Microsoft Defender for Cloud vs Microsoft Purview Insider Risk Management comparison

Microsoft Defender for Cloud vs. Microsoft Purview Insider Risk Management

April 2025

Download the complete report

Helped 857,162 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Defender for Cloud

Ranking in Microsoft Security Suite

7th

Average Rating

8.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Vulnerability Management (7th), Container Management (9th), Container Security (6th), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (5th), Compliance Management (5th)

Microsoft Purview Insider R...

Ranking in Microsoft Security Suite

29th

Average Rating

7.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Insider Risk Management (2nd)

Mindshare comparison

As of June 2025, in the Microsoft Security Suite category, the mindshare of Microsoft Defender for Cloud is 6.4%, down from 10.7% compared to the previous year. The mindshare of Microsoft Purview Insider Risk Management is 1.5%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

Vibhor Goel

Senior Cloud Platform Engineer at Deutsche Börse

A single tool for complete visibility and addressing security gaps

Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Read full review

Dogan Colak

IT Consultant at freelancer

The solution's graphing is highly specific and useful

Implementing policies in the solution isn't easy, and it takes time. For example, you need to use some secrets in Windows or Mac to execute your policies, and you can assign these policies with Microsoft Intune. However, when you execute a policy, you still need to wait up to two days to see alerts. Some of our customers aren't happy because they didn't expect it to take so long. They're satisfied once it starts working because they see the alerts and graphs. The user interface also isn't user-friendly. When we introduce Insider Risk Management to our clients, they often find it difficult to understand. There is too much information, and the UI is not scalable. Also, entry-level IT technicians are not always interested in learning something new. It should be clearer and easier to understand. Microsoft is still working on machine learning and AI components. They're constantly updating the product. However, from my experience, most of my customers are not ready or able to use the AI solution. They are creating some project plans and specific policies. They don't want to see dozens of alerts when they use Microsoft's recommendations or the AI-based solution.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature is the comprehensive overview across different workloads. It allows us to see protection not just across one workload, such as virtual machines, containers, infrastructure, or data, but across all our workloads. This overall visibility is really helpful."

"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."

"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."

"Defender for Cloud provides a complete DevOps security package for cloud services."

"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."

"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."

"We saw improvement from a regulatory compliance perspective due to having a single dashboard."

"Microsoft Defender for Cloud has definitely helped us manage and secure our multi-cloud environment by providing ease of use."

More Microsoft Defender for Cloud pros

"Microsoft Purview Insider Risk Management was helpful in performing investigations after alerts were received."

"The best thing about Purview is that it's easy to integrate with our day-to-day environment. We have Active Directory, and Word and Excel. Using a third-party vendor and trying to integrate with our existing environment would be much more challenging."

"Insider Risk Management's graphing is highly specific and useful. You can see the last six months of data for the Microsoft tenant. You can easily find what you need. For example, you can filter for alerts about devices, emails, etc."

Cons

"The range of workloads is broad, but we'd love to add more workloads and make it a single security solution that covers all those workloads."

"Microsoft Defender for Cloud is pricey, especially for Kubernetes clusters. It could be cheaper."

"Customer service and support from Microsoft are very poor. Even for high-severity cases, response or resolution time can extend to three or four weeks."

"Although Microsoft Defender for Cloud is based on security, I wish it went beyond providing assessments, reports, and generic steps. More detailed procedures would be helpful, especially for lower-level support staff."

"We haven't experienced issues with Microsoft Defender for Cloud for our company size of about five hundred people. However, I've heard there might be issues with scalability for larger enterprises."

"Most customer teams need more training on this type of product."

"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."

"Azure is a complex solution. You have so many moving parts."

More Microsoft Defender for Cloud cons

"The user interface also isn't user-friendly. When we introduce Insider Risk Management to our clients, they often find it difficult to understand. There is too much information, and the UI is not scalable. Also, entry-level IT technicians are not always interested in learning something new. It should be clearer and easier to understand."

"For certain things, you need to install an agent. I understand it's for integrity, but if there could be a clientless solution for certain aspects, it would make life easier."

"The reporting capabilities sometimes leave a little to be desired. It could be improved in terms of producing reports to provide information to the C-suite or others."

Pricing and Cost Advice

"The licensing cost per server is $15 per month."

"Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."

"They have a free version, but the license for this one isn't too high. It's free to start with, and you're charged for using it beyond 30 days. Some other pieces of Defender are charged based on usage, so you will be charged more for a high volume of transactions. I believe Defender for Cloud is a daily charge based on Azure's App Service Pricing."

"It is bundled with our enterprise subscription, which makes it easy to go for it. It is available by default, and there is no extra cost for using the standard features."

"Azure Defender is a bit pricey. The price could be lower."

