Try our new research platform with insights from 80,000+ expert users

Cisco Umbrella vs Microsoft Defender for Cloud Apps comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 15, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

iboss
Sponsored
Ranking in Cloud Access Security Brokers (CASB)
7th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
19
Ranking in other categories
Secure Web Gateways (SWG) (6th), Internet Security (3rd), Web Content Filtering (1st), ZTNA as a Service (10th), Secure Access Service Edge (SASE) (9th)
Cisco Umbrella
Ranking in Cloud Access Security Brokers (CASB)
2nd
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
121
Ranking in other categories
Secure Web Gateways (SWG) (1st), Internet Security (1st), Secure Access Service Edge (SASE) (2nd), Domain Name System (DNS) Security (1st), Cisco Security Portfolio (2nd)
Microsoft Defender for Clou...
Ranking in Cloud Access Security Brokers (CASB)
4th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Advanced Threat Protection (ATP) (14th), Microsoft Security Suite (12th)
 

Mindshare comparison

As of July 2025, in the Cloud Access Security Brokers (CASB) category, the mindshare of iboss is 2.0%, up from 1.3% compared to the previous year. The mindshare of Cisco Umbrella is 11.4%, down from 13.7% compared to the previous year. The mindshare of Microsoft Defender for Cloud Apps is 9.8%, down from 12.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Access Security Brokers (CASB)
 

