We performed a comparison between SUSE NeuVector and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Our users prefer SUSE NeuVector over Microsoft Defender for Cloud. Reviewers liked its extensive features, user-friendly interface, and support for multiple clusters. It also stands out for its integration with CI/CD pipelines and ability to perform ISO certification checks, making it valuable for compliance purposes. While Microsoft Defender for Cloud earned high marks for threat analysis, automation, and integration with other Microsoft products, SUSE NeuVector's compliance features give it a competitive advantage.
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Most importantly, it's an integrated solution. We not only have Defender for Cloud, but we also have Defender for Endpoint, Defender for Office 365, and Defender for Identity. It's an integrated, holistic solution."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"The solution's robust security posture is the most valuable feature."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"The product has given us more insight into potential avenues for attack paths."
"The most valuable feature is that it's intuitive. It's very intuitive."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"The UI has a lot of features."
"The tool's deployment is simple. Also, I am impressed with its risk capabilities."
"The most valuable feature of SUSE NeuVector is its run-time security."
"The initial setup is quite good, it's straightforward."
"The most valuable feature of SUSE NeuVector is the performance, deployment, and cost."
"The features of image scanning and anti-malware are really valuable."
"When it comes to the price, we got a really good deal from the vendor instantly."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."
"The documentation could be much clearer."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"No possibility to write or edit any capability."
"The image-scanning features need improvement."
"SUSE NeuVector should provide more security protection rules and better container image scanning."
"We are also working with IaaS VMS, but NeuVector doesn't support virtual machines."
"I would say that this solution should improve monitoring and reporting. I would also like to see more integrations so that we could essentially make it a part of a developing pipeline."
"The documentation needs to improve a bit."
"The tool should offer seamless integration of other security tools while in a hybrid environment."
"SUSE NeuVector could improve by increasing its visibility into other elements of the DevSecOps pipeline. Additionally, scanning around infrastructure would be helpful."
Microsoft Defender for Cloud is ranked 3rd in Container Security with 46 reviews while SUSE NeuVector is ranked 19th in Container Security with 7 reviews. Microsoft Defender for Cloud is rated 8.0, while SUSE NeuVector is rated 7.8. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of SUSE NeuVector writes "Good value for money; great for policy management". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas SUSE NeuVector is most compared with Prisma Cloud by Palo Alto Networks, Red Hat Advanced Cluster Security for Kubernetes, Aqua Cloud Security Platform, Sysdig Falco and NGINX App Protect. See our Microsoft Defender for Cloud vs. SUSE NeuVector report.
See our list of best Container Security vendors and best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
