• Home
  • Microsoft Defender for Cloud Apps vs. Qualys VMDR

Microsoft Defender for Cloud Apps vs Qualys VMDR comparison

Cancel
You must select at least 2 products to compare!
Lookout Logo

Lookout

Read 5 Lookout reviews
575 views|450 comparisons
71% willing to recommend
Microsoft Logo

Microsoft Defender for Cloud Apps

Read 30 Microsoft Defender for Cloud Apps reviews
9,918 views|7,615 comparisons
100% willing to recommend
Qualys Logo

Qualys VMDR

Read 76 Qualys VMDR reviews
6,866 views|5,201 comparisons
93% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cloud Access Security Brokers (CASB)
March 2024
Executive Summary
Updated on Aug 1, 2023

We compared Microsoft Defender for Cloud Apps (MDA) and Qualys VM across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:

  • Ease of Deployment: The setup process for Qualys VMDR is generally considered to be simple and quick. However, some users experienced difficulties with integration, and deployment may require technical knowledge. Microsoft Defender for Cloud Apps offers a smooth, guided setup process that can usually be completed within a few hours.
  • Features: Microsoft Defender users say that it integrates well with other applications and has good monitoring features. Qualys VM users say it is a reliable product that is easy to use. 
  • Room for Improvement: Qualys VMDR would benefit from enhancements in batch prioritization, integration,  and scanning capabilities. Microsoft Defender for Cloud Apps needs improvements in reporting, visibility, automation, and policy management.
  • Pricing: Opinions on the cost of Qualys VMDR vary. While it is generally seen as competitive, some say it could be more affordable. Microsoft Defender for Cloud Apps is considered expensive, but it offers numerous features and seamless integration with other solutions, making it a worthwhile investment.
  • ROI: Qualys VMDR is effective at identifying vulnerabilities and facilitating timely upgrades, resulting in a positive return on investment. However, there are concerns about rising costs. Microsoft Defender for Cloud Apps offers cost savings, quicker response times, fewer support calls, and improved uptime. It ensures a secure environment and is considered more affordable than its previous version.
  • Service and Support: Some Microsoft Defender reviewers said they are happy with Microsoft support, but others feel there is room for improvement. Most Qualys VM report being satisfied with the support.

Comparison Results: Qualys VMDR is commended for its prioritization mechanism, comprehensive monitoring, and vulnerability management, while Microsoft Defender for Cloud Apps is valued for its threat detection capabilities and integration with other Microsoft solutions. Both products require improvements in various areas like user experience, integration, reporting, pricing, visibility, and policy management. The pricing for both products is considered fair but expensive. Customer support for both products has received mixed reviews, with room for improvement in response time and consistency.

To learn more, read our detailed Cloud Access Security Brokers (CASB) Report (Updated: March 2024).
Download the complete report
767,667 professionals have used our research since 2012.
Featured Review
Anonymous User
User-focused design makes it easy to understand, and operations running in background provide peace of mind
All the operations that it handles happen in the background. It's not something that I have to continually use every single day. It offers a... Read more →
Sunil V Jainapur
Enables us to determine the root cause of critical incidents much faster
Defender helps us automate routine tasks. We can use templates to deploy various security solutions. It also consolidates our dashboards, so we can... Read more →
PranjalGargava
Helps with vulnerability scanning and understanding of cyber security controls
The product has helped us understand cybersecurity controls.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade.""The solution is stable.""The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices.""On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."

More Lookout Pros →

"The product helps us with privileged identity management to control who has access to what and for how long.""The product’s most valuable feature is SQL database.""Defender helps us control which applications are being used and gain more security insight into remote and hybrid users based on user identity and log in location. You can also integrate Defender for Cloud Apps with Defender for Endpoint to extend its capabilities.""I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site.""The solution does not affect a user's workflow.""I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with.""The most valuable feature is the alerting system.""If your business requirements are relatively simple, it can get the job done."

More Microsoft Defender for Cloud Apps Pros →

"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities.""The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities.""Qualys VM's best feature is vulnerability management.""Performs automated, regular scans in the network.""Detects new hosts along with vulnerabilities.""The prioritization feature is great. I think it has all of the advanced features that we need.""I am impressed with the VMDR feature.""The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities."

More Qualys VMDR Pros →

Cons
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving.""We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now.""From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products.""The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"

More Lookout Cons →

"We sometimes get errors when we create policies, which is somewhat annoying because some policies stop working due to misconfigurations. We find this challenging because it limits our options for troubleshooting an issue.""There could be more granular roles that are out of the box included in the product.""The technical support team has room for improvement.""They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing.""The integration with macOS operating systems needs to be better.""In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis.""I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet.""Defender for Cloud Apps could come with more configured policies out of the box. Also, integration could be easier. Integration is moderately difficult because Microsoft hasn't developed a solution that unifies device onboarding and management. You have to use Intune to manage devices and Defender for Endpoint to enforce policies. They need to fix their integration, but I believe they will straighten it out by the end of the year."

