. It is mainly the ease of use and the visibility that I have with my entire estate going through it that makes it better.

I find it difficult to answer how Microsoft Defender for Cloud can be improved or what additional features should be included in the next release because there is so much more coming out that I need to get my hands around first. Sometimes if you do not have the resources in-house, it can be difficult.

I have been using Microsoft Defender for Cloud for seven years.

I assess the stability and the reliability of Microsoft Defender for Cloud as excellent. I have not experienced any crashes or downtime, although sometimes it takes a little bit longer to provide feedback than I would expect, but there is no real downtime or anything.

Microsoft Defender for Cloud scales well with the growing needs of my organization because it is just so easy to deploy. It is plug and go, so as the organization grows, it is just there. It is just a click button and there it is.

I have not really expanded usage of Microsoft Defender for Cloud yet, but we will get there.

On a scale from one being the worst and ten being the best, I would rate my customer service and technical support experience with Microsoft Defender for Cloud at about an eight.

I would give it an eight because we have our account managers and everything else that we deal with. They are very responsive and always eager to help, so it is really great to have that interaction with them.

Prior to adopting Microsoft Defender for Cloud, I was using another solution, Sophos, but that was short-lived because we are a Microsoft ecosystem, so I decided that Microsoft would be the best choice to look after us.

I would describe my experience with deploying Microsoft Defender for Cloud as very simple.

I did not face any challenges at all with Microsoft Defender for Cloud.

I have seen a return on investment with Microsoft Defender for Cloud.

The data points I can share regarding Microsoft Defender for Cloud are that the time saving is significant. As a small organization, what was taking me two days to do an investigation, I am now managing to complete that within a couple of hours. The time investment of my own and my staff probably saves us on average about 10,000 pounds a month.

My experience with the pricing, setup costs, and licensing of Microsoft Defender for Cloud is that it is very simple. It is just click and go, really.

The only other solution I considered before selecting Microsoft Defender for Cloud was really Sophos. Outside of that, Microsoft Cloud was the clear winner.

When deploying AI applications, my key security concerns with Microsoft Defender for Cloud are data loss, leakage of data, and guardrails around the actual AI, and I am hoping that this is going to help me put those guardrails in place and identify data exfiltration.

Microsoft Defender for Cloud has not helped me manage and secure multi-cloud environments, as we are 100 percent Microsoft and have not really got it in any other environment at all.

I am not yet using the unified AI-powered security feature offered by Microsoft Defender for Cloud, but that is coming.

I am not yet using the integrated XDR feature of Microsoft Defender for Cloud, but that is coming.

I am not yet utilizing the GenAI threat protection features of Microsoft Defender for Cloud. That is also coming and a lot of that will come from learning it here.

I have enabled the agentless scanning in my cloud environment with Microsoft Defender for Cloud.

Assessing the impact on my workload protection without needing to install agents with Microsoft Defender for Cloud makes it a lot easier, but it also identifies a lot more, which puts more load on me sometimes.

I would advise another organization considering Microsoft Defender for Cloud that it is the most logical route to follow if their whole ecosystem is Microsoft. It is easy to implement and it is very self-explanatory when doing it, making sense to just follow the steps as it is too simple, really.

I would rate this review a 7.5 out of 10.

Microsoft Defender for Cloud is the only product used for cloud security. We don't mix products in Azure or in the cloud, and we use Defender for pretty much everything.

The integrated XDR feature from Microsoft Defender for Cloud collects all information into one portal, and this has been deployed.

Microsoft Defender for Cloud does help secure the multi-cloud environment. At this stage, we don't do a lot of multi-cloud as we are a hugely Azure shop. We are not using it for anything from AWS or other cloud providers. We are an Azure-focused organization.

Almost all the features of Microsoft Defender for Cloud are in use. Protection features, including Virtual Machine protection, are being used across the entire range of capabilities, with pretty much all features enabled.

The features of Microsoft Defender for Cloud are valuable because they do the job effectively. Additionally, there is trust in the Microsoft ecosystem because as a company, Microsoft has a very huge budget for security. Cloud security is something you cannot afford to deploy entirely by yourself, but if you use multi-tenant services where multiple people share the cost, you get the best of what's available in that format. Microsoft is really at the top when it comes to security, both within the Microsoft ecosystem and in tech generally. There is no better tool found to protect workloads in Azure than Microsoft Defender for Cloud.

