IT Central Station is now PeerSpot: Here's why

Microsoft Defender for Cloud vs Threat Stack Cloud Security Platform comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Buyer's Guide
Microsoft Defender for Cloud vs. Threat Stack Cloud Security Platform
July 2022
Find out what your peers are saying about Microsoft Defender for Cloud vs. Threat Stack Cloud Security Platform and other solutions. Updated: July 2022.
621,327 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers.""It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.""The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem.""I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions.""One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them.""Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know.""The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security.""The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy."

More Prisma Cloud by Palo Alto Networks Pros →

"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates.""The integration with Logic Apps allows for automated responses to incidents.""One of the features that I like about the solution is it is both a hybrid cloud and also multi-cloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well. It offers a single-panel blast across multiple clouds.""The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra.""Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful.""We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language.""The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce.""This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."

More Microsoft Defender for Cloud Pros →

"The most valuable feature is the SecOps because they have our back and they help us with the reports... It's like having an extension of your team. And then, it grows with you.""Technical support is very helpful."

More Threat Stack Cloud Security Platform Pros →

Cons
"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures.""The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed.""They need to make the settings more flexible to fit our internal policies about data. We didn't want developers to see some data, but we wanted them to have access to the console because it was going to help them... It was a pain to have to set up the access to some languages and some data.""Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams.""It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat.""We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert.""The licensing is a bit confusing.""Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users."

More Prisma Cloud by Palo Alto Networks Cons →

"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board.""You cannot create custom use cases.""Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do.""They could always work to make the pricing a bit lower.""For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful.""From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it.""The product was a bit complex to set up earlier, however, it is a bit streamlined now.""The solution could improve by being more intuitive and easier to use requiring less technical knowledge."

More Microsoft Defender for Cloud Cons →

"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter.""The compliance and governance need improvement."

More Threat Stack Cloud Security Platform Cons →

Pricing and Cost Advice
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
  • "The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
  • "The licensing cost is a bit high on the compute side."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

  • "I'm not privy to that information, but I know it's probably close to a million dollars a year."
  • "We are using the free version of the Azure Security Center."
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

  • "What we're paying now is somewhere around $15 to $20 per agent per month, if I recall correctly. The other cost we have is SecOps."
  • More Threat Stack Cloud Security Platform Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
    621,327 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very… more »
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across… more »
    Top Answer:The integration with Logic Apps allows for automated responses to incidents.
    Top Answer:This is a worldwide service and depending on the country, there will be different prices. There is a price calculator… more »
    Top Answer:There is no perfect product in the world and there are always features that can be added. Innovation is something that… more »
    Top Answer:The solution offers one set cost and then the cost by agents. We're thinking of putting it on a few test servers and dev… more »
    Top Answer:The compliance and governance need improvement. You can have rules that are HIPAA or PCI or CIS compliant, however… more »
    Comparisons
    Also Known As
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Threat Stack, CSP,
    Learn More
    Overview

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:

    - Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score

    - Simplify enterprise compliance and view your compliance against regulatory requirements

    - Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center

    - Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Threat Stack Cloud Security Platform is a CWPP (Cloud Workload Protection Platform) that provides your organization with comprehensive security for modern applications and APIs. It is designed specifically for monitoring cloud environments, vulnerabilities, covering workloads, infrastructure, and compliance. The solution offers application infrastructure protection for all layers of your infrastructure stack and delivers the necessary observability for proactive and targeted remediation action. In addition, it is platform-independent and easily adapts to various environments. Threat Stack Cloud Security Platform works best for companies who want real-time protection against active external threats and need to reduce alert investigation time. It is ideal for small, medium, or large-sized organizations.

