Microsoft Defender for Cloud Apps vs Zscaler Internet Access comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Jun 26, 2023

We compared Microsoft Defender for Cloud Apps (MDA) and Zscaler Internet Access based on our users’ reviews in five categories. After reading the collected data, you can find our conclusion below.

  • Ease of Deployment: Microsoft's setup is generally easy to follow but requires more effort for customization and monitoring. Zscaler's setup can be more complex and may require professional assistance, but once set up, it requires minimal maintenance.
  • Features: Microsoft Defender for Cloud Apps provides users with threat detection, unified reporting, identity and posture management, prevention of shadow IT, on-demand scanning, file and activity policy, alert policies, auditing, and integration with other Microsoft solutions. On the other hand, Zscaler Internet Access offers cloud sandbox VNS security access control, data protection, advanced threat protection, URL filtering, data loss prevention, and cloud browser isolation.

  • Pricing: While Microsoft Defender is bundled with some licenses, Zscaler requires a minimum license per user per year. Some users find Zscaler's pricing competitive, while others consider it expensive. On the other hand, Microsoft Defender's pricing is considered fair by some, but it's not recommended to buy separately. It's worth noting that some features of Zscaler require an additional fee, while Microsoft Defender has no additional costs except for top-tier packages.

  • ROI: Both solutions were found effective in improving the ROI of businesses. Microsoft Defender offers cost reduction, increased uptime, and seamless integration with Microsoft products. Meanwhile, Zscaler eliminates on-premise devices, improves real-time protection, and proactively prevents attacks.
  • Service and Support: Microsoft Defender for Cloud Apps offers different support tiers, but technical support quality has received mixed reviews. On the other hand, Zscaler Internet Access has received generally positive feedback on their responsive and knowledgeable technical support. Some customers have reported problems with issue resolution.

Comparison Results: Microsoft Defender for Cloud Apps is the preferred option over Zscaler Internet Access because of its comprehensive features, integration with other Microsoft solutions, and personalized rules and policies for cloud traffic control. Zscaler Internet Access has a cloud-native proxy architecture and advanced threat protection but has faced issues with reporting functionality, pricing, and technical support according to users.

To learn more, read our detailed Cloud Access Security Brokers (CASB) Report (Updated: February 2024).
757,198 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator.""The solution is stable.""The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices.""The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."

More Lookout Pros →

"All of the features are valuable because all of the features are related.""Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment.""I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with.""It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good.""The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT.""The general usability of the solution is very straightforward.""The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly.""Defender helps us control which applications are being used and gain more security insight into remote and hybrid users based on user identity and log in location. You can also integrate Defender for Cloud Apps with Defender for Endpoint to extend its capabilities."

More Microsoft Defender for Cloud Apps Pros →

"Stability-wise, I rate the solution a nine and a half out of ten...The setup phase was easy.""Zscaler covers all the features needed to replace a VPN or proxy solution. They are good. They've been on the market for 15 years now, so they are mature enough.""We don't have to buy equipment to use it. And when our engineers set it up on our side, we just configured a few settings and we were in.""It is easy to set up the solution.""Zscaler Web Security protects our users in remote locations from internet threats - even if they are not connected to our network.""I like the granularity of the control of all the traffic, including SSL inspection. I also like the fact that the user interface is intuitive. The latencies with Zscaler are minimal compared to those of any other competitor. Other competitors do not really have the global scale that Zscaler has and cannot promise low latencies.""We use ZIA for outbound internet connectivity. The internet traffic of on-prem users will be directed to the ZIA cloud for security checks and web filtering.""The most valuable features of Zscaler Internet Access are it's on the cloud, high network performance, and the interception of users is very easy."

More Zscaler Internet Access Pros →

Cons
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer""From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products.""Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving.""We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."

More Lookout Cons →

"The interface needs to be more user-friendly.""I want them to enhance in-session policy.""There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default.""The technical support team has room for improvement.""The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand.""Microsoft Defender for Cloud Apps’s technical support services needs improvement.""Sometimes the support is actually lacking.""Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."

More Microsoft Defender for Cloud Apps Cons →

"Currently, the solution's interface is not that user-friendly.""The price of the solution could be improved.""In terms of user experience, it could be better.""What could be improved in Zscaler Internet Access is its price. It could be cheaper.""They could provide more time for the onboarding the training of an IT person.""It needs better integration with other applications. It takes a fair amount of regular activity to apply the by-passes because it is very strict in its restrictions and frequently you have to go in and open things up to allow the workforce to work.""Zscaler should provide adjacent services, which would be complementary to their current offering that could to be more pragmatic for a customer. For example, if you take Akamai, you get multiple sets of services, all depending on the customer and the strategy and the complexity and the problems. In some areas, they are more varied in terms of coverage.""In terms of usage, here in the GCC, it's still growing a growing market, so the combination of DLP, data leak prevention, to a certain extent is fine. But what it requires is user-based access or role-based access. The solution needs to grow into that, which definitely takes time. There's not an easy way to integrate it, when you have a cloud-based solution."

