• Home
  • Microsoft Defender for Cloud Apps vs. Qualys VMDR

Microsoft Defender for Cloud Apps vs Qualys VMDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cloud Access Security Brokers (CASB)
March 2023
Executive Summary
Updated on May 29, 2022

We performed a comparison betweenMicrosoft Defender for Cloud Apps (MDA) and Qualys VM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions say that their initial setup is straightforward.
  • Features: Users of both products are happy with their stability and scalability. Microsoft Defender users say that it integrates well with other applications and has good monitoring features but they would like to see better alerting capabilities. Qualys VM users say it is a reliable and solid product that is easy to use but they would like better integration options.

  • Pricing: Most reviewers of both products feel that their prices are high.

  • ROI: Reviewers of both solutions report seeing an ROI.
  • Service and Support: Some Microsoft Defender reviewers report being satisfied with the support but others feel there is room for improvement. Most Qualys VM report being satisfied with the support.

Comparison Results: Qualys VM has a slight edge in this comparison because it received higher marks than Microsoft Defender in the support category.

To learn more, read our detailed Cloud Access Security Brokers (CASB) Report (Updated: March 2023).
Download the complete report
688,083 professionals have used our research since 2012.
Featured Review
Bernd Hoehenberger
Has good technical support and is scalable and easy to deploy
Cisco Umbrella has replaced on-premises firewalls in our client's branches. Our client had one central cloud solution, and now, they no longer need... Read more →
Ibikunle Imam
Our reaction time is now faster when eliminating problems
Due to COVID, most of my users are remote. Because of that, we need to manage their applications and let them log on from home. They also have... Read more →
Tim Cranny
Good return on investment, ease of deployment, and metrics
Qualys VM has improved the way the organization functions.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It enables us to go granular in the customization of blocking some categories on the DNS.""It has certainly saved us time. If we go and look at what's rejected on the requests from the hospital itself, it has saved about 5% or 6% time.""It has improved our organization from a security posture perspective. We feel more confident now knowing that we can block phishing attempts or any type of malware that is DNS-related. This is a very nice feature that provides peace of mind.""The most valuable feature is the ability to block users from reaching places that they should not even try to reach has been a boon.""A single pane of glass saves time... This does have a lot of options available for us to see who's doing what, what trends, what errors. We can set up our alerting through it as well. It is definitely a great dashboard.""The integration features within, for example, the Cisco VPN product and the Umbrella module are valuable.""Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do.""It is user-friendly. It is easy to manage the solution."

More Cisco Umbrella Pros →

"Better logging allows us to find problems and take appropriate steps to lock them out.""The general usability of the solution is very straightforward.""If your business requirements are relatively simple, it can get the job done.""The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT.""It is very easy to use, which is what we look for in these types of solutions.""Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool.""There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works.""The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."

More Microsoft Defender for Cloud Apps Pros →

"Qualys VM's best features are vulnerability management and customizable scoring.""Qualys VM's most valuable feature is automatic detection.""The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning.""The reporting functionality is great.""The Vulnerability Management and Patch Management features are the most valuable features of this solution.""It gives a very good overview of the inventory assessment process, and it can be accessed across our company because it's a global tool.""We also like the flexibility in their licensing.""Qualys VM is very stable."

More Qualys VMDR Pros →

Cons
"Network connectivity was a bit of a challenge at the beginning, but we were able to get the right help from Cisco.""It would be good to have more extensions to third-party products and a client for other device types.""I feel that the application needs other characteristics that are available with other applications in the market.""It could be more secure. It would be better if they provided a transferring proxy as an add-on and more integration.""There is room for improvement in the dashboard. It could stand to be a bit more detailed. I would also like to be able to customize the dashboard to focus more on what is important for my company.""One of the issues with Umbrella is as you get into endpoint detection and response, such as EDR point solutions, some of them will not integrate well with Umbrella. Sometimes when you want to use technology, such as Always On VPN, it will not work. There are some looming issues as one type of technology starts to crossover with Umbrella. That is the challenge and Umbrella should find a way to be more compatible with some of the endpoint response solutions that are coming out on the market.""Their support should be improved. It is necessary that the support is efficient. It is not really easy to get a resolution for an issue from Cisco support. They should be faster and more efficient.""The locks and management could be better. The product is fairly new, and it may take some time to get all the features up and running."

More Cisco Umbrella Cons →

"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing.""Sometimes the support is actually lacking.""There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default.""It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent.""This service would be better if it had a separate license, only for this service, that could be used to track usage.""I want them to enhance in-session policy.""The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand.""Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports."