More Microsoft Defender for Cloud Apps Cons →

"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities.""The reporting needs improvement. It should generate much more stuff like field reports.""They have integrated with other third parties, but it is still not viable.""I would like to see this solution simplified to work more easily in a multi-cloud environment.""Improve the API speed.""The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases.""I would like to have CSPM, a continuous scan-like cloud added to the solution.""It is a struggle to be able to pull our report and to be able to do onboarding using automated tools."

More Qualys VMDR Cons →

Pricing and Cost Advice
  • "The pricing is fair; it's comparable to our previous solution, and we carried out multiple POCs and POVs (proof of value). The product is worth the money we pay for it."
  • "Lookout is definitely on the lower end when it comes to price point and that seems to be the only differentiator. The technology is in place in this space and it's really about who is coming in at the better price point now."
  • "In terms of feature performance versus cost, they're a good value."
  • "The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For example, Lookout costs 2/3rd of Prisma's licensing price."

    • More Lookout Pricing and Cost Advice →

  • "We have an educational licensing agreement. It's a customer agreement for multiple years."
  • "This product is not expensive."
  • "Our clients normally use the Microsoft E1 licensing, which is renewed yearly."
  • "The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
  • "I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
  • "Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
  • "The price could be better and should be reconsidered."
  • "It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."

    • More Microsoft Defender for Cloud Apps Pricing and Cost Advice →

  • "Usually every implementation is different and the quote is in function of number of assets."
  • "When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
  • "It is more expensive than other products on the market."
  • "They have recently changed the pricing model, which is now better than it was before."
  • "It is different for every company, but for us, it's every three years."
  • "Qualys is cheaper and more affordable than other solutions."
  • "The pricing and licensing for Qualys could be improved."
  • "The license is on a yearly basis."

    • More Qualys VMDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
    See Recommendations
    767,667 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Lookout?
    Top Answer:The solution is stable.
    Read all 4 answers   →
    What is your experience regarding pricing and costs for Lookout?
    Top Answer:The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For… more »
    Read all 4 answers   →
    What needs improvement with Lookout?
    Top Answer:The solution could improve identity integration as well. Zero trust, it's a good start as a zero-trust solution… more »
    Read all 4 answers   →
    Which is the better security solution - Cisco Umbrella or Microsoft Cloud...
    Top Answer:Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native… more »
    What do you like most about Microsoft Cloud App Security?
    Top Answer:It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications… more »
    Read all 25 answers   →
    What is your experience regarding pricing and costs for Microsoft Cloud A...
    Top Answer:Where we are right now, this is an acceptable pricing. I would like to see more transparency given to the end user. The… more »
    Read all 24 answers   →
    What is your primary use case for Qualys VM?
    Top Answer:Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many… more »
    Read all 36 answers   →
    What do you like most about Qualys VMDR?
    Top Answer:The process of defining and discovering scans is organized efficiently.
    Read all 56 answers   →
    What is your experience regarding pricing and costs for Qualys VMDR?
    Top Answer:The product is more expensive than that of any other vendor.
    Read all 33 answers   →
    Comparisons
    Also Known As
    CipherCloud
    MS Cloud App Security, Microsoft Cloud App Security
    Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
    Learn More
    Lookout
    Microsoft
    Qualys
    Overview

    Lookout is a well-established and powerful secure web gateway (SWG) solution that protects more than 200 million users from threats that can result from the penetration of unsecured web traffic into their networks. Lookout is designed to enable organizations to work remotely while maintaining a tight blanket of security over their confidential business data. It provides administrators with security that extends from their endpoints to the cloud service that they are using to run their organization’s network. 

    Users of Lookout are able to proactively detect threats and keep themselves secure from a field of threats that constantly evolves. IT teams can protect their organizations without having to rely on any other security solutions. This singular solution can run on multiple kinds of mobile devices. The privacy of individuals is preserved while keeping compliance rules intact. Additionally, users gain access to a number of tools that enable them to prevent security breaches from taking place.

    Lookout Benefits

    Some of the ways that organizations can benefit by deploying Lookout include:

    • Ease of deployment. Lookout is a solution whose design makes it easy for users to deploy it. It provides users with simple, step-by-step instructions that remove the need for organizations to devote extensive amounts of time to make sure that it is properly set up. Anyone can quickly set up the solution without undergoing technical training. 
    • Built-in support. Users of the Lookout application have access to built-in demos that can teach them how to use various solution features. Instead of spending time trying to figure out the application, users can watch the demo that is most relevant to them and see for themselves how that particular feature is used.
    • Easy-to-use user interface. Lookout’s user interface is laid out in an intuitive way that makes it easy for administrators to navigate. This interface is present in both the mobile and desktop versions of this solution. 
    • Settings customization. Lookout has a built-in settings customization menu. This makes it possible for administrators to easily customize their settings so that they best conform to their needs. 

