Try our new research platform with insights from 80,000+ expert users

Cisco Umbrella vs Microsoft Defender for Cloud Apps comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

iboss
Sponsored
Ranking in Cloud Access Security Brokers (CASB)
8th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
17
Ranking in other categories
Secure Web Gateways (SWG) (10th), Internet Security (4th), Web Content Filtering (3rd), ZTNA as a Service (11th), Secure Access Service Edge (SASE) (10th)
Cisco Umbrella
Ranking in Cloud Access Security Brokers (CASB)
2nd
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
113
Ranking in other categories
Secure Web Gateways (SWG) (1st), Internet Security (1st), Secure Access Service Edge (SASE) (3rd), Domain Name System (DNS) Security (1st), Cisco Security Portfolio (2nd)
Microsoft Defender for Clou...
Ranking in Cloud Access Security Brokers (CASB)
5th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
37
Ranking in other categories
Advanced Threat Protection (ATP) (12th), Microsoft Security Suite (13th)
 

Mindshare comparison

As of May 2025, in the Cloud Access Security Brokers (CASB) category, the mindshare of iboss is 1.9%, up from 1.3% compared to the previous year. The mindshare of Cisco Umbrella is 12.3%, down from 14.2% compared to the previous year. The mindshare of Microsoft Defender for Cloud Apps is 10.1%, down from 13.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Access Security Brokers (CASB)
 

