We performed a comparison betweenMicrosoft Defender for Cloud Apps (MDA) and Qualys VM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Qualys VM has a slight edge in this comparison because it received higher marks than Microsoft Defender in the support category.
"It enables us to go granular in the customization of blocking some categories on the DNS."
"It has certainly saved us time. If we go and look at what's rejected on the requests from the hospital itself, it has saved about 5% or 6% time."
"It has improved our organization from a security posture perspective. We feel more confident now knowing that we can block phishing attempts or any type of malware that is DNS-related. This is a very nice feature that provides peace of mind."
"The most valuable feature is the ability to block users from reaching places that they should not even try to reach has been a boon."
"A single pane of glass saves time... This does have a lot of options available for us to see who's doing what, what trends, what errors. We can set up our alerting through it as well. It is definitely a great dashboard."
"The integration features within, for example, the Cisco VPN product and the Umbrella module are valuable."
"Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do."
"It is user-friendly. It is easy to manage the solution."
"Better logging allows us to find problems and take appropriate steps to lock them out."
"The general usability of the solution is very straightforward."
"If your business requirements are relatively simple, it can get the job done."
"The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT."
"It is very easy to use, which is what we look for in these types of solutions."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"Qualys VM's best features are vulnerability management and customizable scoring."
"Qualys VM's most valuable feature is automatic detection."
"The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning."
"The reporting functionality is great."
"The Vulnerability Management and Patch Management features are the most valuable features of this solution."
"It gives a very good overview of the inventory assessment process, and it can be accessed across our company because it's a global tool."
"We also like the flexibility in their licensing."
"Qualys VM is very stable."
"Network connectivity was a bit of a challenge at the beginning, but we were able to get the right help from Cisco."
"It would be good to have more extensions to third-party products and a client for other device types."
"I feel that the application needs other characteristics that are available with other applications in the market."
"It could be more secure. It would be better if they provided a transferring proxy as an add-on and more integration."
"There is room for improvement in the dashboard. It could stand to be a bit more detailed. I would also like to be able to customize the dashboard to focus more on what is important for my company."
"One of the issues with Umbrella is as you get into endpoint detection and response, such as EDR point solutions, some of them will not integrate well with Umbrella. Sometimes when you want to use technology, such as Always On VPN, it will not work. There are some looming issues as one type of technology starts to crossover with Umbrella. That is the challenge and Umbrella should find a way to be more compatible with some of the endpoint response solutions that are coming out on the market."
"Their support should be improved. It is necessary that the support is efficient. It is not really easy to get a resolution for an issue from Cisco support. They should be faster and more efficient."
"The locks and management could be better. The product is fairly new, and it may take some time to get all the features up and running."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
"Sometimes the support is actually lacking."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent."
"This service would be better if it had a separate license, only for this service, that could be used to track usage."
"I want them to enhance in-session policy."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports."
"Qualys VM could improve by having more skilled support personnel."
"I would like to have CSPM, a continuous scan-like cloud added to the solution."
"The IoT scan is not great."
"Qualys VM's vulnerability scan could be improved, especially the number of CVE numbers it can manage at a time."
"Endpoint stability and fault resolution could be improved."
"Finding things in management can be quite difficult."
"The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions."
"It would be nice to have an all-in-one solution that was automated and could handle the scanning and reports as well as the patching and updating."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 19 reviews while Qualys VMDR is ranked 3rd in Vulnerability Management with 29 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Qualys VMDR is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Qualys VMDR writes "Excellent continuous monitoring, helpful technical support, easy to scale, and simple to install". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Netskope CASB, Prisma SaaS by Palo Alto Networks, Infoblox Advanced DNS Protection and Skyhigh Security, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable.sc, Rapid7 InsightVM, Tenable.io Vulnerability Management and Aqua Security.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.