More Zscaler Internet Access Cons →

Pricing and Cost Advice
  • "The pricing is fair; it's comparable to our previous solution, and we carried out multiple POCs and POVs (proof of value). The product is worth the money we pay for it."
  • "Lookout is definitely on the lower end when it comes to price point and that seems to be the only differentiator. The technology is in place in this space and it's really about who is coming in at the better price point now."
  • "In terms of feature performance versus cost, they're a good value."
  • "The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For example, Lookout costs 2/3rd of Prisma's licensing price."
  • More Lookout Pricing and Cost Advice →

  • "We have an educational licensing agreement. It's a customer agreement for multiple years."
  • "This product is not expensive."
  • "Our clients normally use the Microsoft E1 licensing, which is renewed yearly."
  • "The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
  • "I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
  • "Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
  • "The price could be better and should be reconsidered."
  • "It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
  • More Microsoft Defender for Cloud Apps Pricing and Cost Advice →

  • "​Be aware that you will need to invest some time and money to adapt your environment for Zscaler (traffic redirection, software deployment, authentication, etc).​"
  • "The pricing is an issue. It is expensive compared to other firewalls on the market."
  • "Roughly, we might spend $70,000 a month on the solution. We don't pay for anything beyond the standard licensing fee."
  • "Our monthly fee is around R3000."
  • "The pricing is fair based on its competitive market."
  • "The price is competitive. It's not cheap and it's not expensive."
  • "The pricing for Zscaler Internet Access could be made cheaper."
  • "The price of Zscaler Internet Access should improve, it is expensive."
  • More Zscaler Internet Access Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
    757,198 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For… more »
    Top Answer:The solution could improve identity integration as well. Zero trust, it's a good start as a zero-trust solution… more »
    Top Answer:Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native… more »
    Top Answer:It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications… more »
    Top Answer:Where we are right now, this is an acceptable pricing. I would like to see more transparency given to the end user. The… more »
    Top Answer: Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.… more »
    Top Answer:We researched Netskope but ultimately chose Zscaler Netskope is a cloud access security broker that helps identify… more »
    Comparisons
    Also Known As
    CipherCloud
    MS Cloud App Security, Microsoft Cloud App Security
    ZIA
    Learn More
    Lookout
    Video Not Available
    Microsoft
    Video Not Available
    Zscaler
    Video Not Available
    Overview

    Lookout is a well-established and powerful secure web gateway (SWG) solution that protects more than 200 million users from threats that can result from the penetration of unsecured web traffic into their networks. Lookout is designed to enable organizations to work remotely while maintaining a tight blanket of security over their confidential business data. It provides administrators with security that extends from their endpoints to the cloud service that they are using to run their organization’s network. 

    Users of Lookout are able to proactively detect threats and keep themselves secure from a field of threats that constantly evolves. IT teams can protect their organizations without having to rely on any other security solutions. This singular solution can run on multiple kinds of mobile devices. The privacy of individuals is preserved while keeping compliance rules intact. Additionally, users gain access to a number of tools that enable them to prevent security breaches from taking place.

    Lookout Benefits

    Some of the ways that organizations can benefit by deploying Lookout include:

    • Ease of deployment. Lookout is a solution whose design makes it easy for users to deploy it. It provides users with simple, step-by-step instructions that remove the need for organizations to devote extensive amounts of time to make sure that it is properly set up. Anyone can quickly set up the solution without undergoing technical training. 
    • Built-in support. Users of the Lookout application have access to built-in demos that can teach them how to use various solution features. Instead of spending time trying to figure out the application, users can watch the demo that is most relevant to them and see for themselves how that particular feature is used.
    • Easy-to-use user interface. Lookout’s user interface is laid out in an intuitive way that makes it easy for administrators to navigate. This interface is present in both the mobile and desktop versions of this solution. 
    • Settings customization. Lookout has a built-in settings customization menu. This makes it possible for administrators to easily customize their settings so that they best conform to their needs. 

    Lookout Features

    • Activity monitoring and activity tracking. Lookout’s activity monitoring and activity tracking capabilities enable users to keep a close eye on the activities that are taking place in their networks. IT teams and administrators have the ability to watch their networks for any unusual activity. These features ensure that organizations can keep ahead of any potential threats. They provide the kinds of insights and warnings that make the jobs of those IT teams and administrators much easier and more streamlined. 
    • Encryption. Organizations that employ Lookout can encrypt their networks and keep crucial business data from being read by unauthorized parties. This feature keeps the secrets organizations are trying to keep out of the wrong hands.
    • Anti-virus tools. Lookout provides users with tools to block threats from harming their networks. These tools can successfully block 99.6 percent of threats without raising false alarms. 

    Microsoft Defender for Cloud Apps is a comprehensive security solution that provides protection for cloud-based applications and services. It offers real-time threat detection and response, as well as advanced analytics and reporting capabilities. With Defender for Cloud Apps, organizations can ensure the security of their cloud environments and safeguard against cyber threats. Whether you're running SaaS applications, IaaS workloads, or PaaS services, Microsoft Defender for Cloud Apps can help you secure your cloud environment and protect your business from cyber threats.