AI security features from Microsoft Defender for Cloud are being planned for rollout. There is an AI protection feature that hasn't been enabled yet, but enabling it is being considered. Some of these AI features are new, so we are taking a measured approach. The team needs to first learn and upgrade in terms of knowledge before we can start exploring AI capabilities, but it is on the list of things to expect.

Copilot and similar features are already being used, though not necessarily for Microsoft Defender for Cloud specifically. We are trying to get more experience before rolling out most of Microsoft Defender for Cloud's AI capabilities. This is definitely on our to-do list, and the priority is urgent as we seek to learn more about these capabilities.

The GenAI threat protection from Microsoft Defender for Cloud has not been enabled yet. There are many unknowns with AI applications. AI agents will operate while you're not present, whether you are sleeping or awake, and it's unclear whether there would be any exfiltration of data or how data is being managed. Microsoft Purview is being used extensively, and there is significant development going on with DSPM that will be rolled out to address security concerns. Data labeling and proper demarcation for sensitivity of data before it is received are being actively pursued.

Microsoft Defender for Cloud was started several years ago, but recent rollouts have been completed for customer and customer workloads in Azure. Investigation began much earlier when Microsoft released the product, and deployment for clients in the cloud became comfortable after establishing confidence in the solution.

XDR from vendors like Sophos was considered at times. However, bringing in too much ecosystem or too many products is not really helpful. Having just one pane of glass within Microsoft is more beneficial, and there is no better option than Microsoft when it comes to these capabilities. Therefore, there is no reason to use multiple solutions.

The pricing for Microsoft Defender for Cloud is not exorbitant. Some features have different plans available, such as API plans, and often Plan 1 is enabled for customers as they don't really need more than that for now. Based on the threat levels, the current plan is satisfactory. The pricing is reasonable because cloud services mean the cost is shared with multiple people, and you get the best for a fraction of the price you would have paid otherwise.

There is no doubt that the value is justified. Those applications cannot even be purchased separately. Security has essentially no cost when compared to the cost of a breach. Security is like insurance for a country under threat; you have to put significant budget toward security to protect it. Otherwise, you have nothing because everything will be compromised and you will lose everything. This same philosophy is applied when talking to customers about the cost of security versus the cost of a breach affecting reputation and business.

Microsoft Defender for Cloud helps the security team by acting as a concentrator of multiple sources of alerts. Having one pane of glass to review these items is valuable. The solution includes XDR capabilities, and Azure Sentinel is also used to ensure a bigger picture for the security team and security operations.

Bringing everything into one area with Microsoft Defender for Cloud means there is no need for any other application because everything needed is available.

Agentless scanning in the cloud has been enabled with Microsoft Defender for Cloud. This feature is enabled on workloads and means agents don't need to be installed on virtual machines. This is very cool technology, and it has been enabled for all virtual machines in Azure because the entire stack of capabilities is being used.

Microsoft Defender for Cloud provides the results and metrics needed for the security team. There have been no incidents of concern, which means the product is working really well. In general, Microsoft Defender for Cloud is excellent and provides everything needed. Agentless scanning is particularly valuable because it means you are not installing agents on virtual machines or performing related configuration tasks. This entire stack of products that comes with Microsoft Defender for Cloud delivers significant value. The overall review rating for this product is nine out of ten.

My main use case for using Microsoft Defender for Cloud is to secure our server environment.

The features of Microsoft Defender for Cloud that I appreciate the most are automation and event detection.

An example of how these features have benefited our organization is that it allowed our team to see under a single pane of glass all alerts correlated into Sentinel.

Microsoft Defender for Cloud helps us manage and secure our multi-cloud environments, but we are using it for just Azure and on-premises.

I am using the unified AI-powered security feature offered by Microsoft Defender for Cloud.

This feature has influenced our application development cycle by allowing us to respond and remediate any alerts that come through Microsoft Defender for Cloud.

I am using Microsoft Defender for Cloud's integrated XDR feature. This has helped my security team in investigations with automation.

To improve Microsoft Defender for Cloud, I think pricing-wise, the license price is a little bit higher from an ingestion cost perspective. Depending on what license you choose, you might have to pay for ingestion, which in a comparative world becomes a little more expensive. If there is anything Microsoft can look into from a price protection perspective, it would make Microsoft Defender for Cloud more competitive.

I have been using Microsoft Defender for Cloud for eight years.

I would assess the stability and reliability of Microsoft Defender for Cloud as similar to Defender for Endpoint. It protects the environment the way it says it will. I am definitely very happy with how it does what it says it will do.

