Microsoft Defender for Cloud Apps vs Threat Stack Cloud Security Platform [EOL] comparison

The compared Microsoft and F5 solutions aren't in the same category. Microsoft is ranked #4 in CASB , with an average rating of 8.4, and holds a 9.5% mindshare in the category. Additionally, 100% of Microsoft users are willing to recommend the solution, compared to 88% of F5 users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Microsoft Defender for Cloud Apps and Threat Stack Cloud Security Platform [EOL] based on real PeerSpot user reviews.

Find out what your peers are saying about Palo Alto Networks, Cisco, Netskope and others in Cloud Access Security Brokers (CASB).

To learn more, read our detailed Cloud Access Security Brokers (CASB) Report (Updated: July 2025).

Buyer's Guide

Cloud Access Security Brokers (CASB)

July 2025

Download the complete report

Helped 865,164 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

iboss

Featured Reviews

Matt Crockford

Head of Cybersecurity at SES Water

It's easy to roll out, and their understanding of our business made it seamless

One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured

Read full review

Jagadeesh Gunasekaran

Cyber security engineer at a tech services company with 10,001+ employees

Saves us time, has good visibility, and a single dashboard

The solution is user-friendly and provides great visibility into threats. There are easy options available for specific workflow inspections. We can also get support by going through the Microsoft documentation, which is straightforward. Microsoft Defender for Cloud Apps helps us prioritize threats across our enterprise. It covers us from a compliance perspective and protects our organization's data. Data protection is a very important aspect of any new organization, as we need to protect our data from both external attacks and insider threats. Microsoft Defender for Cloud Apps helps us monitor for abnormal activity by insiders, which is one of the most important access points for attackers today. Additionally, the different cloud apps that Defender for Cloud Apps supports provide us with much more visibility into potential threats and activities on the internet. We have integrated Microsoft Defender for Cloud Apps alerts with Sentinel. The integration is straightforward. We can find the configuration details on Microsoft's official documentation website. If we are familiar with how Microsoft products work, we will be able to follow the instructions clearly. Microsoft Defender for Cloud Apps and Sentinel work natively together to deliver coordinated detection and response across our environment. Our integrated Microsoft solutions provide comprehensive threat protection, covering most of the tactics and techniques relevant to the MITRE ATT&CK framework. Sentinel allows us to ingest data from our entire ecosystem. When implementing an SIEM solution, there are always prerequisites such as Active Directory logs, security logs, firewall logs, and DNS logs. These are important logs that need to be ingested into the environment. Sentinel has many third-party connectors available that make integrations straightforward. Microsoft provides the configuration details in the Sentinel platform. It is important to integrate all relevant log sources into the SIEM solution so that we can detect and be alerted to any type of threat factor, whether it is from an internal or external source. Integrating third-party solutions into the platform requires a separate configuration, but Microsoft provides the necessary information. However, we need to have the appropriate permissions to execute these setups. Sentinel provides a centralized dashboard that covers threat management and configuration. It gives us complete insight into what entities are accessing, as well as full details for investigation. We can see how the alerts and threats are relevant to suspicious activities, whether they are related to malicious IP addresses, suspicious ASHAs, or any other indicators of compromise. All of this relevant data can be seen in a single pane. Recently, Microsoft introduced a new investigation experience in a single pane. This means that we can now get a lot of details in a single pane, without having to go there and execute a query. There are a lot of new insights being developed in the Sentinel platform these days. It has software intelligence. They recently introduced Microsoft Defender Threat Intelligence, which covers almost all IOCs. This protects organizational assets from threats and suspicious traffic associated with IOCs. If a match is found, alerts are generated. This is a very interesting feature. Another great feature is automation and logic apps. We can create a number of operations, such as posting in a team's channel if a severe incident occurs or sending an email notification. There are many operations available, so we can automate a lot of tasks. Microsoft Defender for Cloud Apps helps us stay compliant. It has predefined mechanisms in place to prevent attacks. For example, if an external user tries to access our SharePoint folders or files, an attack will be blocked. This is why it is important to give appropriate access to guest users. Microsoft Defender for Cloud Apps has many features and benefits. It provides a number of policies that can be configured to meet the specific needs of our security team. These policies can be used to customize cloud applications so that only authorized users can access them and perform operations that benefit the organization. In terms of safety and security, Microsoft Defender for Cloud Apps is top-notch. Using the solution's automation features, we can suppress false positive alerts. We can also close alerts, lower their severity from "high" to "low" or "informational," or close them immediately with the appropriate commands. This will depend on the configuration automation rule and the perspective from which we are testing. Microsoft Defender for Cloud Apps provides a single console. We are also provided with Microsoft templates to enable workbooks instantly. Alternatively, we can build our own customized workbooks to provide better insights and improve our SOC efficiency and overall performance. Consolidating all of our security data into one dashboard has saved our security operations team a significant amount of time. From an analyst's perspective, it is now much easier to correlate events, investigate alerts, and visualize specific entities. For example, an analyst can quickly see all of the alerts associated with a particular IP address, or they can view all of the activity for a specific entity over the past 24 hours or 7 days. This level of detail and insight would not be possible if our data were siloed in multiple dashboards. The single dashboard saves our operations approximately 20 hours per week by eliminating the need to access multiple consoles and tabs. Microsoft Defender for Cloud Apps threat intelligence can help us prepare for potential threats before they happen. However, it depends on how we develop the policies for the database to block or ignore things in our environment.