    Microsoft Defender for Cloud Apps Benefits:
    • Provides comprehensive security for cloud applications
    • Integrates with other Microsoft security tools
    • Easy to use and deploy
    • Provides real-time threat detection and response
    • Strong protection against phishing attacks and other common threats
    • Highly customizable to meet specific needs of different organizations
    Microsoft Defender for Cloud Apps Use Cases:
    • Governance, authentication, security, and compliance. 
    • Detects shadow IT and anomalous user behavior
    • Controls access to applications
    • Provides auditing and filtering setups
    • Used for end-user compute devices, file monitoring, user investigation, and activity
    • Used for data governance, threat detection, and getting visibility over cloud applications
    • Used to identify information about applications beyond organizational boundaries
    • Prevent exfiltration and data filtration of corporate data
    • Used to deal with spam emails and detect shadow IT

    Reviews from Real Users

    Ram-Krish, Cloud Security & Governance at a financial services firm, says that Microsoft Defender for Cloud Apps "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need".

    PeerSpot user, Senior Cloud & Security Consultant at a tech services, writes that Microsoft Defender for Cloud Apps "Great for monitoring user activity and protecting data while integrating well with other applications".

    Simon Burgess,Infrastructure Engineer at SBITSC, states that Microsoft Defender for Cloud Apps is "A fluid, intelligent product for great visibility, centralized management, and increased uptime".

    Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.

    Zscaler Internet Access Features

    Zscaler Internet Access has many valuable key features. Some of the most useful ones include:

    • Proxy (native SSL)
    • IPS and advanced protection
    • Cloud sandbox
    • DNS security
    • Cloud firewall
    • URL filtering
    • Bandwidth control
    • DNS filtering
    • Cloud DLP w/EDM and IDM
    • Cloud access security broker (CASB)
    • Cloud security posture management (CSPM)
    • CloudBrowser isolation
    • Cloud secure web gateway (SWG)
    • Zero trust network access (ZTNA)
    • Digital experience monitoring

    Zscaler Internet Access Benefits

    There are several benefits to implementing Zscaler Internet Access. Some of the biggest advantages the solution offers include:

    • Fast access with zero infrastructure: Zscaler Internet Access creates a fast, seamless user experience because of its direct-to-cloud architecture. With no infrastructure, Zscaler Internet Access helps you eliminate backhauling, which improves performance and simplifies network administration.
    • Threat intelligence: By using threat intelligence, Zscaler Internet Access can stop ransomware, zero-day malware, and advanced attacks via Inline inspection of all internet traffic, including SSL decryption, and a suite of AI-powered cloud security services. 
    • Consistent security: With Zscaler Internet Access, your security policy goes everywhere your users go. When you move security to the cloud, all users, applications, devices, and locations remain protected and secure based on identity and context.
    • Hybrid workforce: Zscaler Internet Access enables secure access to all external and internal apps from anywhere, so remote work is not an issue. You can also enforce business policies that follow the user, making security identical regardless of location.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Zscaler Internet Access users.

    A Service Manager at a construction company says, "There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. For our needs, the cloud-native proxy architecture is a very good solution. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."

    Owen N., Security Architect at Claro Enterprise Solutions, explains that the solution’s most valuable features include “The integration of the gateway that inspects all ports and protocols. So, there is threat prevention; The cloud sandbox; VNS security; Access control that will protect URL filtering and the cloud firewall; Data protection that will protect your gateway, like your CASB or your cloud DLP; The capabilities of this will point your traffic to Zscaler Cloud.”

    An Architecture Senior Manager at an insurance company mentions, "The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go." He also adds, “The solution provides quick access to cloud services, securing our data and allowing us to inspect all our traffic.”

    Sample Customers
    Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
    Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company19%
    Manufacturing Company10%
    Financial Services Firm10%
    Government7%
    REVIEWERS
    Educational Organization27%
    Financial Services Firm18%
    Government9%
    Engineering Company9%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm12%
    Manufacturing Company8%
    Government7%
    REVIEWERS
    Comms Service Provider31%
    Computer Software Company15%
    Pharma/Biotech Company12%
    Financial Services Firm12%
    VISITORS READING REVIEWS
    Educational Organization19%
    Computer Software Company14%
    Financial Services Firm9%
    Manufacturing Company8%
    Company Size
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business27%
    Midsize Enterprise27%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise14%
    Large Enterprise65%
    REVIEWERS
    Small Business29%
    Midsize Enterprise16%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise28%
    Large Enterprise54%
    Buyer's Guide
    Cloud Access Security Brokers (CASB)
    February 2024
    Find out what your peers are saying about Cisco, Microsoft, Palo Alto Networks and others in Cloud Access Security Brokers (CASB). Updated: February 2024.
    757,198 professionals have used our research since 2012.

    Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 17 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 29 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Zscaler Internet Access is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "A fluid, intelligent product for great visibility, centralized management, and increased uptime". On the other hand, the top reviewer of Zscaler Internet Access writes "Configuring policies is user-friendly but challenges with stability". Microsoft Defender for Cloud Apps is most compared with Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks, Qualys VMDR and Forcepoint CASB, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks, Forcepoint Secure Web Gateway and FortiSASE .

    We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.