We compared Cisco Umbrella and Microsoft Defender for Cloud Apps based on our users’ reviews in five categories. After reading the collected data, you can find our conclusion below.
Comparison Results: Microsoft Defender is a better option than Cisco Umbrella according to user reviews. It is highly regarded for its seamless integration with other Microsoft technologies, ease of use, and affordability for smaller businesses. Cisco Umbrella, on the other hand, is praised for its mature solution but is seen as expensive, which creates challenges for smaller corporations. Overall, Microsoft Defender is a better choice for businesses prioritizing integration with Microsoft technologies and cost-effectiveness.
"The solution is stable."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"When it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well."
"We use Cisco Umbrella for DNS filtering and as a secure gateway."
"Cisco Umbrella's integration with other solutions has been a great feature in terms of ease of administration. Administration and troubleshooting are faster. The single pane of glass is great as well. Another great feature of Cisco Umbrella is remote browser isolation. With this feature, you open a virtual browser, and it's seamless to the user. If the user ends up going to a bad website that's passed a policy and something bad tries to download, it will not download into the machine because it is a virtual window somewhere in the cloud. You are protected by this feature."
"The implementation is pretty easy."
"For me, it's important that I get a connection to my corporate network in a secure and fast way. This product just runs in the background and doesn't need any attention. For me, as a user, it's perfect."
"The user interface is great. It's very easy to tailor to our client's environment and needs."
"The most valuable features of this solution are the Web Filtering and the APT."
"I also think that the dashboard view is really helpful. Whenever sites get blocked, we get the details and the users who are connecting to them."
"The most valuable feature is its policy implementation."
"I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
"It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good."
"One of the most valuable features is auditing. Some of the other protection services have issues with auditing. Microsoft Defender for Cloud has an excellent auditing technique that helps us avoid the risk of filtering or information loss. You can use different tools to guarantee these things. It allows you to conduct an in-depth exploration of applications, users, and files that are harmful or suspicious. You can also enhance your security setup by creating personalized rules or policies that help you better control traffic in the cloud."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"The product’s most valuable feature is SQL database."
"The most valuable feature is the ease of management. It's important."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"The integration with other solutions is a little complex. If you want to integrate with something like ArcSight or LogRhythm or Splunk, you need to do a lot of configuration. There are no easy ways to implement it."
"They need to improve analytics so they report on more of the specifics of user activity."
"If the virtual appliances could also gather traffic bandwidth reports, that would be great."
"I feel that the application needs other characteristics that are available with other applications in the market."
"It would be good to have more extensions to third-party products and a client for other device types."
"The rule-making process for blocking sites or for blocking characteristics can use some simplification."
"I would like to have more applications being recorded."
"It had the ability to do a lot of app control. So, every single app that went through that portal was registered, but there is a general issue with the whole app control. As soon as you add a mobile phone to your network, all of the apps get registered through the system, and you can approve, reject, or just let them go through. When I looked at it, it was impossible to manage app control. There was just so much data. I didn't apply that service because I just didn't have the time to manage it. It would be good if there was a way to categorize applications."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"The integration with macOS operating systems needs to be better."
"The interface needs to be more user-friendly."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
"Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"Generally, the pricing can always be improved along with the management system."
"The technical support team has room for improvement."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Cisco Umbrella is ranked 1st in Cloud Access Security Brokers (CASB) with 55 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 17 reviews. Cisco Umbrella is rated 8.8, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Cisco Umbrella writes "We can see all of our locations in one place and only have to make changes once for all our locations". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "A fluid, intelligent product for great visibility, centralized management, and increased uptime". Cisco Umbrella is most compared with Zscaler Internet Access, Prisma Access by Palo Alto Networks, Palo Alto Networks DNS Security, Fortinet FortiGate SWG and Infoblox Advanced DNS Protection, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Netskope , Prisma Access by Palo Alto Networks, Qualys VMDR and Forcepoint CASB. See our Cisco Umbrella vs. Microsoft Defender for Cloud Apps report.
See our list of best Cloud Access Security Brokers (CASB) vendors.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.