Microsoft Defender for Cloud scales with the growing needs of my organization in a straightforward manner. When I add a new server, we update the licenses and push that through.

Prior to adopting Microsoft Defender for Cloud, I was not using another solution to address similar needs.

I would describe my experience with deploying Microsoft Defender for Cloud as follows: I did not personally deploy it. From an IT standpoint, I did not expect any issues.

I have seen ROI with Microsoft Defender for Cloud; a single pane of glass and a single environment to monitor everything helps.

My experience with pricing, setup costs, and licensing was that the license cost was the only consideration. Setup and support had no issues.

Before selecting Microsoft Defender for Cloud, I considered that we wanted a single solution across all our workloads.

The advice I would give to other organizations considering Microsoft Defender for Cloud is that if you are interested or if you are looking at a solution that sees across all environments, Microsoft is the best way to go.

I have enabled agentless scanning in my cloud environment. I would assess the impact on my workload protection without the need for installing agents, though it is a technical question.

I would rate this review a 7 out of 10.

Our main use cases for Microsoft Defender for Cloud are security, workload security, protection, and server protection.

The features I appreciate most in Microsoft Defender for Cloud are the threat protection and having a platform where I can view security incidents and alerts within the Defender admin portal.

The insights feature in Microsoft Defender for Cloud has benefited our organization because we don't always know where our vulnerabilities are located. Having observability to those vulnerabilities is important for us so that we can take actions against any threats.

Microsoft Defender for Cloud has helped us manage and secure our cloud environments. We operate primarily in Azure, so we are not multi-cloud at all. We are very much a Microsoft shop, so that is basically all that we use around that platform.

I think Microsoft Defender for Cloud can be improved, especially in terms of offering more around the auto-remediation of threats before setting up a policy. If it were more actionable to alleviate the out-of-the-box experience by isolating users' devices before it actually becomes an incident, I believe more automated responses are needed.

We have been using Microsoft Defender for Cloud for approximately four years.

I assess the stability and reliability of Microsoft Defender for Cloud as consistently strong. As far as I know, we have not had any issues, and it has performed well.

I have not experienced much downtime, crashes, or performance issues with Microsoft Defender for Cloud, other than availability to resources that were impacted. I remember a couple of weeks ago when Azure Front Door went down, and that was definitely an issue we encountered.

I see Microsoft Defender for Cloud scaling with our growing needs based on the setup. Once we have everything set up, it does not require anything else because we can deploy it. We have it deployed through Autopilot for Defender for Endpoint. When specifically looking at Microsoft Defender for Cloud, it is about what new VMs we are starting up and having policies in place where it automatically creates them. The configurations, once we have them configured specifically for Microsoft Defender for Cloud, make it much easier, especially as we have Azure workloads and protection there.

We have expanded usage with Microsoft Defender for Cloud. As we have reduced our on-premises infrastructure, it is about how we can migrate workloads to the cloud to make it easier, and then having everything fully encompassed and secured within that area makes it much easier for us to scale as needed and grow.

I would evaluate my customer service and technical support experience as good. We are very self-sufficient when it comes to Microsoft, so we do not typically utilize a lot of Microsoft support unless there is a platform issue.

I give it an eight because the times we have needed support, it has been responsive and able to address our needs. Sometimes we have had issues navigating Microsoft support regarding which team handles what, which can be complicated when trying to reach the right team.

Positive

Prior to adopting Microsoft Defender for Cloud, we were using different endpoint solutions such as Sophos, Mimecast, and Rapid7.

The process of deploying Microsoft Defender for Cloud was not smooth. It was always a challenge migrating, as a lot of it involved application dependencies and what was required before being able to use Azure for those services.

I am very familiar with the pricing, setup costs, and licensing because much of it centralizes around M365 E5, which is what we use for our users, so it comes with the licensing. We try to take advantage of all the services that are included. When it comes to implementation, we have a really good group of engineers that can architect and set up policies, configurations, and other elements for what we need.

I would say we have seen a return on investment with Microsoft Defender for Cloud. It is hard to put a price on when a security event is mitigated before it becomes an incident. I think part of security is looking at your insurance policy, for instance, and a lot of that is not realized until you actually have a threat. We have not had any type of security incident that has caused us to experience that pain, and we are grateful for that.

Compared to not having Microsoft Defender for Cloud in place, we definitely saw an advantage by not having downtime due to a security threat. I would say there has definitely been an impact there, even though I do not have the exact percentage.

