We performed a comparison between Microsoft Defender for Cloud and Tenable.io Container Security based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"It's got a lot of great features."
"The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act."
"One of the features that I like about the solution is it is both a hybrid cloud and also multi-cloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well. It offers a single-panel blast across multiple clouds."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"Provides a very good view of the entire security setup of your organization."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"It is a scalable solution. Scalability-wise, it is a good solution."
"It helps us secure our applications from the build phase and identify the weaknesses from scratch."
"Nessus scanner is very effective for internal penetration testing."
"Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security."
"The tool's most valuable feature is scanning, reporting, and troubleshooting."
"Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment."
"The strong security provided by the product in the container environment is its most valuable feature."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"Microsoft Defender could be more centralized. For example, I still need to go to another console to do policy management."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners."
"Tenable.io Container Security should improve integration modules. It should also improve stability."
"I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls."
"The stability and setup phase of the product are areas with shortcomings where improvements are needed."
"The initial setup is highly complex."
"They need to work on auto-remediation so it's easier for the security team to act quickly when certain assets or resources are deployed. The latest version has a CIS benchmark that you need to meet for containers in the cloud, but more automation is needed."
"The support is tricky to reach, so we would like better-oriented technical support enabled."
More Tenable.io Container Security Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Container Security with 46 reviews while Tenable.io Container Security is ranked 22nd in Container Security with 7 reviews. Microsoft Defender for Cloud is rated 8.0, while Tenable.io Container Security is rated 7.8. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Tenable.io Container Security writes "It helps you catch misconfigurations before they go into a production environment where they're harder to deal with". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint, whereas Tenable.io Container Security is most compared with Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform, Wiz, Trivy and Red Hat Advanced Cluster Security for Kubernetes. See our Microsoft Defender for Cloud vs. Tenable.io Container Security report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.