    Lookout Features

    • Activity monitoring and activity tracking. Lookout’s activity monitoring and activity tracking capabilities enable users to keep a close eye on the activities that are taking place in their networks. IT teams and administrators have the ability to watch their networks for any unusual activity. These features ensure that organizations can keep ahead of any potential threats. They provide the kinds of insights and warnings that make the jobs of those IT teams and administrators much easier and more streamlined. 
    • Encryption. Organizations that employ Lookout can encrypt their networks and keep crucial business data from being read by unauthorized parties. This feature keeps the secrets organizations are trying to keep out of the wrong hands.
    • Anti-virus tools. Lookout provides users with tools to block threats from harming their networks. These tools can successfully block 99.6 percent of threats without raising false alarms. 

    Microsoft Defender for Cloud Apps is a comprehensive security solution that provides protection for cloud-based applications and services. It offers real-time threat detection and response, as well as advanced analytics and reporting capabilities. With Defender for Cloud Apps, organizations can ensure the security of their cloud environments and safeguard against cyber threats. Whether you're running SaaS applications, IaaS workloads, or PaaS services, Microsoft Defender for Cloud Apps can help you secure your cloud environment and protect your business from cyber threats.

    Microsoft Defender for Cloud Apps Benefits:
    • Provides comprehensive security for cloud applications
    • Integrates with other Microsoft security tools
    • Easy to use and deploy
    • Provides real-time threat detection and response
    • Strong protection against phishing attacks and other common threats
    • Highly customizable to meet specific needs of different organizations
    Microsoft Defender for Cloud Apps Use Cases:
    • Governance, authentication, security, and compliance. 
    • Detects shadow IT and anomalous user behavior
    • Controls access to applications
    • Provides auditing and filtering setups
    • Used for end-user compute devices, file monitoring, user investigation, and activity
    • Used for data governance, threat detection, and getting visibility over cloud applications
    • Used to identify information about applications beyond organizational boundaries
    • Prevent exfiltration and data filtration of corporate data
    • Used to deal with spam emails and detect shadow IT

    Reviews from Real Users

    Ram-Krish, Cloud Security & Governance at a financial services firm, says that Microsoft Defender for Cloud Apps "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need".

    PeerSpot user, Senior Cloud & Security Consultant at a tech services, writes that Microsoft Defender for Cloud Apps "Great for monitoring user activity and protecting data while integrating well with other applications".

    Simon Burgess,Infrastructure Engineer at SBITSC, states that Microsoft Defender for Cloud Apps is "A fluid, intelligent product for great visibility, centralized management, and increased uptime".

    Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time. 

    Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB), Qualys Patch Management, Custom Assessment and Remediation (CAR), Qualys TotalCloud and other Qualys and non-Qualys solutions to facilitate vulnerability detection and remediation across the entire enterprise.

    With VMDR, users are empowered with actionable risk insights that translate vulnerabilities and exploits into optimized remediation actions based on business impact. Qualys customers can now aggregate and orchestrate data from the Qualys Threat Library, 25+ threat intelligence feeds, and third-party security and IT solutions, empowering organizations to measure, communicate, and eliminate risk across on-premises, hybrid, and cloud environments.

    Sample Customers
    Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
    Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm10%
    Manufacturing Company10%
    Government7%
    REVIEWERS
    Educational Organization27%
    Financial Services Firm18%
    Government9%
    Engineering Company9%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm12%
    Manufacturing Company8%
    Government7%
    REVIEWERS
    Financial Services Firm17%
    Comms Service Provider15%
    Manufacturing Company15%
    Transportation Company11%
    VISITORS READING REVIEWS
    Educational Organization32%
    Computer Software Company11%
    Financial Services Firm11%
    Manufacturing Company6%
    Company Size
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business27%
    Midsize Enterprise27%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise14%
    Large Enterprise65%
    REVIEWERS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise41%
    Large Enterprise44%
    Buyer's Guide
    Cloud Access Security Brokers (CASB)
    March 2024
    Download Free Report
    Find out what your peers are saying about Cisco, Microsoft, Palo Alto Networks and others in Cloud Access Security Brokers (CASB). Updated: March 2024.
    DOWNLOAD NOW
    767,667 professionals have used our research since 2012.

    Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 76 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Qualys VMDR is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Forcepoint CASB, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tanium.

    We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.