That is not one solution I have really vetted out a lot before selecting Microsoft Defender for Cloud. I do not have a lot of knowledge there versus what our CISO would have analyzed on that side.

My key security concerns when deploying AI applications mostly revolve around how users are going to use the applications. I think much of it is more insider risk around that, but we also find that data source, how clean the data is, and who is responsible for the data matter significantly. As we deploy AI applications, I think it is important to encompass those considerations so that we can mitigate any possible threats before they become a threat.

Microsoft Defender for Cloud addresses my key security concerns by providing more insights. It has access across my Microsoft 365 tenant, and because we are a Microsoft shop, I think that integrates much better, giving us visibility first and foremost to see recommendations. When it comes to Secure Score, we get more actionable recommendations around those.

A challenge that I faced with its deployment is that for many customers, there are so many capabilities and there is much that you do not know until you get ingrained into it and do the setup.

My advice to another organization considering Microsoft Defender for Cloud would be to look at your change adoption. I think it is important to assess current tools and see where there might be another area of opportunity that could provide the next level of protection. Your familiarity with your administrators, what they have had, and how they utilize skilling should be considered before really entering the deployment phase. Having the right skill set in place is essential for day-to-day management and for understanding how the product works as you are evaluating those. I would give this review a rating of nine overall.

My main use cases for Microsoft Defender for Cloud are that it replaces our traditional antivirus, and I'm using it overall for securing the Microsoft environment.

I appreciate the features of Microsoft Defender for Cloud the most because it incorporates itself into the entire Microsoft platform, and it's a one-stop shop for administration in the web.

These features have benefited my organization by streamlining the management of all of our products, simplifying things in general and how we approach our entire environment. We don't have to stop and use multiple panes of glass every day.

Microsoft Defender for Cloud can be improved. An additional feature that should be included in the next release is Zero Trust, similar to ThreatLocker software.

I have been using Microsoft Defender for Cloud for two years.

I have experienced downtime, crashes, or performance issues with Microsoft Defender for Cloud, but they have been very few and far between. If there are any mass outages, we normally get hit with that. For the most part, the settings are deployed locally on Defender, and so an outage doesn't always disrupt that. It's more about managing it and going forward.

Microsoft Defender for Cloud scales with the growing needs of my organization just fine. Once it's built, I just install it on more machines, and the presentation is all the same, the threats log all the same, so it's pretty seamless for us.

I have not expanded usage of Microsoft Defender for Cloud, but if I had, the process would have been smooth. We are just living within what we have. We have about 2,300 nodes deployed, and we don't see any major expansion on the horizon, but we are very stable with what we have.

I would evaluate customer service and technical support from Microsoft Defender for Cloud as difficult to assess because it's really hard to get ahold of Microsoft support. It's a Microsoft-wide thing. When you buy a product, with the M365 portal, you're given the option to chat with somebody, and normally you don't hear back immediately. They have a 24-hour SLA, and so we kind of feel we're on our own with support on it.

On a scale from one to ten, I would rate customer service and technical support as six. The response times leave a bit to be desired, and I don't feel I get good solutions when I do reach out. The responses are more scripted.

Neutral

Prior to adopting Microsoft Defender for Cloud, I was using Symantec antivirus to address similar needs.

I would describe my experience with deploying Microsoft Defender for Cloud as pretty straightforward. There is a lot of documentation on how to replace current AV systems and how to implement overall and create policies on Microsoft's website.

Remote deployment worked very well for Microsoft Defender for Cloud. The challenges were that when we were deploying it remotely, reboots were required and many end users had their days interrupted. Standing it up initially and making sure we had everything ported over correctly from our previous antivirus were also challenges.

I have seen a return on investment with Microsoft Defender for Cloud because we were able to take savings from our other antivirus applications and apply it towards the Defender cost, and it worked out pretty even.

My experience with pricing, setup cost, and licensing for Microsoft Defender for Cloud was pretty straightforward. We did have a consultation with a third party to go over different tiers and product capabilities, but that was a pretty seamless experience. Buying the licensing was easy and implementing was pretty straightforward too.

I looked at multiple antivirus vendors before selecting Microsoft Defender for Cloud, including Trend Micro and others. We conducted a panel where we looked at different features and costs, and Defender turned out to be the best one, best of breed.