Read full review

Skyler Cain

Software Development Manager at Rent Dynamics

SecOps program for us, as a smaller company, is amazing; they know what to look for

They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter. Even as part of the SecOps Program, that could be helpful; a quick analysis. They're analyzing our whole infrastructure and saying, "You have one VPC and that doesn't make a lot of sense, that should be multiple VPCs and here's why." The architecture of the servers in whatever cloud-hosting provider you're on could be helpful. Other than that, they should continue to expand on their notifications and on what's a vulnerability. They do a great job of that and we want them to continue to do that. It would be cool, since the agent is already deployed and they know about the server, they know the IP address, and they know what vulnerability is there, for them to test the vulnerability and see if they can actually exploit it. Or, once we patch it, they could double-check that it can't be. I don't know how hard that would be to build. Thinking on it off the top off my head, it could be a little challenging but it could also be highly interesting. It would also be great if we could test a couple of other features like hammering a server with 100 login attempts and see what happens. Real test scenarios could be really helpful. That is probably more something close to what they do with the SOC 2 audit or the report. But more visualization of that, being able to test things out on our infrastructure to make sure we can or can't hit this box could be interesting.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Because of iboss, I did not have to assign web filtering tasks to my techs on a daily basis."

"I would rate the technical support of iboss a solid 10 without a shadow of a doubt."

"It was a very easy product to install. It can be deployed very fast."

"The iboss system is highly reliable. The false positive rates are small compared to some other systems we've experienced through other partner agencies who use competing solutions."

"iboss is easy to use despite its complexity. Multiple engineers manage it, but it's significantly more straightforward to administer than traditional VPNs and web proxies."

"Its initial setup was straightforward."

"From a use-case scenario, what I like the most is the plug-in. I like the fact that we can do the filtering of these devices offsite independent of the network they are connected to, and we do not have to have traffic coming back inside our network."

"Granular setup, which was able to set different levels of filters using the OUs in the AD."

More iboss pros

"Shadow IT discovery is the feature I like the most."

"The most valuable feature is the seamless integration across different clouds."

"The most effective features for data protection are data loss prevention (DLP) and data classification."

"The most valuable feature is the alerting system."

"The solution does not affect a user's workflow."

"It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place."

"The most valuable feature is its policy implementation."

"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."

More Microsoft Defender for Cloud Apps pros

"We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity."

"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal."

"There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be."

"The most valuable feature is the SecOps because they have our back and they help us with the reports... It's like having an extension of your team. And then, it grows with you."

"It is scalable. It deploys easily with curl and yum."