Featured Reviews

Matt Crockford - PeerSpot reviewer
It's easy to roll out, and their understanding of our business made it seamless
One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured
Rohan Singh - PeerSpot reviewer
Protects endpoints wherever they are, always pushing people to the right locations to avoid malicious intent
The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple. The single pane of glass management makes it very easy to manage your rollout. We get a lot of "single panes of glass" and, eventually, you need a pane of panes of glass. But it's always good to have a clear and graphical view, and Umbrella's is nice and easy to read. Definitely, of the panes of glass that we do have, it's one of the easiest to use. The single pane of glass is good to group users together and separate people out. Some people need different types of security. Some people are more vulnerable. Some have more highly valuable assets, like C-suite people. It's really good to be able to have end-users defined inside of that. You don't have to jump around. You don't have to figure out who's who. It's all done through one pane of glass. What most people don't realize is that it's running in the background, which is a really nice aspect when it comes to security. Often, when you deploy a security tool, it takes up CPU performance. Everything slows to a grind. But Umbrella is so simple and easy and it doesn't affect the end-user experience. It's the best of all worlds. It's nice when people realize that they're being protected when they go to the wrong site. I think people are happy that they're protected, but it's nice that they rarely notice it. It's generally easy to maintain network connectivity, but with Umbrella, the nice part is that whichever connectivity you're on, you're always secure. With Umbrella, as long as you're online, you're going to be protected.
Jagadeesh Gunasekaran - PeerSpot reviewer
Saves us time, has good visibility, and a single dashboard
The solution is user-friendly and provides great visibility into threats. There are easy options available for specific workflow inspections. We can also get support by going through the Microsoft documentation, which is straightforward. Microsoft Defender for Cloud Apps helps us prioritize threats across our enterprise. It covers us from a compliance perspective and protects our organization's data. Data protection is a very important aspect of any new organization, as we need to protect our data from both external attacks and insider threats. Microsoft Defender for Cloud Apps helps us monitor for abnormal activity by insiders, which is one of the most important access points for attackers today. Additionally, the different cloud apps that Defender for Cloud Apps supports provide us with much more visibility into potential threats and activities on the internet. We have integrated Microsoft Defender for Cloud Apps alerts with Sentinel. The integration is straightforward. We can find the configuration details on Microsoft's official documentation website. If we are familiar with how Microsoft products work, we will be able to follow the instructions clearly. Microsoft Defender for Cloud Apps and Sentinel work natively together to deliver coordinated detection and response across our environment. Our integrated Microsoft solutions provide comprehensive threat protection, covering most of the tactics and techniques relevant to the MITRE ATT&CK framework. Sentinel allows us to ingest data from our entire ecosystem. When implementing an SIEM solution, there are always prerequisites such as Active Directory logs, security logs, firewall logs, and DNS logs. These are important logs that need to be ingested into the environment. Sentinel has many third-party connectors available that make integrations straightforward. Microsoft provides the configuration details in the Sentinel platform. It is important to integrate all relevant log sources into the SIEM solution so that we can detect and be alerted to any type of threat factor, whether it is from an internal or external source. Integrating third-party solutions into the platform requires a separate configuration, but Microsoft provides the necessary information. However, we need to have the appropriate permissions to execute these setups. Sentinel provides a centralized dashboard that covers threat management and configuration. It gives us complete insight into what entities are accessing, as well as full details for investigation. We can see how the alerts and threats are relevant to suspicious activities, whether they are related to malicious IP addresses, suspicious ASHAs, or any other indicators of compromise. All of this relevant data can be seen in a single pane. Recently, Microsoft introduced a new investigation experience in a single pane. This means that we can now get a lot of details in a single pane, without having to go there and execute a query. There are a lot of new insights being developed in the Sentinel platform these days. It has software intelligence. They recently introduced Microsoft Defender Threat Intelligence, which covers almost all IOCs. This protects organizational assets from threats and suspicious traffic associated with IOCs. If a match is found, alerts are generated. This is a very interesting feature. Another great feature is automation and logic apps. We can create a number of operations, such as posting in a team's channel if a severe incident occurs or sending an email notification. There are many operations available, so we can automate a lot of tasks. Microsoft Defender for Cloud Apps helps us stay compliant. It has predefined mechanisms in place to prevent attacks. For example, if an external user tries to access our SharePoint folders or files, an attack will be blocked. This is why it is important to give appropriate access to guest users. Microsoft Defender for Cloud Apps has many features and benefits. It provides a number of policies that can be configured to meet the specific needs of our security team. These policies can be used to customize cloud applications so that only authorized users can access them and perform operations that benefit the organization. In terms of safety and security, Microsoft Defender for Cloud Apps is top-notch. Using the solution's automation features, we can suppress false positive alerts. We can also close alerts, lower their severity from "high" to "low" or "informational," or close them immediately with the appropriate commands. This will depend on the configuration automation rule and the perspective from which we are testing. Microsoft Defender for Cloud Apps provides a single console. We are also provided with Microsoft templates to enable workbooks instantly. Alternatively, we can build our own customized workbooks to provide better insights and improve our SOC efficiency and overall performance. Consolidating all of our security data into one dashboard has saved our security operations team a significant amount of time. From an analyst's perspective, it is now much easier to correlate events, investigate alerts, and visualize specific entities. For example, an analyst can quickly see all of the alerts associated with a particular IP address, or they can view all of the activity for a specific entity over the past 24 hours or 7 days. This level of detail and insight would not be possible if our data were siloed in multiple dashboards. The single dashboard saves our operations approximately 20 hours per week by eliminating the need to access multiple consoles and tabs. Microsoft Defender for Cloud Apps threat intelligence can help us prepare for potential threats before they happen. However, it depends on how we develop the policies for the database to block or ignore things in our environment.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"First of all, the security policies are essential. I do not have to rely solely on Active Directory for our users."
"iboss has significantly lowered the number of security incidents. It is crazy how much it blocks and how much it is aware of the outside danger."
"Valuable features: Within the filter: Controls (Web categories, applications, and Allow/Block list) and Network (local Subnets). Within the reporter: Logs (Event Log) and Reports."
"It was a very easy product to install. It can be deployed very fast."
"iboss is easy to use despite its complexity. Multiple engineers manage it, but it's significantly more straightforward to administer than traditional VPNs and web proxies."
"The console is cloud-based, which is something I really appreciate."
"Our primary use case for this product is DLP,"
"iboss is among the few products providing inline filtering where no application is needed on the device. It operates on the network side and is not device-based. This feature was one of the main reasons why we stayed with them for so long."
"One of the most important features is the security posture check which Umbrella offers when a user accesses any website. That is one of the most unique features that it offers."
"The documentation is good, and we have been able to resolve any issues ourselves."
"It analyzes the domain security helps us implement the securest policy."
"When it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well."
"It makes it really easy to accomplish content filtering. We don't have to do a lot of customization. You just click the box for the content category and it's up to date."
"It has certainly saved us time. If we go and look at what's rejected on the requests from the hospital itself, it has saved about 5% or 6% time."
"The most valuable feature of Cisco Umbrella is its DNS security."
"I haven't needed to reboot the servers for years due to their excellent stability."
"All of the features are valuable because all of the features are related."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"The most effective features for data protection are data loss prevention (DLP) and data classification."
"Defender for Cloud Apps has given us good visibility regarding what we've allowed into our environment until now."
"I would rate it a ten because I have not experienced any stability issues so far with Defender for Cloud Apps."
 