What stood out to me in my evaluation process, both positive and negative, when comparing these options was the management portal. We were able to get usable metrics pretty quickly and how they were presented. They could be exported and manipulated. It was just very easy to view and work with. For cons, I would say the initial standing up of the software was the only concern. However, we got software support on that, and it went pretty smooth after the initial phase.

I am not currently using the unified AI-powered security feature offered by Microsoft Defender for Cloud, but I'm looking into it. I am not using Microsoft Defender for Cloud integrated XDR feature yet. I am not utilizing the GenAI threat protection features in Microsoft Defender for Cloud, but I'm looking to do that. My key security concerns when deploying AI applications are false positives and training the AI, assuming that the AI is previously trained on different environments or it comes in with no knowledge at all. I would be extra cautious in the beginning to make sure it identifies threats correctly.

I would advise other organizations considering Microsoft Defender to consider their entire security posture throughout the environment and make sure that it's going to be a good fit on your desktops and for your servers. Consider all the operating systems you have in your ecosystem to make sure that Defender is compatible with them so you don't end up with two antivirus vendors. I rate this review as a nine out of ten.

My main use case for Microsoft Defender for Cloud is modernizing our infrastructure from our on-premises data center up to Azure. The more resources and services we use in the cloud, the bigger our attack surface becomes, so we needed to ensure visibility into what's happening in the cloud, how our services are being used, and to be aware of shadow IT rolling out applications we are not aware of. Microsoft Defender for Cloud has been integral in making sure we stay on top of cloud usage, cloud access, and malicious access in the cloud.

My favorite feature about Microsoft Defender for Cloud is having one tool that gives us visibility into our whole cloud real estate. It is very easy to deploy many different tools, and then your logging is different from your everyday tooling and how you utilize the platform. Having it all in one unified service and allowing you to look at the entire estate all at once is valuable.

An example of how Microsoft Defender for Cloud helps my organization is that as a small to medium business, it is easy to get excited about the use cases for the cloud and the scalability of it. Initially, we were just doing lift and shift, putting everything up in the cloud to see how it works, how scalable it is, and if it saves us money and time. However, it is easy to push everything in the cloud and forget about consumption, security, and accessibility. Once we got everything up and started having a steady state of what the tenant looks like now that everything is deployed in the cloud, we can control it more. If you just lift and shift, you are not always deploying it in the best practices, and being able to look at easily missed misconfigurations and things that leave you open to common attacks has been really useful because everything is not a one-for-one in the cloud.

There is definitely room for improvement. Microsoft does a fairly good job, but many products are developed from an engineer's perspective rather than the end user perspective, making the intuitive flow of the interface sometimes less than optimal. Some of the documentation can also be outdated due to the legacy support of other applications and protocols. If you do not know how to use it, relying on Copilot to summarize a tool's use case can result in erroneous or deprecated information, which makes it hard to see how to use it best going forward.

I have been using Microsoft Defender for Cloud since 2019 or 2020, so it has been five or six years now.

I assess the stability and reliability of Microsoft Defender for Cloud as very good. I have not had any issues with it.

I have not yet used customer support or experienced downtimes or crashes with Microsoft Defender for Cloud. We have already consulted a couple of third-party vendors about deployment best practices to ensure we use it properly.

Neutral

I can say I have seen a return on investment from Microsoft Defender for Cloud for sure. Having the ability to do what we could not before, such as gaining visibility and securing our full estate, is crucial. It is also about ensuring we are utilizing it properly, as some may just view it as a pane of glass rather than actively engaging with it. Many small to mid-sized companies enjoy deploying these enterprise-grade technologies but lack the manpower for day-to-day operation. The return on investment is significant, especially with the integration of the platform into the Defender and Copilot suites, making it easier to utilize the tools within a limited budget without needing to add more staff or create a new SOC center.

We are just starting to explore AI-powered security features. We have used tools like Copilot quite a bit internally, looking at productivity, scalability, security, and logging. I think they are talking about bringing Security Copilot into the E5, which we already have, to get better utilization out of the money we are already investing.

I am not currently utilizing the GenAI threat protection feature.

My key security concerns when deploying an AI application revolve around understanding how data is used in the model and shared, along with sensitivity versus public data. While people are eager to adopt AI for day-to-day productivity, many do not comprehend the security and compliance implications, which can be dangerous. We are trying to get a better handle on what is being used, what it is being used for, and if there are insider threats trying to exploit it for malicious purposes. The biggest concern right now is being aware of AI usage and how rapidly it is expanding within the organization.

