These Microsoft Defender solutions focus on cloud security and target different aspects. They are complementary solutions, working together for a comprehensive cloud security strategy.
Defender for Cloud Focuses on securing your entire cloud environment, including infrastructure, workloads, and platforms. It offers Cloud Security Posture Management (CSPM) and DevSecOps functionalities, identifying vulnerabilities, misconfigurations, and recommending remediation steps. It can extend beyond Azure to AWS, GCP, and on-premises environments.
Defender for Cloud Apps primarily secures user access and data within SaaS applications. It offers features like Data Loss Prevention (DLP), User and Entity Behavior Analytics (UEBA), and Adaptive Access Control (AAC). It integrates with Microsoft Defender XDR for a broader security view.
For more reviews and insights about Microsoft's security solutions, get our Microsoft Security Suite guide.
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"One of the features that I like about the solution is it is both a hybrid cloud and also multi-cloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well. It offers a single-panel blast across multiple clouds."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"The technical support is very good."
"Most importantly, it's an integrated solution. We not only have Defender for Cloud, but we also have Defender for Endpoint, Defender for Office 365, and Defender for Identity. It's an integrated, holistic solution."
"Good compliance policies."
"The solution's robust security posture is the most valuable feature."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"The most valuable feature is its policy implementation."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"It is very easy to use, which is what we look for in these types of solutions."
"One of the most valuable features is auditing. Some of the other protection services have issues with auditing. Microsoft Defender for Cloud has an excellent auditing technique that helps us avoid the risk of filtering or information loss. You can use different tools to guarantee these things. It allows you to conduct an in-depth exploration of applications, users, and files that are harmful or suspicious. You can also enhance your security setup by creating personalized rules or policies that help you better control traffic in the cloud."
"If your business requirements are relatively simple, it can get the job done."
"All of the features are valuable because all of the features are related."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"The documentation could be much clearer."
"The documentation and implementation guides could be improved."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
"I want them to enhance in-session policy."
"Defender for Cloud Apps could come with more configured policies out of the box. Also, integration could be easier. Integration is moderately difficult because Microsoft hasn't developed a solution that unifies device onboarding and management. You have to use Intune to manage devices and Defender for Endpoint to enforce policies. They need to fix their integration, but I believe they will straighten it out by the end of the year."
"I would like more customization of notifications. Currently, you either get everything or you get limited information. I would like to have something in between where we can customize the data that is included in notifications."
"There could be more granular roles that are out of the box included in the product."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"Defender could integrate better with multi-cloud and hybrid environments. It requires some additional configuration to ingest data from non-Azure environments and integrate it with Sentinel."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews while Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews. Microsoft Defender for Cloud is rated 8.0, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR. See our Microsoft Defender for Cloud vs. Microsoft Defender for Cloud Apps report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.