Try our new research platform with insights from 80,000+ expert users

AWS GuardDuty vs Microsoft Defender for Cloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 13, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.0
SentinelOne Singularity Cloud Security boosts efficiency by improving visibility, reducing costs, and decreasing time for threat detection and resolution.
Sentiment score
1.0
Amazon GuardDuty boosts threat detection, improves security, enhances customer trust, cuts costs, and offers a high satisfaction rate.
Sentiment score
7.3
Microsoft Defender for Cloud boosts security and efficiency, integrates with Azure, reduces costs, prevents breaches, and offers proactive defense.
The detailed information PingSafe gives about how to fix vulnerabilities reduces the time spent on remediation by about 70 to 80 percent.
After implementing SentinelOne, it takes about five to seven minutes.
The solution has provided improvement in productivity and the time spent on issues.
Defender proactively indexes and analyzes documents, identifying potential threats even when inactive, enhancing preventative security.
Identifying potential vulnerabilities has helped us avoid costly data losses.
The biggest return on investment is the rapid improvement of security posture.
 

Customer Service

Sentiment score
7.8
SentinelOne Singularity Cloud Security's customer support is highly rated for responsiveness and effective issue resolution, ensuring smooth collaboration.
Sentiment score
9.0
AWS GuardDuty support is praised for its responsiveness and effectiveness, with various channels ensuring timely issue resolution.
Sentiment score
6.5
Microsoft Defender for Cloud support is responsive at higher levels, but experiences vary with mixed satisfaction due to delays.
When we send an email, they respond quickly and proactively provide solutions.
They took direct responsibility for the system and could solve queries quickly.
Having a reliable team ready and willing to assist with any issues is essential.
I appreciate the support for AWS; it is relatively fast, and their SLAs meet my needs.
Since security is critical, we prefer a quicker response time.
The support team was very responsive to queries.
They understand their product, but much like us, they struggle with the finer details, especially with new features.
 

Scalability Issues

Sentiment score
8.2
SentinelOne Singularity Cloud Security excels in scalability, smoothly integrating accounts and auto-scaling, despite separate account management challenges.
Sentiment score
7.7
AWS GuardDuty scales automatically to manage dynamic workloads, efficiently handling user growth and large-scale network security threats.
Sentiment score
7.7
Microsoft Defender for Cloud is scalable, integrating across environments effortlessly, suitable for all enterprise sizes with flexible performance.
I would rate it a 10 out of 10 for scalability.
Scalability is no longer a concern because Cloud Native Security is a fully cloud-based resource.
I would rate the scalability of PingSafe 10 out of 10.
It is designed to scale based on usage, which makes it very adaptable for varying demands.
We are using infrastructure as a code, so we do not have any scalability issues with Microsoft Defender for Cloud implementation because our cloud automatically does it.
It has multiple licenses and features, covering infrastructures from a hundred to five hundred virtual machines, without any issues.
Defender won't replace our endpoint XDR, but it will likely adapt and support any growth in the Microsoft Cloud space.
 

Stability Issues

Sentiment score
8.2
SentinelOne Singularity Cloud Security is highly stable but experiences minor UI glitches and occasional agent-related issues.
Sentiment score
8.5
AWS GuardDuty is praised for reliability and strong threat detection, despite minor performance issues and occasional false positives.
Sentiment score
7.6
Microsoft Defender for Cloud is stable and reliable, with minimal issues mainly during updates, ensuring strong user satisfaction.
Singularity Cloud Workload Security is significantly more stable than our previous solution.
Singularity Cloud Workload Security is more stable than our previous solution.
No lag, no crashing, no downtime.
The stability of GuardDuty is extremely reliable.
It is backed by machine learning, and AWS has strong machine learning models and the capacity to support this with advanced computing power.
Defender's stability has been flawless for us.
Microsoft Defender for Cloud is very stable.
Microsoft sometimes changes settings or configurations without transparency.
 

Room For Improvement

SentinelOne Singularity Cloud needs enhanced features, stability, better reporting, integration, and support for improved user experience and efficiency.
AWS GuardDuty requires enhanced integration, cost efficiency, detection accuracy, a unified dashboard, improved UI, and customizable alerts for better adoption.
Microsoft Defender for Cloud users seek better automation, clarity, integration, AI features, and comprehensive analytics for improved security management.
If I had to ask for anything to make it easier, it would be signed images that are GPG signed and a public repository where we can get the bits from.
If they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.
As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance.
A unified dashboard that aggregates findings across all regions without requiring manual aggregation could enhance convenience for users.
Further integration with services like API Gateway would be beneficial.
I think that some detections in container environments such as container runtime, and on services such as AWS container service, Fargate service or EKS service could be improved.
Microsoft, in general, could significantly improve its communication and support.
It would be beneficial to streamline recommendations to avoid unnecessary alerts and to refine the severity of alerts based on specific environments or environmental attributes.
The artificial intelligence features could be expanded to allow the system to autonomously manage security issues without needing intervention from admins.
 