I do feel that Microsoft Defender for Cloud gives me knowledge about security concerns. While there is always work to be done on data loss prevention and data classification, having a tool that allows me to see what is being plugged in, what is accessing our tenant, and how data is being shared is key to building those guardrails.

Pricing and licensing do concern me a bit. Right now, the pricing seems fine, but the big concern is getting locked in and then facing increased costs, where what used to be 30k could suddenly become 50k or 100k. The complexity of understanding the licensing across Microsoft's various products, especially with frequent changes, can be daunting. While they may offer introductory pricing that makes rollout easier, it is often unsettling when that bill changes once you are out of that introductory phase. I would rate this review a 9.5 out of 10.

My main use case for Microsoft Defender for Cloud is regulatory compliance and security alerting.

The features of Microsoft Defender for Cloud that I like the most are the regulatory compliance capabilities. These features have benefited my organization by improving our overall security posture.

Microsoft Defender for Cloud can be improved by being more responsive if you have a huge number of subscriptions. The user interface could be more responsive in this manner when there is a large number of subscriptions.

I have been using Microsoft Defender for Cloud for three and a half years.

I assess the stability and reliability of Microsoft Defender for Cloud as having performance issues. The user interface could be more responsive. There were some issues, but we already filed them with Microsoft support, and they have been fixed.

Microsoft Defender for Cloud scales with the growing needs of my organization.

On a scale from one being the worst and ten being the best, I would give my customer service and technical support an eight because it sometimes takes time until I get to the right person who can really fix my problem.

Positive

Prior to adopting Microsoft Defender for Cloud, I was using another solution to address similar needs, mostly on-premise, and they cannot be matched to what we have in the cloud now.

My experience with deploying Microsoft Defender for Cloud worked well. There were no real challenges as it works out of the box, and you just enable the plans and follow the steps, so it was straightforward.

Since I'm a technician, return on investment with Microsoft Defender for Cloud is not my stake, and security always costs money, so this is not something I can comment on.

My experience with the pricing, pricing setup cost, and licensing is mixed. Some things, such as Key Vaults or storage plans, are now priced better from the security alerting point of view, but others still lack good pricing or could be priced better. The amount billed for the amount of terabytes you're scanning is too high and will lead into security risks if somebody is limiting the amount of data to be scanned based on the cost, so this is something I would prefer to be changed.

Before selecting Microsoft Defender for Cloud, I considered other solutions such as Tenable on-premise. When comparing the options, there was no real competition. Tenable at that time was not capable of doing the things Microsoft Defender for Cloud could do, so we had to put something into place, and the only option from the native cloud provider was Microsoft Defender for Cloud at that time, so we stick with this, and we are pretty happy.

I am not using the unified AI-powered security feature offered by Microsoft Defender for Cloud yet.

I am also not using the integrated XDR feature of Microsoft Defender for Cloud yet, as the plan is not active.

I am also not utilizing the Gen AI threat protection features in Microsoft Defender for Cloud yet.

The key security concerns I have when deploying AI applications include a drift in configuration by the ones deploying the resources, and that's why we use compliance and the built-in policy.

I have enabled the agentless scanning in my cloud environment with Microsoft Defender for Cloud by enabling the plans.

I assess the impact on my workload protection without the need for installing agents as pretty good; it makes it much less effort.

My advice to another organization that is considering using Microsoft Defender for Cloud is to use it; it's a good tool, and I'm pretty happy with it. I would rate this review an eight out of ten.

The main use case for us with Microsoft Defender for Cloud is to find applications inside the organization in the cloud, to see which application is used by which user and to get more information about which applications the organization uses and how we use them, what will be the right tool for us to use. Of course, we have more uses regarding security, if we should proceed or not proceed, licensing, it helps us a lot, but this is the main thing.

We use the threat protection feature inside the computers as part of Microsoft Defender for Cloud. It's more inside the Microsoft Defender EDR or the Microsoft Defender XDR. We use the threat prevention, and if someone is downloading an application or something that is not allowed, we do use the threat prevention, but this is not for the cloud. It's more for the computers and the endpoints.

We do use the compliance dashboards' ability to track multi-jurisdictional standards in our organization a lot. We get into it daily and try to see if we get a threat prevention or any kind of alert, you get it also there and you get directed to there so it's very easy to see. I do think that sometimes there are false positives, but I don't think it's regarding the dashboard. The dashboard is very clear and it helps to understand the threats and everything but sometimes we do get false positive things. These are more technical issues that we need to solve in our environment because someone is not connected to the internet or they are in another network. The dashboard is very clear and easy to understand.

