Try our new research platform with insights from 80,000+ expert users

DefectDojo vs Microsoft Defender for Cloud comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

DefectDojo
Ranking in Vulnerability Management
40th
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
DevSecOps (11th)
Microsoft Defender for Cloud
Ranking in Vulnerability Management
8th
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
55
Ranking in other categories
Container Management (11th), Container Security (5th), Cloud Workload Protection Platforms (CWPP) (3rd), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Data Security Posture Management (DSPM) (3rd), Microsoft Security Suite (3rd), Compliance Management (2nd)
 

Featured Reviews

HS
Sep 13, 2024
Easy to use with efficient vulnerability reporting and team collaboration
Use case, so all the reports from GitLeaks, DefectDojo, GitLeaks or dependency check or Trivy, they make reports, and we send this report to DefectDojo to have CVMs, Central Vulnerability Management. DefectDojo is Central Vulnerability Management. If you have a dashboard to set, we have…
Anurag Awasthi - PeerSpot reviewer
Oct 26, 2022
Offers excellent firewall management and visibility into threats in a stable, integrated security suite
The solution's robust security posture is the most valuable feature. We have a lot of firewalls, and we can manage them in the solution through the firewall manager. We can set up an Azure firewall and centralize the management policy. The solution provides excellent visibility into threats, and it's a cloud-based integrated solution, so we don't have to worry about any third-party products or services. Microsoft provides so many options, and that's great. Defender for Cloud generates reports we can use as an assessment, as it allows us to see the services in our environment and our points of highest risk. The solution's threat intelligence helps us prepare for threats before they hit and take proactive steps, which is very useful for analysis.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"With the pipeline of detection and DefectDojo, we are able to see the real vulnerabilities, and we fix them."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"The most valuable features offer the latest threat detection and response capabilities."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"It offers virus management and addresses threats such as viruses, worms, spyware, and other critical security concerns."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"The pricing is good."
 

Cons

"We need something to notify the team responsible for a product when vulnerabilities are found."
"Features like code scanning and pipeline scanning are not included in the solution."
"The remediation process could be improved."
"Sometimes, it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or certain kinds of products. That's not an issue directly with the product, though."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"The most significant areas for improvement are in the security of our identity and endpoints and the posture of the cloud environment. Better protection for our cloud users and cloud apps is always welcome."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
 

Pricing and Cost Advice

Information not available
"Azure Defender is a bit pricey. The price could be lower."
"The product's pricing policy is generally favorable."
"Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."
"Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
"I rate Microsoft Defender a three out of ten for affordability. The price could be a little lower."
"I'm not privy to that information, but I know it's probably close to a million dollars a year."
"There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
"Our clients complain about the cost of Microsoft Defender for Cloud."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
812,580 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for DefectDojo?
The pricing is great. It is much cheaper compared to other solutions. We don't want to pay for things we are able to do on our own.
What needs improvement with DefectDojo?
We need something to notify the team responsible for a product when vulnerabilities are found. We are able to attach a team or a manager for a product, however, we are not able to send them a notif...
What is your primary use case for DefectDojo?
Use case, so all the reports from GitLeaks, DefectDojo, GitLeaks or dependency check or Trivy, they make reports, and we send this report to DefectDojo to have CVMs, Central Vulnerability Managemen...
How is Prisma Cloud vs Azure Security Center for security?
Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a...
What do you like most about Microsoft Defender for Cloud?
The entire Defender Suite is tightly coupled, integrated, and collaborative.
What is your experience regarding pricing and costs for Microsoft Defender for Cloud?
The solution is subscription-based, and while it is generally affordable, there are often hidden costs. The overall pricing could be more competitive.
 

Also Known As

No data available
Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
 

Learn More

Video not available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
Find out what your peers are saying about Tenable, Qualys, Wiz and others in Vulnerability Management. Updated: September 2024.
812,580 professionals have used our research since 2012.