"Pricing is a consideration, but we strive to keep costs low by enabling only necessary services."

"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."

"Understanding the costs of cloud services can be complicated at first. As with a lot of things in the cloud, it can be quite hard to understand the end cost, but it becomes clearer over time. Early on, the lack of transparency is a challenge. Microsoft does not tell you the cost when they launch something. It is clever marketing, and there is room for improvement there. There should be clarity from the start."

More Microsoft Defender for Cloud pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

857,162 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

13%

Manufacturing Company

Government

Computer Software Company

32%

Financial Services Firm

10%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

How is Prisma Cloud vs Azure Security Center for security?

Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a...

What do you like most about Microsoft Defender for Cloud?

The entire Defender Suite is tightly coupled, integrated, and collaborative.

What is your experience regarding pricing and costs for Microsoft Defender for Cloud?

The pricing is pretty standard.

What needs improvement with Microsoft Purview Insider Risk Management?

The reporting capabilities sometimes leave a little to be desired. It could be improved in terms of producing reports to provide information to the C-suite or others.

What is your primary use case for Microsoft Purview Insider Risk Management?

The primary use case for Microsoft Purview Insider Risk Management was data loss prevention. This was my main objective.

What advice do you have for others considering Microsoft Purview Insider Risk Management?

I would recommend Microsoft Purview Insider Risk Management to others. I would rate the overall solution as a nine.

AWS GuardDuty vs Microsoft Defender for Cloud

Comparisons

Compared 20% of the time

Wiz vs Microsoft Defender for Cloud

Compared 14% of the time

Prisma Cloud by Palo Alto Networks vs Microsoft Defender for Cloud

Compared 10% of the time

Microsoft Defender XDR vs Microsoft Defender for Cloud

Compared 5% of the time

Orca Security vs Microsoft Defender for Cloud

Compared 3% of the time

More Microsoft Defender for Cloud Competitors

Splunk User Behavior Analytics vs Microsoft Purview Insider Risk Management

Compared 38% of the time

Microsoft Defender for Identity vs Microsoft Purview Insider Risk Management

Compared 24% of the time

Netskope Advanced Analytics vs Microsoft Purview Insider Risk Management

Compared 21% of the time

Exabeam vs Microsoft Purview Insider Risk Management

Compared 4% of the time

IBM Security QRadar vs Microsoft Purview Insider Risk Management

Compared 4% of the time

More Microsoft Purview Insider Risk Management Competitors

Product Reports

Microsoft Defender for Cloud

May 2025

Download Microsoft Defender for Cloud product report

Microsoft Purview Insider Risk Management vs. Safetica ONE

April 2025

Microsoft Purview Insider Risk Management report

Download Microsoft Purview Insider Risk Management product report

Also Known As

Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender

Microsoft Insider Risk Management

Interactive Demo

Demo not available

Overview

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Microsoft Purview Insider Risk Management is used to identify and mitigate internal threats, monitor risky activities, and ensure compliance with regulatory standards, tracking confidential information, detecting unusual behavior, and managing data protection.

Microsoft Purview Insider Risk Management provides actionable insights and automates risk management processes to enhance security and safeguard sensitive data. Users benefit from its ability to detect insider threats early and appreciate its comprehensive auditing capabilities and customizable risk indicators. It seamlessly integrates with existing systems, allowing for easy policy configuration and leveraging advanced machine learning algorithms. Users find the real-time alerts to enhance security monitoring and proactive risk mitigation. Its detailed incident reporting and efficient data protection are frequently commended.

What are the key features of Microsoft Purview Insider Risk Management?

Early Detection: Identifies insider threats at an early stage.
Comprehensive Auditing: Offers extensive auditing capabilities for thorough investigation.
Customizable Risk Indicators: Allows for tailoring risk indicators to specific needs.
Seamless Integration: Integrates effortlessly with existing systems.
Easy Policy Configuration: Simplifies the setup of security policies.
Advanced Machine Learning: Utilizes sophisticated algorithms for better threat detection.
Real-time Alerts: Provides instant notifications to enhance monitoring.
Detailed Incident Reporting: Generates comprehensive reports on incidents.
Efficient Data Protection: Ensures confidential information is secure.

What benefits and ROI can users expect?

Enhanced Security: Improved threat detection and mitigation.
Actionable Insights: Helps in making informed security decisions.
Automated Processes: Reduces manual effort in risk management.
Compliance Assurance: Ensures adherence to regulatory standards.

In industries such as finance, healthcare, and legal, Microsoft Purview Insider Risk Management is implemented to secure client data, ensure regulatory compliance, and proactively mitigate internal threats. Organizations leverage its real-time alerts, advanced machine learning capabilities, and detailed reporting to maintain stringent security standards in highly regulated environments.

Sample Customers

Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.

Information Not Available