I really appreciate how Microsoft Defender for Cloud can be customized for users and has some integrations and sends notifications if it finds a new app, which we can section inside the application itself. I believe it can improve if in the future we'll be able to also prevent and not only tell you which user uses which app, but also get more features regarding prevention and not only detection.

Microsoft Defender for Cloud's AI-driven threat detection helps us significantly. When we find an AI application, we first get a notification if someone uses it. This is the starting point which helps us to understand and measure which tools we want to use inside the organization, but we still have a missing spot. Users can still send some data or code of our organization to an AI application which we still don't have a clear view of. Microsoft Defender for Cloud helps us to understand which apps we use but it's not really preventing a user from sharing or having the ability to know which data the end user shares with the AI. Today we know which application is used by the user, but we don't know which data they share.

Microsoft Defender for Cloud could improve by adding features for prevention rather than just telling you which user uses which app. We need more features regarding prevention and not only detection.

Sometimes, we found some issues with Microsoft Defender for Cloud during updates or when some endpoints lost their connection. These issues relate to stability and performance. Sometimes we have to talk with the end user and solve some issues or reinstall the software.

The AI area needs improvement and we are still looking for solutions. We use Microsoft Defender for Cloud and considered adding another application regarding the browser. If there could be a way inside Microsoft Defender for Cloud to prevent or get more insight into which data is being shared with AI, it would be amazing. Additionally, improving the Cloud Security and app security regarding applications, such as preventing users from using unauthorized AI tools would be beneficial. Currently, you can only get notifications when a user accesses unauthorized tools but cannot prevent the access directly.

I have been working with Microsoft Defender for Cloud for more than two years.

My assessment is that Microsoft Defender for Cloud works very well once you implement it. The hard part of the tool is the implementation itself, the installation, and understanding everything for your environment. This was what caused us the most struggle.

The implementation and configuration part was complex for us. Once you do it once, it becomes easier, but the first time was not easy.

Sometimes, we encounter issues with Microsoft Defender for Cloud during updates or when endpoints lose their connection. These issues relate to stability and performance. Sometimes we have to communicate with the end user and solve issues or potentially reinstall the software.

Microsoft has much room for improvement regarding the support for Microsoft Defender for Cloud. Their competitors are much better regarding support. While you get a response, sometimes the issue resolution is not what you expect, and they need to improve in the support area.

They should improve the quality of support. The response time is good, but the issue resolution needs improvement. When someone reports an issue, there needs to be more dedication to solving the problem rather than just responding. The support team needs to better understand the issues and provide more thorough resolution.

Based on my experience with support for Microsoft Defender for Cloud, I would rate it between five and six out of ten.

Neutral

If you are a Microsoft organization and most of your organization uses Microsoft, Microsoft Defender for Cloud will be the best approach as it provides the easiest implementation to the most robust solution for a Microsoft suite. It's a robust security application that covers most of the needs of an organization. They have areas to improve, but Microsoft is dedicated to improvements, and over the years I have seen the improvements they made in the security areas and other applications that cover security. If you are a Microsoft user and already in a Microsoft environment, it will be the most suitable security application for you.

I purchased Microsoft Defender for Cloud from Microsoft directly.

Microsoft Defender for Cloud is affordable. Since we are mostly using a Microsoft environment in our organization, it's very affordable and the most beneficial application compared to competitors when you are inside the Microsoft suite.

I am an IT manager inside a startup company and an implementer. My overall rating for Microsoft Defender for Cloud is 7 out of 10.

Our main use cases for Microsoft Defender for Cloud involve scanning PCs.

I doubt that we are using the unified AI-powered security feature offered by Microsoft Defender for Cloud.

Microsoft Defender for Cloud's integrated XDR feature is not being used.

The GenAI threat protection features for Microsoft Defender for Cloud are not being utilized.

I don't appreciate Microsoft Defender for Cloud because it seems to interfere with many things. That's the problem I've been experiencing with it. Before Defender, we had McAfee, which was much better at granular exceptions and changing what it does. Microsoft Defender for Cloud doesn't have that granularity. I can't tell it to leave certain items alone while scanning others. Microsoft Defender for Cloud doesn't really provide that capability, which is a significant problem. It's been causing far more issues than McAfee did.