    Threat Stack Cloud Security Platform Features

    Threat Stack Cloud Security Platform has many valuable key features. Some of the most useful ones include:

    • High-efficacy threat detection
    • App deployment speed
    • Increased visibility
    • Remediation integration
    • Security and compliance telemetry
    • Built-in and configurable rules
    • ML and advanced analytics
    • Integrations with third-party SecOps tools
    • File integrity monitoring
    • Host-based intrusion detection
    • Vulnerability assessment
    • Fully integrated IDS functionality
    • Real-time alerts and threat response

    Threat Stack Cloud Security Platform Benefits

    There are many benefits to implementing Threat Stack Cloud Security Platform. Some of the biggest advantages the solution offers include:

    • All-in-one solution: Because Threat Stack Cloud Security Platform offers everything you need in one solution, you don’t need to integrate multiple security solutions in the cloud or spend time manually tweaking the desired functionality.
    • Continuous proactive monitoring: Threat Stack Cloud Security Platform provides continuous proactive monitoring across your full infrastructure stack. It monitors your web application, can track risky behavior from the point of deployment, can scan your operating system, detect any unusual patterns in file hosting, and analyze other server events in real time.
    • Real-time protection: The solution offers protection from active intrusion attempts and gives you visibility into ongoing events on the server so you can discover data breaches before it’s too late.
    • Flexibility: The Threat Stack Cloud Security Platform is tailored to your server’s specific operating system deployment and remains accessible to you no matter how your infrastructure changes or scales over time.
    • Quick threat detection: Because Threat Stack Cloud Security Platform can quickly isolate problems, issues are less likely to cause damage and can be remediated faster.
    • Monitoring for reactive, proactive, and interactive threats: The solution is designed to detect even the most evasive discrepancies in your server events.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Threat Stack Cloud Security Platform solution.

    Skyler C., Software Development Manager at Rent Dynamics, says, “The most valuable feature is the SecOps because they have our back and they help us with the reports. We jump on calls monthly to set goals and roadmaps internally for how we can secure our platform more. Their SecOps program is absolutely amazing when you do not have a dedicated resource for security.”

    An IT Engineer at a consultancy mentions, “The platform has a good threat and vulnerability manager with very helpful technical support. The scalability is great.”

    Offer
    Learn more about Prisma Cloud by Palo Alto Networks
    Learn more about Microsoft Defender for Cloud
    Learn more about Threat Stack Cloud Security Platform
    Sample Customers
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    StatusPage.io, Walkbase, Spanning, DNAnexus, Jobcase, Nextcapital, Smartling, Veracode, 6sense
    Top Industries
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company19%
    Healthcare Company13%
    Financial Services Firm13%
    VISITORS READING REVIEWS
    Computer Software Company27%
    Comms Service Provider14%
    Financial Services Firm10%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company20%
    Recruiting/Hr Firm13%
    Consumer Goods Company13%
    University7%
    VISITORS READING REVIEWS
    Computer Software Company26%
    Comms Service Provider16%
    Financial Services Firm7%
    Government5%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Comms Service Provider16%
    Financial Services Firm9%
    Government5%
    Company Size
    REVIEWERS
    Small Business20%
    Midsize Enterprise28%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise12%
    Large Enterprise72%
    REVIEWERS
    Small Business29%
    Midsize Enterprise10%
    Large Enterprise61%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise13%
    Large Enterprise69%
    REVIEWERS
    Small Business22%
    Midsize Enterprise56%
    Large Enterprise22%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise15%
    Large Enterprise62%
    Buyer's Guide
    Microsoft Defender for Cloud vs. Threat Stack Cloud Security Platform
    July 2022
    Find out what your peers are saying about Microsoft Defender for Cloud vs. Threat Stack Cloud Security Platform and other solutions. Updated: July 2022.
    621,327 professionals have used our research since 2012.

    Microsoft Defender for Cloud is ranked 2nd in Cloud Security Posture Management (CSPM) with 29 reviews while Threat Stack Cloud Security Platform is ranked 8th in Cloud Security Posture Management (CSPM) with 2 reviews. Microsoft Defender for Cloud is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.0. The top reviewer of Microsoft Defender for Cloud writes "Provides good recommendations and makes policy administration easy". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Microsoft Defender for Cloud is most compared with Microsoft 365 Defender, Amazon GuardDuty, Cortex XDR by Palo Alto Networks, Trend Micro Cloud One Workload Security and Trend Micro XDR, whereas Threat Stack Cloud Security Platform is most compared with Check Point CloudGuard Posture Management, Lacework, ExtraHop Reveal(X) Cloud, Darktrace and Qualys VM. See our Microsoft Defender for Cloud vs. Threat Stack Cloud Security Platform report.

    See our list of best Cloud Security Posture Management (CSPM) vendors and best CWPP (Cloud Workload Protection Platforms) vendors.

    We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.