Featured Reviews

Matt Crockford - PeerSpot reviewer
It's easy to roll out, and their understanding of our business made it seamless
One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured
Emilio Montoya - PeerSpot reviewer
Ensures internet navigation safety and boosts productivity
The features of Cisco Umbrella I prefer most are DNS protection and traffic redirect. With Cisco Talos's threat intelligence, we reduce the impact of malware traffic in our network, and we currently see the behavior of equipment and choose the correct sites. Cisco Talos has helped us reduce the impact of malware traffic. We can see the behavior and choose the correct sites. We're currently testing secure access with Umbrella in order to secure access to core applications. It's a product that the user doesn't even know is there, even though it is protecting them. It's not hard on the equipment. And, for us, it centralizes everything, which improves productivity. With the Experience Insights feature of Cisco Secure Access, we've seen impacts on the management of user connectivity by allowing us to deliver safe connectivity. We are testing the Secure Access product with Cisco Umbrella to improve our connectivity with our users in order to secure access to the corporate applications. Cisco Umbrella is in the cloud, which is nice.
Jagadeesh Gunasekaran - PeerSpot reviewer
Saves us time, has good visibility, and a single dashboard
The solution is user-friendly and provides great visibility into threats. There are easy options available for specific workflow inspections. We can also get support by going through the Microsoft documentation, which is straightforward. Microsoft Defender for Cloud Apps helps us prioritize threats across our enterprise. It covers us from a compliance perspective and protects our organization's data. Data protection is a very important aspect of any new organization, as we need to protect our data from both external attacks and insider threats. Microsoft Defender for Cloud Apps helps us monitor for abnormal activity by insiders, which is one of the most important access points for attackers today. Additionally, the different cloud apps that Defender for Cloud Apps supports provide us with much more visibility into potential threats and activities on the internet. We have integrated Microsoft Defender for Cloud Apps alerts with Sentinel. The integration is straightforward. We can find the configuration details on Microsoft's official documentation website. If we are familiar with how Microsoft products work, we will be able to follow the instructions clearly. Microsoft Defender for Cloud Apps and Sentinel work natively together to deliver coordinated detection and response across our environment. Our integrated Microsoft solutions provide comprehensive threat protection, covering most of the tactics and techniques relevant to the MITRE ATT&CK framework. Sentinel allows us to ingest data from our entire ecosystem. When implementing an SIEM solution, there are always prerequisites such as Active Directory logs, security logs, firewall logs, and DNS logs. These are important logs that need to be ingested into the environment. Sentinel has many third-party connectors available that make integrations straightforward. Microsoft provides the configuration details in the Sentinel platform. It is important to integrate all relevant log sources into the SIEM solution so that we can detect and be alerted to any type of threat factor, whether it is from an internal or external source. Integrating third-party solutions into the platform requires a separate configuration, but Microsoft provides the necessary information. However, we need to have the appropriate permissions to execute these setups. Sentinel provides a centralized dashboard that covers threat management and configuration. It gives us complete insight into what entities are accessing, as well as full details for investigation. We can see how the alerts and threats are relevant to suspicious activities, whether they are related to malicious IP addresses, suspicious ASHAs, or any other indicators of compromise. All of this relevant data can be seen in a single pane. Recently, Microsoft introduced a new investigation experience in a single pane. This means that we can now get a lot of details in a single pane, without having to go there and execute a query. There are a lot of new insights being developed in the Sentinel platform these days. It has software intelligence. They recently introduced Microsoft Defender Threat Intelligence, which covers almost all IOCs. This protects organizational assets from threats and suspicious traffic associated with IOCs. If a match is found, alerts are generated. This is a very interesting feature. Another great feature is automation and logic apps. We can create a number of operations, such as posting in a team's channel if a severe incident occurs or sending an email notification. There are many operations available, so we can automate a lot of tasks. Microsoft Defender for Cloud Apps helps us stay compliant. It has predefined mechanisms in place to prevent attacks. For example, if an external user tries to access our SharePoint folders or files, an attack will be blocked. This is why it is important to give appropriate access to guest users. Microsoft Defender for Cloud Apps has many features and benefits. It provides a number of policies that can be configured to meet the specific needs of our security team. These policies can be used to customize cloud applications so that only authorized users can access them and perform operations that benefit the organization. In terms of safety and security, Microsoft Defender for Cloud Apps is top-notch. Using the solution's automation features, we can suppress false positive alerts. We can also close alerts, lower their severity from "high" to "low" or "informational," or close them immediately with the appropriate commands. This will depend on the configuration automation rule and the perspective from which we are testing. Microsoft Defender for Cloud Apps provides a single console. We are also provided with Microsoft templates to enable workbooks instantly. Alternatively, we can build our own customized workbooks to provide better insights and improve our SOC efficiency and overall performance. Consolidating all of our security data into one dashboard has saved our security operations team a significant amount of time. From an analyst's perspective, it is now much easier to correlate events, investigate alerts, and visualize specific entities. For example, an analyst can quickly see all of the alerts associated with a particular IP address, or they can view all of the activity for a specific entity over the past 24 hours or 7 days. This level of detail and insight would not be possible if our data were siloed in multiple dashboards. The single dashboard saves our operations approximately 20 hours per week by eliminating the need to access multiple consoles and tabs. Microsoft Defender for Cloud Apps threat intelligence can help us prepare for potential threats before they happen. However, it depends on how we develop the policies for the database to block or ignore things in our environment.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The security aspect of the solution, particularly the malware behind it, is excellent. That's something that really helped us out. It's not just a simple proxy that just blocks the insights of potential threats that come on behind it. They do malware detection and that helps us a lot."
"I would definitely recommend iboss for web filtering purposes to other organizations or individuals."
"The console is cloud-based, which is something I really appreciate."
"We chose iboss for both zero trust and proxy (SWG) because their SWG was superior."
"Granular setup, which was able to set different levels of filters using the OUs in the AD."
"We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times."
"The solution has massively improved our security posture, giving us full visibility into what our staff does online."
"Valuable features: Within the filter: Controls (Web categories, applications, and Allow/Block list) and Network (local Subnets). Within the reporter: Logs (Event Log) and Reports."
"Umbrella has helped my IT staff in two ways. First, our security team was able to get more insights into the users, their devices, and the sites they browse. Second, our system administration team was able to manage DNS resolutions in a way that is more accessible and less intrusive to our domain system."
"There is much differentiation within the licensing so if anyone wants DNS security from the DNS security log, we are there already, and if anyone wants to go to a secure internet gateway, that is also available. We can get the integrated cloud DLP license keys. That is a good benefit with Cisco Umbrella. You can get a complete solution in a single licensing."
"Reports provide insight into internet usage and information helpful in creating QoS rules."
"Stability-wise, it's good. I have never encountered any bugs."
"The most valuable feature for us is the DNS-based protection."
"I would describe the experience deploying Cisco Umbrella overall as super easy. It was awesome. It was lovely to deploy it."
"The most valuable features are the protection against ransomware and phishing."
"I like that it integrates with the infrastructure. I also like the kind of data and intelligence that's built-in. It helps create innovative reports for security."
"Microsoft Defender for Cloud Apps is very comprehensive, providing a complete 360-degree view of applications within an organization."
"The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"The most valuable feature of Microsoft Defender for Cloud Apps is that we are primarily using only the Defender for Cloud on the Azure Cloud."
"The ability to sanction unsanctioned apps using Secure Score benchmarking, included in Cloud, is also beneficial."
"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."
"Shadow IT discovery is the feature I like the most."
"The impact of Microsoft Defender for Cloud Apps on our organization's ability to assess and manage app related risks has been significant because we have more visibility."
 

