We performed a comparison between Microsoft Defender for Cloud and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"It's got a lot of great features."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"Microsoft Defender has a lot of features including regulatory compliance and attaching workbooks but the most valuable is the recommendations it provides for each and every resource when we open Microsoft Defender."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening."
"The product has given us more insight into potential avenues for attack paths."
"Technical support has been helpful and responsive."
"It is scalable. It's in line with our needs."
"It contains almost all the available exploits and payloads."
"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"It allows us to concentrate solely on identified vulnerabilities without the hassle of additional setup."
"Rapid7 Metasploit is a useful product."
"The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services."
"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
"You cannot create custom use cases."
"The documentation could be much clearer."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"The solution is not user-friendly and has room for improvement."
"There are numerous outdated exploits in their database that should be updated."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
"It is necessary to add some training materials and a tutorial for beginners."
"Metasploit cannot be installed on a machine with an antivirus."
"Better automation capabilities would be an improvement."
"If your company's patch is not up to date, but you have other detection or defense solutions such as endpoint detection and response and antivirus software, the product exploit may not work effectively. This is because its exploit database update process is slow and not real-time. For zero-day vulnerabilities or new security threats, relying on Rapid7 Metasploit alone may not be effective."
Microsoft Defender for Cloud is ranked 6th in Vulnerability Management with 46 reviews while Rapid7 Metasploit is ranked 11th in Vulnerability Management with 18 reviews. Microsoft Defender for Cloud is rated 8.0, while Rapid7 Metasploit is rated 7.6. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Rapid7 InsightVM, Acunetix and Nucleus. See our Microsoft Defender for Cloud vs. Rapid7 Metasploit report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
