We performed a comparison between Guardicore Centra and Microsoft Defender for Cloud based on real PeerSpot user reviews.Find out in this report how the two CWPP (Cloud Workload Protection Platforms) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The real bonus is the fact that we can secure applications, all the way down to the individual services, on each host. It's actually more granular security than we can get out of a traditional firewall."
"We like the centralized management of the firewalls. Until we installed Guardicore Centra, we managed all our firewalls individually, so making changes was complicated, difficult, and time-consuming."
"I found the solution to be stable."
"Guardicore Centra offers the best coverage specifically in backward compatibility with legacy operating systems."
"From day one, you get threat intelligence. It will immediately block active threats, which has been useful."
"The most valuable feature is the visibility of processes and connections."
"Threat protection is comprehensive and simple."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"It's got a lot of great features."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"The solution is very easy to deploy."
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."
"In our version, when using the terminal server, we cannot exclude user tasks for each session."
"Sometimes, the speed needs improvement, especially when it comes to the generation of maps, where it can be a bit slow."
"Customers would want to see the cost improved."
"The long-term management of the security policies could be improved with some kind of automation platform, something like Chef or Puppet or Ansible, to help you manage the policies after day-one... to then manage the policies and changes to those policies, going forward, through some type of automation process is not turning out to be really easy."
"The maps could go a bit faster. They are useful but slightly slow."
"Supports become difficult when it's for a big organization. For a small organization, medium organization, it still makes sense, however, for a big organization, it makes life difficult."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"Sometimes, it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or certain kinds of products. That's not an issue directly with the product, though."
"Azure is a complex solution. You have so many moving parts."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
Guardicore Centra is a comprehensive data center and cloud security solution that delivers the simplest way to apply micro-segmentation controls to reduce the attack surface and detect and control breaches within east-west traffic. It provides deep visibility into application dependencies and enforces network and process-level policies to protect critical applications.
Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:
- Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score
- Simplify enterprise compliance and view your compliance against regulatory requirements
- Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center
- Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Guardicore Centra is ranked 7th in CWPP (Cloud Workload Protection Platforms) with 7 reviews while Microsoft Defender for Cloud is ranked 2nd in CWPP (Cloud Workload Protection Platforms) with 30 reviews. Guardicore Centra is rated 8.4, while Microsoft Defender for Cloud is rated 8.2. The top reviewer of Guardicore Centra writes "Allowed us to build out a data center topology without worrying about placement of physical or virtual firewalls that can create bottlenecks". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides good recommendations and makes policy administration easy". Guardicore Centra is most compared with Illumio Zero Trust Segmentation, Cisco Secure Workload, VMware NSX, Prisma Cloud by Palo Alto Networks and Appgate SDP, whereas Microsoft Defender for Cloud is most compared with Microsoft 365 Defender, Prisma Cloud by Palo Alto Networks, Amazon GuardDuty, Trend Micro Cloud One Workload Security and Cisco Secure Workload. See our Guardicore Centra vs. Microsoft Defender for Cloud report.
See our list of best CWPP (Cloud Workload Protection Platforms) vendors.
We monitor all CWPP (Cloud Workload Protection Platforms) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.