Cons

"Sometimes, obviously, there are bugs."
"SSL decryption: We had issues with learners using apps instead of using web browsers. This type of encryption is tough for any appliance in a BYOD environment."
"I'd like to see them accelerate development on the security side, particularly around data loss prevention."
"Sometimes when you call in support, you get someone who is just following a sheet. It feels like a runaround. You feel that you are running into that support wall."
"To scale up, a new iboss Node Blade Chassis must be purchased."
"If they could implement an extra security layer preventing access to iboss from the open internet, it would be great."
"Their on-premise hardware's network interface is capped at one gigabit, which is sort of a problem. If you stand a filter up where all traffic flows through that, according to them, in order to go above a gigabit, you have to have multiple devices, which in today's IT seems a little bit silly. They could easily put in an SFP port into their device that could accommodate 10 gigs or at least offer a box."
"File integrity monitoring would be very advantageous as an additional feature."
"Something on our end that might make it better is alerting going to our ticketing system. It's not something that we have discussed, but that would be a proactive option for us to provide a learning experience for the staff."
"A feature I would appreciate seeing enhanced in Cisco Umbrella would be the ability to add or remove agents that we have, instead of just relying on how long the devices have been connected to the platform."
"This solution does not give us full, 360-degree protection."
"I am unsure if Cisco Umbrella offers a Windows option for running the server."
"Cisco Umbrella could be improved by making the policies more granular, as in some cases, it's difficult to find the correct link to open a specific site securely."
"Cisco Umbrella can be improved in terms of limited coverage and wind vulnerability."
"The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical."
"If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all."
"The documentation could be improved as it is not updated immediately when Microsoft makes changes. Users must wait a few weeks for the changes to be reflected in the documentation."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
"There could be more granular roles that are out of the box included in the product."
"The insights could be improved, especially in reporting. While it is possible for me to see the usage from different cloud apps, determining if critical data has been uploaded or if it is just normal transport data is difficult."
"The product is very good so far, however, it would be better if it could include more up-to-date threat protection."
"A significant improvement I would like to see is the integration into a single pane of glass, which would allow me to view everything in one place rather than having to switch between different areas."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
 

Pricing and Cost Advice

"The overall pricing for iboss is very competitive and transparent."
"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."
"It is expensive compared to one of its competitors."
"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."
"We have not priced the solution recently, but they were competitive with other vendors in the past."
"It is probably in line with other solutions, but I do not deal with the financial side."
"​The pricing is fair."
"We were using the free version, and we implemented the paid version about two months ago. I'm paying a fair price, but everything is negotiable with Cisco. One of the benefits that I got by having Cisco Umbrella is the licensing of the Cisco AnyConnect VPN client."
"I think it's worth the money."
"We have a security Enterprise Agreement with Cisco, so the pricing is good."
"The licensing part for Umbrella is really flexible."
"The pricing is pretty fair. It's good."
"In my opinion, Cisco Umbrella now has a good price in the basic packages. When it comes to Cisco Umbrella SIG Essentials package and Cisco Umbrella Secure Internet Gateway (SIG) Advantage package, it depends on whether the project has a good price or not"
"You can request an evaluation license​."
"The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
"We are an MST and we do not pay for the solution. However, the price of the solution could be better."
"I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
"We have an educational licensing agreement. It's a customer agreement for multiple years."
"Microsoft offers bundle discounts and a pay-as-you-go option."
"Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
"Where we are right now, this is an acceptable pricing. I would like to see more transparency given to the end user. The end user given to us is via the cloud service provider. There are different programs and license models. Some include this, and some include that. It is all over the place. There can be a little more consistency or simplification in the pricing so that your parts list is not ten pages long, and you are not trying to determine, "If I have an E3, does this cover that?", or "Do I need to pay separately for the license?" Simplification would probably be better."
"It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
report
Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
860,168 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
11%
Manufacturing Company
9%
Government
6%
Computer Software Company
20%
Educational Organization
11%
Manufacturing Company
8%
Financial Services Firm
7%
Computer Software Company
15%
Financial Services Firm
12%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about iboss?
Content filtering is the most useful feature of iboss.
What needs improvement with iboss?
For zero trust implementation, we encountered complexity issues, especially with a large infrastructure company Exxon...
What is your primary use case for iboss?
Previously when I used iboss, we did the POC for iboss for ExxonMobil. Four or five people wanted to move from our ol...
Which is the better security solution - Cisco Umbrella or Zscaler?
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried. Zs...
Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?
Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-nat...
What do you like most about Cisco Umbrella?
Cisco Umbrella is easy to monitor, manage, and deploy.
What do you like most about Microsoft Cloud App Security?
It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notificatio...
What is your experience regarding pricing and costs for Microsoft Cloud App Security?
My impression on the pricing, setup costs, and licensing of Microsoft Defender for Cloud Apps is that it's fair. I do...
What needs improvement with Microsoft Cloud App Security?
An area of Microsoft Defender for Cloud Apps that needs to be improved or enhanced is the reporting function. In the ...
 

Also Known As

iBoss Cloud Platform
OpenDNS
MS Cloud App Security, Microsoft Cloud App Security
 

Overview

 

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.
Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim
Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
Find out what your peers are saying about Cisco Umbrella vs. Microsoft Defender for Cloud Apps and other solutions. Updated: June 2025.
860,168 professionals have used our research since 2012.