We performed a comparison between Azure Kubernetes Service (AKS) and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the autoscaling and self-healing."
"It is easy to maintain the solution."
"The platform's high scalability is one of its biggest advantages."
"The most valuable features of AKS are scalability, deployability, and automation."
"It employs high availability."
"The tool is budget-friendly."
"AKS as a service is very good when you need to leverage applications or functions with much variability in their usage because you're trying to be as efficient as you can with resources."
"Compliance is easy right out-of-the-box with integration to Azure Security, Azure Active Directory, and Azure Policies."
"The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"DSPM is the most valuable feature."
"Threat protection is comprehensive and simple."
"Good compliance policies."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"The initial setup of AKS is complicated. The setup depends on the cluster, nodes, and lots of other things. There are also lots of extremely critical small devices. Moreover, you will have to pay them even while setting up the solution. It is not like you setup first and then pay for it."
"The initial setup is complex."
"The product needs to support a UI dashboard. I have to execute every single command to check the status of services which takes time."
"Sometimes, it fails to provide specific metrics."
"More control over Infra scanning can be introduced."
"The solution's logs have room for improvement."
"We would like to see the addition of a service report from the server for this solution, so that we can monitor the health of server operations."
"I would like to see the stability get more synchronized."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
"It needs to be simplified and made more user-friendly for a non-technical person."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"The remediation process could be improved."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
More Azure Kubernetes Service (AKS) Pricing and Cost Advice →
Azure Kubernetes Service (AKS) is ranked 13th in Container Security with 32 reviews while Microsoft Defender for Cloud is ranked 3rd in Container Security with 46 reviews. Azure Kubernetes Service (AKS) is rated 8.2, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Azure Kubernetes Service (AKS) writes "Decreases administrative burdens and costs, has good diagnostic tools, and is easy to deploy". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Azure Kubernetes Service (AKS) is most compared with OpenShift, CrowdStrike Falcon Cloud Security, SUSE Rancher, Qualys VMDR and Tenable.io Container Security, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our Azure Kubernetes Service (AKS) vs. Microsoft Defender for Cloud report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