More Microsoft Defender for Cloud Apps Cons →

"Qualys VM could improve by having more skilled support personnel.""I would like to have CSPM, a continuous scan-like cloud added to the solution.""The IoT scan is not great.""Qualys VM's vulnerability scan could be improved, especially the number of CVE numbers it can manage at a time.""Endpoint stability and fault resolution could be improved.""Finding things in management can be quite difficult.""The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions.""It would be nice to have an all-in-one solution that was automated and could handle the scanning and reports as well as the patching and updating."

More Qualys VMDR Cons →

Pricing and Cost Advice
  • "It has a reasonable price. It is certainly not as expensive as it used to be. It is in line with other offerings on the market. There are a number of different flavors of Umbrella. They could bring Umbrella SIG down a bit because its price is a little bit high for what it does, but I also understand why its price is high."
  • "Cisco Umbrella is expensive and could be cheaper."
  • "When talking about Cisco solutions in general there pricing model is horrible. For example, you can sell a Meraki-based solution, but if the customer starts shopping around, someone is going to have access to the pricing at a level that you cannot compete because they do not have uniform pricing. Not everybody gets fair pricing. Unless you are one of the real major corporations selling the solution your ability to compete is impossible. Cisco will acknowledge the situation and assure you next time it will be in your favor but it never becomes favorable for you. Cisco is not very good in this regard. However, Umbrella is good."
  • "The licensing fee is paid on a yearly basis."
  • "In the region I'm from, that of EMAR, Europe, the Middle East, Eastern Asia and Africa, our organizations do not have many liquid cash assets, so the price could be better."
  • "The price depends on the use case, and it's a bit linear. But it depends on the customer's strategy and how Cisco plans to optimize the costs."
  • "We were using the free version, and we implemented the paid version about two months ago. I'm paying a fair price, but everything is negotiable with Cisco. One of the benefits that I got by having Cisco Umbrella is the licensing of the Cisco AnyConnect VPN client."
  • "There are no hidden costs with Umbrella. Everything is included in the package."

    • More Cisco Umbrella Pricing and Cost Advice →

  • "Our clients normally use the Microsoft E1 licensing, which is renewed yearly."
  • "The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
  • "I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
  • "Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
  • "The price could be better and should be reconsidered."
  • "It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
  • "We are an MST and we do not pay for the solution. However, the price of the solution could be better."
  • "The cost could be improved when you need to pay for anything. For example, refreshing files takes time to load, though it may be my Internet. To improve the refresh time, Microsoft says that we need to pay for a Premium license, and I don't like paying for things that help make a solution better."

    • More Microsoft Defender for Cloud Apps Pricing and Cost Advice →

  • "The license is on a yearly basis."
  • "We do see over $100,000 in terms of price, for mid-size programs. You likely will pay more than $100,000 without any discount. It is a bit pricey."
  • "Qualys Virtual Scanner Appliance isn't expensive right now. But the price for their product bundles could be better."
  • "I used to work there, so I never paid for the product. As an employee, we get a lifetime license for personal use, and that's what I'm using. It is a comprehensive platform, so there is a lot more to it. There could be other solutions that are probably a little bit cheaper, but it depends on what people need. Different people have different needs. It offers many things on the same platform. If you add all the things up, it should be cheaper, but I have not done any analysis specifically."
  • "There is a license for the use of this solution. We pay annually instead of monthly to receive a better discount on the price."
  • "Qualys VM is better suited for medium to large companies because the price can be too much for smaller customers."
  • "There are no additional fees in addition to the standard licensing fees."
  • "An annual license for a single scanner costs around $3,000."

