Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Cloud Apps vs Qualys VMDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

iboss
Sponsored
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
19
Ranking in other categories
Secure Web Gateways (SWG) (5th), Internet Security (3rd), Web Content Filtering (1st), Cloud Access Security Brokers (CASB) (7th), ZTNA as a Service (8th), Secure Access Service Edge (SASE) (8th)
Microsoft Defender for Clou...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
40
Ranking in other categories
Cloud Access Security Brokers (CASB) (4th), Advanced Threat Protection (ATP) (14th), Microsoft Security Suite (12th)
Qualys VMDR
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
95
Ranking in other categories
IT Asset Management (6th), Vulnerability Management (2nd), Configuration Management Databases (2nd), Container Security (9th), Risk-Based Vulnerability Management (1st)
 

Mindshare comparison

Cloud Access Security Brokers (CASB) Market Share Distribution
ProductMarket Share (%)
Microsoft Defender for Cloud Apps8.9%
Prisma Access by Palo Alto Networks17.9%
Netskope14.9%
Other58.300000000000004%
Cloud Access Security Brokers (CASB)
Vulnerability Management Market Share Distribution
ProductMarket Share (%)
Qualys VMDR6.9%
Wiz10.8%
Tenable Nessus8.0%
Other74.3%
Vulnerability Management
 

Featured Reviews

Matt Crockford - PeerSpot reviewer
It's easy to roll out, and their understanding of our business made it seamless
One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured
Abdulrahman Muhammadi - PeerSpot reviewer
Integration with existing cloud workflows has simplified compliance and threat detection
Licensing cost is a significant concern. With Defender Plan 1, Microsoft Defender for Cloud Apps comes with a pay-per-use model. Each feature has its own pricing when activated on VMs. For example, the vulnerability assessment has separate pricing, the base model including encryptions has separate pricing, and the compliance features have separate pricing. This applies to each VM and Azure resource individually. It is not straightforward where you can take one license and apply it to everything. Each feature has its own pricing model which can be tedious, as the costs keep accumulating. The only lacking feature currently is XDR (extended detection and response). Apart from that, I have only positive experiences with the whole Microsoft suite, except for the pricing structure.
Ankesh Raj - PeerSpot reviewer
Real-time responses and reporting streamline vulnerability management
Qualys VMDR provides a real-time response and reporting feature, which is excellent. It allows us to see real-time graphs and reports for every asset, server, and more, which is very user-friendly. Our clients have given good feedback, and they are satisfied with the tool. We use it daily to fix vulnerabilities by connecting with infrastructure to remediate. The feedback from the client side is very good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times."
"iboss has significantly lowered the number of security incidents. It is crazy how much it blocks and how much it is aware of the outside danger."
"The console is cloud-based, which is something I really appreciate."
"I would definitely recommend iboss for web filtering purposes to other organizations or individuals."
"iboss is among the few products providing inline filtering where no application is needed on the device."
"Granular setup, which was able to set different levels of filters using the OUs in the AD."
"First of all, the security policies are essential. I do not have to rely solely on Active Directory for our users."
"Valuable features: Within the filter: Controls (Web categories, applications, and Allow/Block list) and Network (local Subnets). Within the reporter: Logs (Event Log) and Reports."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"I would rate it a ten because I have not experienced any stability issues so far with Defender for Cloud Apps."
"The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT."
"All of the features are valuable because all of the features are related."
"The most effective features for data protection are data loss prevention (DLP) and data classification."
"Defender for Cloud Apps has given us good visibility regarding what we've allowed into our environment until now."
"The impact of Microsoft Defender for Cloud Apps on our organization's ability to assess and manage app related risks has been significant because we have more visibility."
"Defender for Cloud Apps has given us good visibility regarding what we've allowed in our environment until now. It helps us to know our inventory, understand what our customers are using, and steer them toward safer practices."
"Provides great functionality."
"Detects new hosts along with vulnerabilities."
"It allowed us to divide tasks easily among teammates, significantly improving efficiency."
"Authenticated scans provide different options, including those using or not using the FactSet and adding option profiles."
"It's stable and quite reliable."
"There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features."
"I like Qualys because it is a very complete product, more so than Tenable."
"The most valuable features of Qualys VM are its ability to do proper vulnerability assessment. It has a lot of updates for all the vulnerability databases from all over the globe. It's an amazing solution when it comes to the versatility of the features it has. Additionally, the reports are very good. It generates very detailed reports about the vulnerabilities inside the environment"
 

