Microsoft Defender for Cloud vs Microsoft Purview Insider Risk Management comparison

Microsoft Defender for Cloud vs. Microsoft Purview Insider Risk Management

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Defender for Cloud

Ranking in Microsoft Security Suite

4th

Average Rating

8.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Vulnerability Management (7th), Container Management (9th), Container Security (4th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (3rd), Compliance Management (3rd)

Microsoft Purview Insider R...

Ranking in Microsoft Security Suite

30th

Average Rating

7.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Insider Risk Management (3rd)

Mindshare comparison

As of May 2025, in the Microsoft Security Suite category, the mindshare of Microsoft Defender for Cloud is 6.4%, down from 11.1% compared to the previous year. The mindshare of Microsoft Purview Insider Risk Management is 1.2%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

Vibhor Goel

Senior Cloud Platform Engineer at Deutsche Börse

A single tool for complete visibility and addressing security gaps

Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Read full review

Dogan Colak

IT Consultant at freelancer

The solution's graphing is highly specific and useful

Implementing policies in the solution isn't easy, and it takes time. For example, you need to use some secrets in Windows or Mac to execute your policies, and you can assign these policies with Microsoft Intune. However, when you execute a policy, you still need to wait up to two days to see alerts. Some of our customers aren't happy because they didn't expect it to take so long. They're satisfied once it starts working because they see the alerts and graphs. The user interface also isn't user-friendly. When we introduce Insider Risk Management to our clients, they often find it difficult to understand. There is too much information, and the UI is not scalable. Also, entry-level IT technicians are not always interested in learning something new. It should be clearer and easier to understand. Microsoft is still working on machine learning and AI components. They're constantly updating the product. However, from my experience, most of my customers are not ready or able to use the AI solution. They are creating some project plans and specific policies. They don't want to see dozens of alerts when they use Microsoft's recommendations or the AI-based solution.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution is quite good and addresses many security gaps."

"The most valuable feature is the recommendations provided on how to improve security."

"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."

"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."

"It alerts us to our vulnerabilities and ensures compliance by marking off a compliance tool checklist."

"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."

"The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."

"Good compliance policies."

More Microsoft Defender for Cloud pros

"Microsoft Purview Insider Risk Management was helpful in performing investigations after alerts were received."

"The best thing about Purview is that it's easy to integrate with our day-to-day environment. We have Active Directory, and Word and Excel. Using a third-party vendor and trying to integrate with our existing environment would be much more challenging."

"Insider Risk Management's graphing is highly specific and useful. You can see the last six months of data for the Microsoft tenant. You can easily find what you need. For example, you can filter for alerts about devices, emails, etc."

Cons

"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."

"The range of workloads is broad, but we'd love to add more workloads and make it a single security solution that covers all those workloads."

"The pricing could be improved, as it is somewhat high for smaller companies."

"It's hard to reach someone who understands my problems. I haven't had many issues, so I haven't called them."

"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."

"Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters. It could be cheaper."

"The remediation process could be improved."

"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."

More Microsoft Defender for Cloud cons

"For certain things, you need to install an agent. I understand it's for integrity, but if there could be a clientless solution for certain aspects, it would make life easier."

"The user interface also isn't user-friendly. When we introduce Insider Risk Management to our clients, they often find it difficult to understand. There is too much information, and the UI is not scalable. Also, entry-level IT technicians are not always interested in learning something new. It should be clearer and easier to understand."

"The reporting capabilities sometimes leave a little to be desired. It could be improved in terms of producing reports to provide information to the C-suite or others."

Pricing and Cost Advice

"The licensing is straightforward but can become expensive if you cover everything. You must balance the cost against the importance of what needs covering."

"Although I am outside of the discussion on budget and costing, I can say that the importance of security provided by this solution is of such importance that whatever the cost is, it is not a factor."

"The pricing and licensing of Microsoft Defender for Cloud have been good for us. We appreciate the licensing approach based on employee count rather than a big enterprise license."

"There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."

"Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."

"The licensing cost per server is $15 per month."

"Our clients complain about the cost of Microsoft Defender for Cloud."

"The tool is pretty expensive."

More Microsoft Defender for Cloud pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

13%

Manufacturing Company

Government

Computer Software Company

29%

Financial Services Firm

11%

Government

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

How is Prisma Cloud vs Azure Security Center for security?

Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a...