Cons

"Our biggest problem with their service was it did not recognize the device and filtering did not always work correctly."
"SSL decryption: We had issues with learners using apps instead of using web browsers. This type of encryption is tough for any appliance in a BYOD environment."
"The solution could be stronger on the integration side and offer more cloud applications like G Suite or Oracle."
"The reporting feature needs improvement. It doesn't give you the expected results. It is quite difficult to get the specific reports needed, and it is not as intuitive as the rest of the platform."
"Fold that in with the risk intelligence they're getting from all of the different subscriptions they are a part of. Now, these security companies subscribe to things like emerging threats, databases, etc. You can fold all this intelligence to decide what's happening on an endpoint. I would love to see them start moving into that space. That would compete directly with Microsoft. Maybe that's why they haven't. Having that ability native within the solution would be great. The other area in which I would love to see improvement is more detailed descriptions of why they block websites."
"Their on-premise hardware's network interface is capped at one gigabit, which is sort of a problem. If you stand a filter up where all traffic flows through that, according to them, in order to go above a gigabit, you have to have multiple devices, which in today's IT seems a little bit silly. They could easily put in an SFP port into their device that could accommodate 10 gigs or at least offer a box."
"The area I would like to see improvement in is the ability with in the reporter to navigate directly to the content the user is traversing. It is kind of there, but it's not perfect. Quite frequently, I receive links that lead me to pages with error messages."
"Our biggest problem with their service was it did not recognize the device and filtering did not always work correctly."
"Client delivery and client updates should be improved. Client delivery was not as easy as expected. Another area for improvement is the integration of escalation procedures for security issues."
"It should have more integrations with multiple end user OEMs."
"I would like them to make some videos, practical videos, the kind with steps that people can use to learn and deploy"
"The integration with Cisco could be better."
"Its reliability and the response time of the support team can be better."
"The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical."
"Cisco Umbrella is difficult to manage and needs to include a dashboard. It needs to improve pricing as well."
"The channel of support needs improvement. It is not under normal Cisco support, and I cannot simply call for support."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
"There are challenges with detection and there are challenges with false-positive rates."
"Sometimes the support is actually lacking."
"We are having trouble with our continuous reporting configuration and struggling with configuring the collector properly with our log parsing."
"I would like for it to be available on Mac and for it to support all of the features of Microsoft financing products. It is really for Windows."
"Defender for Cloud Apps could come with more configured policies out of the box. Also, integration could be easier. Integration is moderately difficult because Microsoft hasn't developed a solution that unifies device onboarding and management. You have to use Intune to manage devices and Defender for Endpoint to enforce policies. They need to fix their integration, but I believe they will straighten it out by the end of the year."
"Microsoft Defender for Cloud Apps’s technical support services needs improvement."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
 

Pricing and Cost Advice

"We have not priced the solution recently, but they were competitive with other vendors in the past."
"The overall pricing for iboss is very competitive and transparent."
"It is expensive compared to one of its competitors."
"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."
"It is probably in line with other solutions, but I do not deal with the financial side."
"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."
"There is room for improvement when it comes to the cost."
"It needs a better price point."
"The price should be slightly lower than the current price because if you look at the whole solution, it is simply a threat intelligence solution to block blacklisted things. The price should be lower looking at the features provided by the solution. The price isn't too high either, but it could be lower."
"I think Cisco Umbrella is priced well. We have a mix of customers with different verticals such as education. We have clients in the commercial space as well. Umbrella is at a good price point for all of our customers."
"There is a one-time cost of approximately $800 USD per user, and then a yearly support fee of about $50 per user."
"The pricing is pretty fair. It's good."
"It has a reasonable price. It is certainly not as expensive as it used to be. It is in line with other offerings on the market. There are a number of different flavors of Umbrella. They could bring Umbrella SIG down a bit because its price is a little bit high for what it does, but I also understand why its price is high."
"The licensing and pricing structure of Cisco Umbrella is in line with standard systems on the market, and we have no specific requirements in this area. Overall, we have found it to be an acceptable pricing model for our organization."
"Where we are right now, this is an acceptable pricing. I would like to see more transparency given to the end user. The end user given to us is via the cloud service provider. There are different programs and license models. Some include this, and some include that. It is all over the place. There can be a little more consistency or simplification in the pricing so that your parts list is not ten pages long, and you are not trying to determine, "If I have an E3, does this cover that?", or "Do I need to pay separately for the license?" Simplification would probably be better."
"The pricing is in the middle. It isn't too cheap or expensive compared to other antivirus or security products. It is priced according to industry standards."
"The pricing is fair."
"It has pretty good pricing."
"Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
"The product's pricing seems fair."
"Microsoft offers bundle discounts and a pay-as-you-go option."
"This product is not expensive."
report
Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
849,686 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
9%
Government
6%
Educational Organization
25%
Computer Software Company
17%
Financial Services Firm
7%
Manufacturing Company
7%
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about iboss?
Content filtering is the most useful feature of iboss.
What needs improvement with iboss?
Our biggest problem with their service was it did not recognize the device and filtering did not always work correctl...
What is your primary use case for iboss?
We used it for student and faculty filtering on campus.
Which is the better security solution - Cisco Umbrella or Zscaler?
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried. Zs...
Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?
Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-nat...
What do you like most about Cisco Umbrella?
Cisco Umbrella is easy to monitor, manage, and deploy.
What do you like most about Microsoft Cloud App Security?
It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notificatio...
What is your experience regarding pricing and costs for Microsoft Cloud App Security?
The pricing for Microsoft Defender for Cloud Apps is acceptable. If a product is of high quality, it justifies the ex...
What needs improvement with Microsoft Cloud App Security?
The documentation could be improved as it is not updated immediately when Microsoft makes changes. Users must wait a ...
 

Also Known As

iBoss Cloud Platform
OpenDNS
MS Cloud App Security, Microsoft Cloud App Security
 

Overview

 

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.
Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim
Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
Find out what your peers are saying about Cisco Umbrella vs. Microsoft Defender for Cloud Apps and other solutions. Updated: April 2025.
849,686 professionals have used our research since 2012.