Cons

"Regarding pricing, setup costs, and licensing, iboss is not cheap, and that's my only concern."
"The reporting feature needs improvement."
"Their on-premise hardware's network interface is capped at one gigabit, which is sort of a problem. If you stand a filter up where all traffic flows through that, according to them, in order to go above a gigabit, you have to have multiple devices, which in today's IT seems a little bit silly. They could easily put in an SFP port into their device that could accommodate 10 gigs or at least offer a box."
"Its pricing could be better."
"If they could implement an extra security layer preventing access to iboss from the open internet, it would be great."
"Sometimes the agent stops working in iboss, and we have to reinstall the agent."
"For zero trust implementation, we encountered complexity issues, especially with a large infrastructure company ExxonMobil."
"The area I would like to see improvement in is the ability with in the reporter to navigate directly to the content the user is traversing. It is kind of there, but it's not perfect. Quite frequently, I receive links that lead me to pages with error messages."
"Generally, the pricing can always be improved along with the management system."
"The interface needs to be more user-friendly."
"Licensing cost is a significant concern. With Defender Plan 1, Microsoft Defender for Cloud Apps comes with a pay-per-use model."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"The insights could be improved, especially in reporting."
"The product is very good so far, however, it would be better if it could include more up-to-date threat protection."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"Defender for Cloud apps is primarily useful for Azure apps. It has limited capabilities for applications based on other cloud platforms."
"Finding things in management can be quite difficult."
"When tested on Zero day, there were errors."
"They can tweak their UI since the new version seems a bit jumbled up, and the old UI was more user-friendly."
"The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions."
"They should make it accessible for more operating systems."
"Qualys does have an on-prem solution, but it is very expensive."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"Improve the API speed."
 

Pricing and Cost Advice

"It is probably in line with other solutions, but I do not deal with the financial side."
"We have not priced the solution recently, but they were competitive with other vendors in the past."
"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."
"The overall pricing for iboss is very competitive and transparent."
"It is expensive compared to one of its competitors."
"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."
"It has pretty good pricing."
"Our clients normally use the Microsoft E1 licensing, which is renewed yearly."
"The product's pricing seems fair."
"The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
"We have an educational licensing agreement. It's a customer agreement for multiple years."
"Where we are right now, this is an acceptable pricing. I would like to see more transparency given to the end user. The end user given to us is via the cloud service provider. There are different programs and license models. Some include this, and some include that. It is all over the place. There can be a little more consistency or simplification in the pricing so that your parts list is not ten pages long, and you are not trying to determine, "If I have an E3, does this cover that?", or "Do I need to pay separately for the license?" Simplification would probably be better."
"It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
"We are an MST and we do not pay for the solution. However, the price of the solution could be better."
"An annual license for a single scanner costs around $3,000."
"There is a license for the use of this solution. We pay annually instead of monthly to receive a better discount on the price."
"The pricing is very competitive."
"They have recently changed the pricing model, which is now better than it was before."
"It is different for every company, but for us, it's every three years."
"The pricing and licensing for Qualys could be improved."
"It is a high cost product. Compared to the other solutions, it is around 15 to 20% higher in cost."
"Qualys VM is better suited for medium to large companies because the price can be too much for smaller customers."
report
Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
867,445 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
9%
Government
6%
Computer Software Company
13%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
Financial Services Firm
16%
Computer Software Company
12%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise6
Large Enterprise5
By reviewers
Company SizeCount
Small Business13
Midsize Enterprise10
Large Enterprise18
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise12
Large Enterprise69
 

Questions from the Community

What needs improvement with iboss?
For zero trust implementation, we encountered complexity issues, especially with a large infrastructure company Exxon...
What is your primary use case for iboss?
Previously when I used iboss, we did the POC for iboss for ExxonMobil. Four or five people wanted to move from our ol...
What is your experience regarding pricing and costs for iboss?
Regarding pricing, setup costs, and licensing, iboss is not cheap, and that's my only concern. There are cheaper alte...
Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?
Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-nat...
What do you like most about Microsoft Cloud App Security?
It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notificatio...
What is your experience regarding pricing and costs for Microsoft Cloud App Security?
My impression on the pricing, setup costs, and licensing of Microsoft Defender for Cloud Apps is that it's fair. I do...
What do you like most about Qualys VMDR?
I like that we have many scanners and channels that don't overload. It helps us scan and track easily. Also, the tagg...
What is your experience regarding pricing and costs for Qualys VMDR?
Qualys offers better pricing and is feature-packed compared to other tools.
What needs improvement with Qualys VMDR?
There were some issues later with Qualys VMDR regarding security, specifically with numerous false positive reports.
 

Also Known As

iBoss Cloud Platform
MS Cloud App Security, Microsoft Cloud App Security
Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security
 

Overview

 

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.
Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
Find out what your peers are saying about Palo Alto Networks, Cisco, Netskope and others in Cloud Access Security Brokers (CASB). Updated: August 2025.
867,445 professionals have used our research since 2012.