"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."

"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."

"We're using it on container to see when activity involving executables happens, and that's great."

More Threat Stack Cloud Security Platform [EOL] pros

Cons

"To scale up, a new iboss Node Blade Chassis must be purchased."

"If they could implement an extra security layer preventing access to iboss from the open internet, it would be great."

"The reporting feature needs improvement. It doesn't give you the expected results. It is quite difficult to get the specific reports needed, and it is not as intuitive as the rest of the platform."

"Sometimes the agent stops working in iboss, and we have to reinstall the agent."

"The reporting feature needs improvement."

"The dashboards for local use could be better."

"For zero trust implementation, we encountered complexity issues, especially with a large infrastructure company ExxonMobil."

"Its pricing could be better."

More iboss cons

"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."

"The documentation could be improved as it is not updated immediately when Microsoft makes changes. Users must wait a few weeks for the changes to be reflected in the documentation."

"It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent."

"Defender for Cloud apps is primarily useful for Azure apps. It has limited capabilities for applications based on other cloud platforms."

"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."

"The integration with macOS operating systems needs to be better."

"I would like for it to be available on Mac and for it to support all of the features of Microsoft financing products. It is really for Windows."

"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."

More Microsoft Defender for Cloud Apps cons

"Some features do not work as expected."

"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."

"The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it."

"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."

"It shoots back a lot of alerts."

"The compliance and governance need improvement."

"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."

"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."

More Threat Stack Cloud Security Platform [EOL] cons

Pricing and Cost Advice

"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."

"We have not priced the solution recently, but they were competitive with other vendors in the past."

"It is probably in line with other solutions, but I do not deal with the financial side."

"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."

"The overall pricing for iboss is very competitive and transparent."

"It is expensive compared to one of its competitors."

"Microsoft offers bundle discounts and a pay-as-you-go option."

"The E5 license offers everything bundled. People are moving to Microsoft because you buy one license and it gives you everything."

"It has pretty good pricing."

"The pricing is in the middle. It isn't too cheap or expensive compared to other antivirus or security products. It is priced according to industry standards."

"It has fair pricing. You pay for what you get. As far as I know, there are no costs in addition to the standard licensing fee."

"The pricing is fair."

"We are an MST and we do not pay for the solution. However, the price of the solution could be better."

"The cost could be improved when you need to pay for anything. For example, refreshing files takes time to load, though it may be my Internet. To improve the refresh time, Microsoft says that we need to pay for a Premium license, and I don't like paying for things that help make a solution better."

More Microsoft Defender for Cloud Apps pricing and cost advice

"It came in cheaper than Trend Micro when we purchased it a few years ago."

"We find the licensing and pricing very easy to understand and a good value for the services provided."

"What we're paying now is somewhere around $15 to $20 per agent per month, if I recall correctly. The other cost we have is SecOps."

"It is very expensive compared to some other products. The pricing is definitely high."

"I'm happy with the amount that we spend for the product that we get and the overall service that we get. It's not cheap, but I'm still happy with the spend."

"Pricing seems to be in line with the market structure. It's fine."

"It is a cost-effective choice versus other solutions on the market."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.

See recommendations

865,164 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

12%

Financial Services Firm

11%

Manufacturing Company

Healthcare Company

Computer Software Company

14%

Financial Services Firm

11%

Manufacturing Company

Government

Manufacturing Company

12%

Performing Arts

12%

University

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What needs improvement with iboss?

For zero trust implementation, we encountered complexity issues, especially with a large infrastructure company Exxon...

See all answers

What is your primary use case for iboss?

Previously when I used iboss, we did the POC for iboss for ExxonMobil. Four or five people wanted to move from our ol...

See all answers

What is your experience regarding pricing and costs for iboss?

Regarding pricing, setup costs, and licensing, iboss is not cheap, and that's my only concern. There are cheaper alte...

See all answers

Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?

Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-nat...

See all answers

What do you like most about Microsoft Cloud App Security?

It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notificatio...

See all answers

What is your experience regarding pricing and costs for Microsoft Cloud App Security?