    • More Qualys VMDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
    See Recommendations
    688,083 professionals have used our research since 2012.
    Questions from the Community
    Which is the better security solution - Cisco Umbrella or Zscaler?
    Top Answer: Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.… more »
    Read all 3 answers   →
    Which is the better security solution - Cisco Umbrella or Microsoft Cloud...
    Top Answer:Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native… more »
    What do you like most about Cisco Umbrella?
    Top Answer:We are very new users of the solution and are still in the exploration stages, but we are happy with the product thus… more »
    Read all 50 answers   →
    What do you like most about Microsoft Cloud App Security?
    Top Answer:One of the most valuable features is auditing. Some of the other protection services have issues with auditing… more »
    Read all 18 answers   →
    What is your experience regarding pricing and costs for Microsoft Cloud A...
    Top Answer:The pricing is in the middle. It isn't too cheap or expensive compared to other antivirus or security products. It is… more »
    Read all 17 answers   →
    What needs improvement with Microsoft Cloud App Security?
    Top Answer:We sometimes get errors when we create policies, which is somewhat annoying because some policies stop working due to… more »
    Read all 18 answers   →
    What do you like most about Qualys VM?
    Top Answer:Qualys VM has allowed us to know the vulnerabilities we need to prioritize based on the threat levels and the possible… more »
    Read all 30 answers   →
    What is your experience regarding pricing and costs for Qualys VM?
    Top Answer:Qualys VM is reasonably priced.
    Read all 19 answers   →
    What needs improvement with Qualys VM?
    Top Answer:Qualys VM's machine learning and artificial intelligence features could be improved.
    Read all 30 answers   →
    Comparisons
    Also Known As
    OpenDNS
    MS Cloud App Security, Microsoft Cloud App Security
    Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
    Learn More
    Cisco
    Microsoft
    Qualys
    Overview

    Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.

    Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.

    Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.

    Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.

    Why use Cisco Umbrella?

    • Simplify security management: Cisco Umbrella is the fastest and easiest way to protect all users within minutes and reduces the number of infections and alerts sent from other security products by stopping threats at the earliest point. With no hardware to install and no software to manually update, ongoing management is simple

    • Reliable reporting: Cisco Umbrella reports show activity for each device or network in the system. Users gain a more complete picture of the security risks facing their organization and can take action to remedy them.

    • Manage and control cloud apps: Umbrella provides visibility into sanctioned and unsanctioned cloud services in use across the enterprise. Users can uncover new services being used, see who is using them, identify potential risk, and block specific applications easily.

    Reviews from Real Users

    Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.

    Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”

    Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”

    Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that provides multifunction visibility, control over data travel, and sophisticated analytics. With Microsoft Cloud App Security, you can: 

    - Manage, control, and audit apps to streamline cloud access security

    - Mange your access to resources to discover shadow IT and understand your digital information estate

    - Use real-time controls to enable threat protection on all the access points that touch your environment

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure its true risk, and track risk reduction over time.

    Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB) and patch management solutions to quickly discover, prioritize, and automatically remediate vulnerabilities at scale to reduce risk. Additionally, it integrates with ITSM solutions such as ServiceNow to automate and operationalize vulnerability management end-to-end.

    Get an all-Inclusive risk-based vulnerability management solution that prioritizes vulnerabilities, misconfigurations and assets based on risk, reduces risk by remediating vulnerabilities at scale, and helps organizations measure security program effectiveness by tracking risk reduction over time.

    Offer
    Learn more about Cisco Umbrella
    Learn More
    Learn more about Microsoft Defender for Cloud Apps
    Learn More
    Learn more about Qualys VMDR
    Learn More
    Sample Customers
    Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim
    Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
    Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
    Top Industries
    REVIEWERS
    Financial Services Firm14%
    Comms Service Provider10%
    Healthcare Company8%
    Educational Organization8%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider9%
    Financial Services Firm9%
    Government6%
    REVIEWERS
    Educational Organization38%
    Computer Software Company13%
    Construction Company13%
    Financial Services Firm13%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm11%
    Comms Service Provider8%
    Government7%
    REVIEWERS
    Financial Services Firm22%
    Comms Service Provider16%
    Manufacturing Company11%
    Transportation Company8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Educational Organization8%
    Government7%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise24%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    REVIEWERS
    Small Business23%
    Midsize Enterprise32%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise65%
    REVIEWERS
    Small Business20%
    Midsize Enterprise15%
    Large Enterprise65%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise19%
    Large Enterprise61%
    Buyer's Guide
    Cloud Access Security Brokers (CASB)
    March 2023
    Download Free Report
    Find out what your peers are saying about Cisco, Microsoft, Netskope and others in Cloud Access Security Brokers (CASB). Updated: March 2023.
    DOWNLOAD NOW
    688,083 professionals have used our research since 2012.

    Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 19 reviews while Qualys VMDR is ranked 3rd in Vulnerability Management with 29 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Qualys VMDR is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Qualys VMDR writes "Excellent continuous monitoring, helpful technical support, easy to scale, and simple to install". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Netskope CASB, Prisma SaaS by Palo Alto Networks, Infoblox Advanced DNS Protection and Skyhigh Security, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable.sc, Rapid7 InsightVM, Tenable.io Vulnerability Management and Aqua Security.

    We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.