Microsoft Defender for Cloud vs Trellix Cloud Workload Security comparison

Microsoft and Trellix are both solutions in the Cloud Workload Protection Platforms (CWPP) category. Microsoft is ranked #1 with an average rating of 8.1, while Trellix is ranked #28. Microsoft holds a 14.8% mindshare in CWPP, compared to Trellix’s 0.5% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 100% of Trellix users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 19, 2025

Trellix Cloud Workload Security and Microsoft Defender for Cloud compete in the cloud security domain. Microsoft Defender for Cloud holds an advantage due to its extensive integration capabilities and comprehensive security.

Features: Trellix Cloud Workload Security provides advanced threat detection and protection tailored for cloud workloads, while Microsoft Defender for Cloud offers robust integration with Microsoft's ecosystem and advanced threat intelligence.

Ease of Deployment and Customer Service: Trellix Cloud Workload Security offers streamlined deployment processes and responsive customer service. Microsoft Defender for Cloud requires more comprehensive planning for deployment, supported by extensive Microsoft resources.

Pricing and ROI: Trellix Cloud Workload Security has competitive setup costs, offering strong ROI for economically efficient businesses. Microsoft Defender for Cloud, though costlier, justifies its price with enhanced security features and integration benefits.

To learn more, read our detailed Microsoft Defender for Cloud vs. Trellix Cloud Workload Security Report (Updated: September 2025).

Buyer's Guide

Microsoft Defender for Cloud vs. Trellix Cloud Workload Security

September 2025

Download the complete report

Helped 872,706 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

SentinelOne Singularity Clo...

Mindshare comparison

As of October 2025, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 3.7%, up from 1.7% compared to the previous year. The mindshare of Microsoft Defender for Cloud is 14.8%, down from 15.8% compared to the previous year. The mindshare of Trellix Cloud Workload Security is 0.5%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Workload Protection Platforms (CWPP) Market Share Distribution
Product	Market Share (%)
Microsoft Defender for Cloud	14.8%
SentinelOne Singularity Cloud Security	3.7%
Trellix Cloud Workload Security	0.5%
Other	81.0%

Cloud Workload Protection Platforms (CWPP)

Featured Reviews

Chetan Yelve

Software Engineer at Cateina Technologies

Enhancing workflow with automation and comprehensive security monitoring

Since I have been using it, I have seen many improvements. SentinelOne Singularity Cloud Security is an excellent CSSPM tool, but the CSC CWPP features need improvement. There is scope for more application security posture management features and other than that, there are not many ASPM solutions on the market, and existing ones are more costly. I would prefer to see SentinelOne Singularity Cloud Security develop into a single pane of glass for ASPM and CSPM, and I would also appreciate runtime protection highlighted immediately if I'm changing anything in my environment. The dashboard needs more widgets added so that customers or users can see everything on the dashboard itself without needing to go too deep.

Read full review

Vibhor Goel

Senior Cloud Platform Engineer at Deutsche Börse

A single tool for complete visibility and addressing security gaps

Currently, issues are structured in Microsoft Defender for Cloud at severity levels of high, critical, or warning, but these severity levels are not always right. For example, Microsoft might consider a port being open as critical, but that might not be the case for our company. Similarly, it might suggest closing some management ports, but you might need them to be able to log in, so the severity levels for certain things can be improved. Even though Microsoft Defender for Cloud provides a way to temporarily disable certain alerts or notifications without affecting our security score, it would be better to have more granularized control over these recommendations. Currently, we cannot even disable certain alerts or notifications. There should be an automated mechanism to design Azure policies based on the recommendations, possibly with AI integration. Instead of an engineer having to write a policy to fix security gaps, which is very time-consuming, there should be an inbuilt capability to auto-remediate everything and have proper control in place. Additionally, enabling Defender for Cloud at the resource group level, rather than only at the subscription level, would be beneficial.

Read full review

Madan Mohan

Director Operations at SOFTPRO PLUS

Easy policy designing and highly scalable solution

The customers really want protection against unauthorized applications running on their servers. They should avoid installing any unknown source and use Trellix Cloud Workload Security for the best solution in workload security. It includes DNS with ransomware protection. With this, they can have complete protection for their servers. Additionally, any solution working with the database should implement change control. So, if any changes are made on the database side, they should be resolved and verified to ensure they are not made by any unknown source. This is the best solution we suggest to customers who want granular control to protect their servers. It's easy to deploy with a single agent. Overall, I would rate the solution a nine out of ten because policy designing is very easy too. And the manageability is very easy. You can easily manage it through EPO and deploy policies within five to ten minutes. No issues with that.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"SentinelOne Singularity Cloud Security offers valuable features like runtime notifications. These alerts come to my account, ensuring that if any port or component within my infrastructure is opened or compromised, I am informed immediately. It highlights issues within minutes or even seconds."

"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."

"SentinelOne Singularity Cloud Security has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability."

"The compliance monitoring feature of SentinelOne Singularity Cloud Security gives us a report with a compliance score to ensure we meet certain regulatory standards."