My impression on the pricing, setup costs, and licensing of Microsoft Defender for Cloud Apps is that it's fair. I do...

See all answers

Ask a question

Earn 20 points

Comparisons

Zscaler Internet Access vs iboss

Compared 15% of the time

Cisco Umbrella vs iboss

Compared 14% of the time

Netskope vs iboss

Compared 13% of the time

Prisma Access by Palo Alto Networks vs iboss

Compared 11% of the time

Check Point Harmony SASE (formerly Perimeter 81) vs iboss

Compared 9% of the time

More iboss Competitors

Zscaler Internet Access vs Microsoft Defender for Cloud Apps

Compared 20% of the time

Cisco Umbrella vs Microsoft Defender for Cloud Apps

Compared 14% of the time

Netskope vs Microsoft Defender for Cloud Apps

Compared 11% of the time

Prisma Access by Palo Alto Networks vs Microsoft Defender for Cloud Apps

Compared 6% of the time

Skyhigh Security vs Microsoft Defender for Cloud Apps

Compared 5% of the time

More Microsoft Defender for Cloud Apps Competitors

BMC Helix Cloud Security vs Threat Stack Cloud Security Platform [EOL]

Compared 20% of the time

Netskope vs Threat Stack Cloud Security Platform [EOL]

Compared 15% of the time

Cisco IOS Security vs Threat Stack Cloud Security Platform [EOL]

Compared 13% of the time

Check Point CloudGuard CNAPP vs Threat Stack Cloud Security Platform [EOL]

Compared 12% of the time

Palo Alto Networks Advanced Threat Prevention vs Threat Stack Cloud Security Platform [EOL]

Compared 11% of the time

More Threat Stack Cloud Security Platform [EOL] Competitors

Product Reports

Buyer's Guide

iboss

August 2025

Download iboss product report

Buyer's Guide

Microsoft Defender for Cloud Apps

August 2025

Microsoft Defender for Cloud Apps report

Download Microsoft Defender for Cloud Apps product report

Buyer's Guide

Threat Stack Cloud Security Platform [EOL]

July 2025

Threat Stack Cloud Security Platform [EOL] report

Download Threat Stack Cloud Security Platform [EOL] product report

Also Known As

iBoss Cloud Platform

MS Cloud App Security, Microsoft Cloud App Security

Threat Stack, CSP,

Overview

iboss offers a comprehensive security platform designed for diverse use cases such as web filtering, data loss protection, corporate proxy services, and URL filtering.

iboss integrates advanced features to address dynamic security needs, leveraging its strength in SASE, ZTNA, AI initiatives, and cloud integration, while ensuring seamless operations for remote work. It excels in historical forensics, malware protection, and flexible cloud deployments. Users benefit from comprehensive traffic scanning, robust malware detection, and PaaS capabilities that reduce hardware management. An intuitive admin console ensures efficient management with content filtering and low false positives. SSL decryption enhances security, while DLP protects data in AI conversations. Deployment is rapid and scalable, allowing effortless integration with emerging technologies.

What features does iboss offer?

Granular Web Filtering: Provides precise control over web content access.
Traffic Scanning: Monitors data through multiple ports for security breaches.
Malware Detection: Ensures superior protection against malware threats.
PaaS Capabilities: Eliminates need for hardware management.
SSL Decryption: Enhances data protection by decrypting secure connections.
DLP Capabilities: Safeguards data during AI interactions.

What benefits and ROI should users consider?

Scalability: Adapts quickly to growing demands and emerging tech integration.
Rapid Deployment: Reduces time to implement security measures.
User-Friendly Admin Console: Facilitates efficient operations management.
Low False Positives: Increases accuracy of threat detection systems.

iboss finds significant application in sectors such as education, where web filtering for K-12 is crucial, and in corporate environments requiring robust proxy services and URL filtering for network security. Its adaptability is essential in scenarios demanding flexible, decentralized security frameworks, particularly for remote work setups.

iboss

Microsoft Defender for Cloud Apps is a comprehensive security solution that provides protection for cloud-based applications and services. It offers real-time threat detection and response, as well as advanced analytics and reporting capabilities. With Defender for Cloud Apps, organizations can ensure the security of their cloud environments and safeguard against cyber threats. Whether you're running SaaS applications, IaaS workloads, or PaaS services, Microsoft Defender for Cloud Apps can help you secure your cloud environment and protect your business from cyber threats.