What do you like most about Microsoft Defender for Cloud?

The entire Defender Suite is tightly coupled, integrated, and collaborative.

What is your experience regarding pricing and costs for Microsoft Defender for Cloud?

The cost is generally reasonable. Microsoft Defender for Cloud Plan 2 costs $15 per server, per month. For a normal customer with ten to twenty servers, the cost is about $300 per month, which is a...

What needs improvement with Microsoft Purview Insider Risk Management?

The reporting capabilities sometimes leave a little to be desired. It could be improved in terms of producing reports to provide information to the C-suite or others.

What is your primary use case for Microsoft Purview Insider Risk Management?

The primary use case for Microsoft Purview Insider Risk Management was data loss prevention. This was my main objective.

What advice do you have for others considering Microsoft Purview Insider Risk Management?

I would recommend Microsoft Purview Insider Risk Management to others. I would rate the overall solution as a nine.

AWS GuardDuty vs Microsoft Defender for Cloud

Comparisons

Compared 20% of the time

Wiz vs Microsoft Defender for Cloud

Compared 14% of the time

Prisma Cloud by Palo Alto Networks vs Microsoft Defender for Cloud

Compared 11% of the time

Microsoft Defender XDR vs Microsoft Defender for Cloud

Compared 5% of the time

Orca Security vs Microsoft Defender for Cloud

Compared 3% of the time

More Microsoft Defender for Cloud Competitors

Splunk User Behavior Analytics vs Microsoft Purview Insider Risk Management

Compared 40% of the time

Microsoft Defender for Identity vs Microsoft Purview Insider Risk Management

Compared 23% of the time

Netskope Advanced Analytics vs Microsoft Purview Insider Risk Management

Compared 22% of the time

Exabeam vs Microsoft Purview Insider Risk Management

Compared 4% of the time

IBM Security QRadar vs Microsoft Purview Insider Risk Management

Compared 3% of the time

More Microsoft Purview Insider Risk Management Competitors

Product Reports

Microsoft Defender for Cloud

Download Microsoft Defender for Cloud product report

Microsoft Purview Insider Risk Management vs. Proofpoint Insider Threat Management

Download Microsoft Purview Insider Risk Management product report

Microsoft Purview Insider Risk Management report

Also Known As

Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender

Microsoft Insider Risk Management

Interactive Demo

Demo not available

Overview

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Microsoft Purview Insider Risk Management is used to identify and mitigate internal threats, monitor risky activities, and ensure compliance with regulatory standards, tracking confidential information, detecting unusual behavior, and managing data protection.

Microsoft Purview Insider Risk Management provides actionable insights and automates risk management processes to enhance security and safeguard sensitive data. Users benefit from its ability to detect insider threats early and appreciate its comprehensive auditing capabilities and customizable risk indicators. It seamlessly integrates with existing systems, allowing for easy policy configuration and leveraging advanced machine learning algorithms. Users find the real-time alerts to enhance security monitoring and proactive risk mitigation. Its detailed incident reporting and efficient data protection are frequently commended.

What are the key features of Microsoft Purview Insider Risk Management?

Early Detection: Identifies insider threats at an early stage.
Comprehensive Auditing: Offers extensive auditing capabilities for thorough investigation.
Customizable Risk Indicators: Allows for tailoring risk indicators to specific needs.
Seamless Integration: Integrates effortlessly with existing systems.
Easy Policy Configuration: Simplifies the setup of security policies.
Advanced Machine Learning: Utilizes sophisticated algorithms for better threat detection.
Real-time Alerts: Provides instant notifications to enhance monitoring.
Detailed Incident Reporting: Generates comprehensive reports on incidents.
Efficient Data Protection: Ensures confidential information is secure.

What benefits and ROI can users expect?

Enhanced Security: Improved threat detection and mitigation.
Actionable Insights: Helps in making informed security decisions.
Automated Processes: Reduces manual effort in risk management.
Compliance Assurance: Ensures adherence to regulatory standards.

In industries such as finance, healthcare, and legal, Microsoft Purview Insider Risk Management is implemented to secure client data, ensure regulatory compliance, and proactively mitigate internal threats. Organizations leverage its real-time alerts, advanced machine learning capabilities, and detailed reporting to maintain stringent security standards in highly regulated environments.

Sample Customers

Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.

Information Not Available

Microsoft Defender for Cloud vs. Microsoft Purview Insider Risk Management