Setup Cost

SentinelOne Singularity Cloud offers competitive pricing and value, with flexibility and discounts available, though costly for large deployments.
AWS GuardDuty offers transparent, scalable, and cost-effective security pricing, benefiting small businesses and enterprises with serverless efficiency.
Microsoft Defender for Cloud is scalable, offering free and paid versions with costs averaging $15 monthly per server.
Covering our 50,000 endpoints would have nearly bankrupted most security programs, even well-funded ones like ours.
I believe the enterprise version costs around $55 per user per year.
There are some tools that are double the cost of Cloud Native Security.
GuardDuty is very cheap and operates on a pay-as-you-go basis.
The pricing of this tool is cheaper compared to other tools from other vendors, which are more expensive.
Every time we consider expanding usage, we carefully evaluate the necessity due to cost concerns.
We appreciate the licensing approach based on employee count rather than a big enterprise license.
Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters.
 

Valuable Features

SentinelOne Singularity Cloud's ease, AI detection, and seamless integration enhance IT efficiency, risk management, and forensic visibility.
AWS GuardDuty offers efficient threat detection, seamless monitoring, and integration, providing comprehensive, cost-effective security for AWS environments.
Microsoft Defender for Cloud enhances security with AI-based threat detection, multi-cloud support, and a unified portal for comprehensive management.
Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks.
For example, we can set up an automation alert so that if a threat is detected on an endpoint, we can automatically take action on our Okta or AD environment, such as locking the account that was signed in or forcing a password reset.
This helps visualize potential attack paths and even suggests attack paths a malicious actor might take.
It notifies you immediately when something goes wrong, allowing quick response to threats.
Enabling GuardDuty with a single click allows it to start analyzing data for threats without requiring additional software deployment or updates.
The great benefits of using AWS GuardDuty are that it is connected to all ecosystems from the AWS environment, and I can detect threats faster and locate all the information in a single tool.
The most valuable feature for me is the variety of APIs available.
This feature significantly aids in threat detection and enhances the user experience by streamlining security management.
The most valuable feature is the recommendations provided on how to improve security.
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
114
Ranking in other categories
Vulnerability Management (5th), Cloud and Data Center Security (2nd), Container Security (3rd), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (1st)
AWS GuardDuty
Ranking in Cloud Workload Protection Platforms (CWPP)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
24
Ranking in other categories
No ranking in other categories
Microsoft Defender for Cloud
Ranking in Cloud Workload Protection Platforms (CWPP)
1st
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
79
Ranking in other categories
Vulnerability Management (7th), Container Management (8th), Container Security (7th), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (5th), Microsoft Security Suite (7th), Compliance Management (5th)
 

Mindshare comparison

As of September 2025, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 3.6%, up from 1.4% compared to the previous year. The mindshare of AWS GuardDuty is 12.8%, up from 12.7% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 14.3%, down from 16.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Workload Protection Platforms (CWPP) Market Share Distribution
ProductMarket Share (%)
Microsoft Defender for Cloud14.3%
AWS GuardDuty12.8%
SentinelOne Singularity Cloud Security3.6%
Other69.3%
Cloud Workload Protection Platforms (CWPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Terence Dube - PeerSpot reviewer
Comprehensive threat detection simplifies security management
GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be useful, including more granular details in findings, such as specific user actions or historical comparisons, would be beneficial. Furthermore, managing global AWS environments requires setting up additional tools for viewing GuardDuty findings across multiple regions. A unified dashboard that aggregates findings across all regions without requiring manual aggregation could enhance convenience for users.
Vibhor Goel - PeerSpot reviewer
A single tool for complete visibility and addressing security gaps
Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
867,299 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
9%
Government
6%
Financial Services Firm
16%
Computer Software Company
14%
Manufacturing Company
9%
Government
6%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business43
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise4
Large Enterprise13
By reviewers
Company SizeCount
Small Business26
Midsize Enterprise8
Large Enterprise44
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is wor...
What needs improvement with PingSafe?
There is scope for more application security posture management features. Additionally, the runtime protection needs ...
What do you like most about Amazon GuardDuty?
With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavi...
What is your experience regarding pricing and costs for Amazon GuardDuty?
I don't worry much about the pricing, but I think it is a good price for what they deliver. This cost is cheaper beca...
What needs improvement with Amazon GuardDuty?
AWS GuardDuty is currently meeting our needs concerning what could be improved. In future updates of AWS GuardDuty, I...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
 

Also Known As

PingSafe
No data available
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
autodesk, mapbox, fico, webroot
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Find out what your peers are saying about AWS GuardDuty vs. Microsoft Defender for Cloud and other solutions. Updated: July 2025.
867,299 professionals have used our research since 2012.