I think it's too new to have major concerns regarding security when deploying AI applications, at least from my perspective. Regarding scanning a PC, I'm uncertain about the concerns. The actions it takes on those scans might be part of it, but they already have defined policies. For example, if Microsoft Defender for Cloud thinks a piece of software is malicious, it deletes it. I don't believe that's necessarily the best approach. I would prefer it to quarantine the software instead. I think the option for quarantine might exist, but I'm uncertain if it could be modified for that. It probably depends on the threat level or what Microsoft Defender for Cloud perceives as a threat level.

Microsoft Defender for Cloud can be improved with more granular control. They need to examine what McAfee can do.

I think we've been using Microsoft Defender for Cloud for about four years now.

I've experienced performance issues with Microsoft Defender for Cloud.

In my opinion, Microsoft Defender for Cloud doesn't scale well with the growing needs of the organization. But again, it's just my experience.

Since I don't talk directly to Microsoft support for Defender, we just talk to our internal people who are supposedly the experts in it at the bank. I couldn't give an opinion on Microsoft's support.

I would prefer to bypass our internal people and actually go to Microsoft to get answers, but they won't allow us to do that.

Neutral

Prior to adopting Microsoft Defender for Cloud, we were using McAfee. Money is always a factor.

I didn't deploy Microsoft Defender for Cloud.

Agentless scanning for the cloud environment has not been enabled with Microsoft Defender for Cloud.

I don't know if I've seen a return on investment with Microsoft Defender for Cloud.

I have no idea about the pricing, setup cost, and licensing because I don't handle that.

I don't think anything else was considered before choosing Microsoft Defender for Cloud.

I would advise another organization that's considering Microsoft Defender for Cloud to shop around and make sure it's the best solution. This review has a rating of 5.

My main use cases for Microsoft Defender for Cloud are client-end, as we are replacing our Sophos agents on our client computers with Microsoft Defender.

The feature of Microsoft Defender for Cloud that I appreciate most is the ability to view logs of applications, as I find it much clearer to understand what is running.

That feature benefits my company because we are a small company. Previously, we were running a Sophos agent that ran heavily on our computers, and switching over to Defender has made it lighter for us.

Microsoft Defender for Cloud has helped me manage and secure my multi-cloud environments, as we are hybrid-joined, and the insights it has provided are significant. For instance, we were able to identify sub-hosted IPs that were not even part of our segment from another client that our managed service provider was handling.

Microsoft Defender for Cloud can be improved because many of the functions involve multiple places to accomplish the same task, which can make it convoluted. It performs the same functions, but you have to navigate to different areas for different tasks, making it confusing at times.

I have been using Microsoft Defender for Cloud for approximately one year.

As for the stability and reliability of the platform, everything has been going well. I have no complaints and would rate it about an eight.

I would rate Microsoft Defender for Cloud's scalability with the growing needs of my company as approximately an eight.

I have not had to reach out much regarding customer service and technical support, so my thoughts are limited.

Neutral

The main differences between Microsoft Defender for Cloud and the other platform I was using involve deployment. Microsoft Defender for Cloud is not on the client-end, so it is not noticeable and not as taxing on system performance.

My experience with the deployment of Microsoft Defender for Cloud has been straightforward, as it went smoothly.

The biggest return on investment for me when using Microsoft Defender for Cloud is seen with end-users, as they do not reach out to us regarding issues where the underlying cause was our Sophos agent.

Regarding the pricing, setup cost, and licensing of the platform, what we have paid for is still to be determined, as we are about to renew our licensing at the end of this year.

So far, it has been affordable. In comparison to Sophos that we were running, we have found that it will wind up being approximately the same amount of cost.

I am currently considering Windows Defender.

I am not using the unified AI-powered security feature offered by Microsoft Defender for Cloud at this time.

I am not using Microsoft Defender for Cloud's integrated XDR features at this time.

I am not utilizing the enhanced AI threat protection features of Microsoft Defender for Cloud, as there are many AI features we have not explored yet.

I have enabled agentless scanning in my cloud environment.

It has been with Microsoft Defender for Cloud.

I assess the impact on my workload protection without the need for installing agents as really good, considering that it is running smoothly on the client machines without lag or any performance impact.

My advice to other companies considering Microsoft Defender for Cloud is to be aware that there is a lot involved and a lot of what it can do, meaning that you will need to conduct a lot of research and study training material. I rate my overall experience with Microsoft Defender for Cloud an eight.