We performed a comparison between Bridgecrew and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Cloud Workload Protection Platforms (CWPP)."In cases where they have automatic remediations, you can click a button and it'll just fix the configuration for you."
"New users don't have too many problems with the product. They have a lot of training documentation around it."
"The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce."
"The most valuable feature is that it's intuitive. It's very intuitive."
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"Good compliance policies."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"We'd like to see better monitoring and the ability to deny certain resources from being scanned."
"The biggest issue that I see companies run into is that they immediately think that, "Oh, this solution will be right, simply due to the name." But that's the same issue Splunk runs into. People will immediately jump to Splunk being the best SIEM tool, just because they're the largest. When in reality, QRadar, LogRhythm, and all these other ones are performing similar functions and would actually fit better in some people's environments. Therefore, it's important a company does its homework and does not assume one size fits all."
"You cannot create custom use cases."
"No possibility to write or edit any capability."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
"Azure is a complex solution. You have so many moving parts."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
Bridgecrew is ranked 21st in Cloud Workload Protection Platforms (CWPP) with 2 reviews while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Bridgecrew is rated 8.0, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Bridgecrew writes "Multi-cloud, good scanning, and offers extensive guides". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Bridgecrew is most compared with Prisma Cloud by Palo Alto Networks, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