Microsoft Defender for Cloud Apps Benefits:

Provides comprehensive security for cloud applications
Integrates with other Microsoft security tools
Easy to use and deploy
Provides real-time threat detection and response
Strong protection against phishing attacks and other common threats
Highly customizable to meet specific needs of different organizations

Microsoft Defender for Cloud Apps Use Cases:

Governance, authentication, security, and compliance.
Detects shadow IT and anomalous user behavior
Controls access to applications
Provides auditing and filtering setups
Used for end-user compute devices, file monitoring, user investigation, and activity
Used for data governance, threat detection, and getting visibility over cloud applications
Used to identify information about applications beyond organizational boundaries
Prevent exfiltration and data filtration of corporate data
Used to deal with spam emails and detect shadow IT

Reviews from Real Users

Ram-Krish, Cloud Security & Governance at a financial services firm, says that Microsoft Defender for Cloud Apps "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need".

PeerSpot user, Senior Cloud & Security Consultant at a tech services, writes that Microsoft Defender for Cloud Apps "Great for monitoring user activity and protecting data while integrating well with other applications".

Simon Burgess,Infrastructure Engineer at SBITSC, states that Microsoft Defender for Cloud Apps is "A fluid, intelligent product for great visibility, centralized management, and increased uptime".

Microsoft

Threat Stack Cloud Security Platform [EOL] offers robust security features including endpoint monitoring, rule customization, and integration capabilities, with easy connectivity to cloud services like Docker and AWS.

Threat Stack Cloud Security Platform [EOL] provides tools for enhancing security visibility across cloud infrastructure. It supports AWS and Docker integration, facilitating efficient threat detection and management. Users appreciate its capability to configure customizable alerts and monitor endpoints, sessions, API interactions, and cloud services. However, there are areas needing improvement, such as better serverless environment support and reduced alert frequency. The platform services smaller organizations by compensating for limited security resources with its comprehensive monitoring and auditing tools.

What are the key features?

Easy Cloud Service Integration: Streamlined connectivity with Docker and AWS for efficient monitoring.
Customizable Rule Sets: Tailor security rules to meet specific organizational needs.
Email Alerts: Receive timely notifications about security events and threats.
Interactive Session Monitoring: Track live sessions for suspicious activities.
API Integration: Connect effortlessly with third-party tools for an enhanced security posture.
SecOps Support: Assistance for organizations lacking dedicated security teams.

What are the benefits and ROI features?

Streamlined Threat Detection: Effective process monitoring to identify potential threats.
Cost Efficiency: Serves companies with limited resources by providing essential security functions.
Comprehensive Audits: Helps in regular examinations of cloud infrastructure, enhancing compliance.
Visibility into Cloud Operations: Offers a detailed dashboard for threat visibility and monthly vulnerability assessments.

In specific industries, Threat Stack Cloud Security Platform [EOL] is utilized for its strength in monitoring cloud infrastructure and preventing unauthorized access. Organizations in fields where cloud operations are critical use it for regular audits and monitoring. Its capabilities in threat management are leveraged to maintain secure operations and compliance, especially where there is no dedicated security team.

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.

Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.

StatusPage.io, Walkbase, Spanning, DNAnexus, Jobcase, Nextcapital, Smartling, Veracode, 6sense

Buyer's Guide

Cloud Access Security Brokers (CASB)

July 2025

Download Free Report

Find out what your peers are saying about Palo Alto Networks, Cisco, Netskope and others in Cloud Access Security Brokers (CASB). Updated: July 2025.

DOWNLOAD NOW

865,164 professionals have used our research since 2012.

We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.