"We really appreciate the Slack integration. When we have an incident, we get an instant notification. We also use Joe Sandbox, which Singularity can integrate with, so we can verify if a threat is legitimate."

"We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use SentinelOne Singularity Cloud Security."

"SentinelOne Singularity Cloud Security offers valuable scalability suitable for organizations of all sizes, from small businesses to large enterprises."

"The solution saves 40% of my time."

More SentinelOne Singularity Cloud Security pros

"I would like to see more connectors and plugins with other platforms."

"The solution is used for risks, vulnerabilities, and compliance."

"The valuable features include the ability to manage devices and the fact that Defender can replace other security tools like SCCM."

"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."

"Defender is user-friendly and provides decent visibility into threats."

"The most valuable feature is the regulatory compliance aspect, where we utilize predefined initiatives like NIST."

"We saw improvement from a regulatory compliance perspective due to having a single dashboard."

"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."

More Microsoft Defender for Cloud pros

"The most valuable feature is the application control."

"The discovery feature is the most valuable. After you integrate your cloud environment, maybe an Azure or AWS, or a private environment hosted on VMware, it automatically starts discovering the number of servers that are running on that cloud and the number of services that you have done. It is a beautiful feature because, from a security standpoint, it is difficult to identify which VM is compliant or not when you keep on provisioning a number of VMs in the cloud. It also checks for compliance. It checks whether a system is compliant and whether antivirus is installed on a VM. If an antivirus is installed, it checks whether the antivirus is updated to the latest signature package or not. All these things are beautifully done by McAfee Cloud Workload Security. For communicating with the McAfee server, you need to install an agent on the VM. McAfee Cloud Workload Security gives you a direct opportunity to install an agent on a Windows machine. If you have a Windows cloud, you can directly push that agent onto the VM through your McAfee portal. It provides you a single dashboard view of all servers present in the cloud. It shows the servers on which the antivirus is already installed as well as the servers for which the antivirus installation is still pending. This dashboard view is a much-needed thing. It also has a centralized management, which makes it easy to use."

Cons

"Bugs need to be disclosed quickly."

"It would be really helpful if the solution improves its agent deployment process."

"The price is on the higher side. The dashboard can be more detailed."

"They could generally give us better comprehensive rules."

"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."

"It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background."

"The Infrastructure as Code service available in SentinelOne Singularity Cloud Security and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in SentinelOne Singularity Cloud Security. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on SentinelOne Singularity Cloud Security, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great."

"Some of the navigation and some aspects of the portal may be a little bit confusing."

More SentinelOne Singularity Cloud Security cons

"Azure is a complex solution. You have so many moving parts."

"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."

"There is no perfect product in the world and there are always features that can be added."

"The cost is always a concern, but overall, it's not too bad because it is easy to use and pretty friendly."

"Defender could improve how data is represented. It can be unstructured or slow to load."

"There needs to be improvement in the security recommendations, particularly in attack path mapping. Sometimes, it misleads users about the real exposure of external-facing assets."

"Most customer teams need more training on this type of product."

"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."

More Microsoft Defender for Cloud cons

"There is room for improvement in the pricing model."

"Its vulnerability assessment is not the best. We cannot identify the vulnerabilities that are related to the operating system by using McAfee Cloud Workload Security. I wish McAfee would add a vulnerability assessment tool that will not only identify the vulnerability but will also be able to generate a report so that the required patching can be done for the servers. Currently, McAfee Cloud Workload Security only integrates with AWS and Azure. If it can also integrate with GCP, Alibaba, and other cloud services available in the market, it would be good because not all people are using Azure and AWS."

Pricing and Cost Advice

"I am not involved in the pricing, but it is cost-effective."

"I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."

"The tool is cost-effective."

"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."

"It is cost-effective compared to other solutions in the market."

"The features included in PingSafe justify its price point."

"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."

"SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal."

More SentinelOne Singularity Cloud Security pricing and cost advice

"They have a free version, but the license for this one isn't too high. It's free to start with, and you're charged for using it beyond 30 days. Some other pieces of Defender are charged based on usage, so you will be charged more for a high volume of transactions. I believe Defender for Cloud is a daily charge based on Azure's App Service Pricing."

"Pricing is difficult because each license has its own metrics and cost."

"There are improvements that have to be made to the licensing. Currently, for servers, it has to be done by grouping the servers on a single subscription... We don't have an option whereby, if all those resources are in one subscription, we can have each of the individual servers subject to different planning."

"There are two different plans. We're using the secure basic plan, but we have used the end security plan as well. There are additional costs, but it gives us more functionalities compared to the basic plan."

"The pricing and licensing of Microsoft Defender for Cloud have been good for us. We appreciate the licensing approach based on employee count rather than a big enterprise license."

"While we pay for any additional features, the pricing seems competitive, though I am not involved in the specific cost details."

"Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."

"I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."

More Microsoft Defender for Cloud pricing and cost advice

"It is not an expensive product. I am in the Indian market, and it is one of the most reliable and cost-effective solutions."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.

See recommendations

872,706 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

14%

Manufacturing Company

10%

Government

Financial Services Firm

13%

Computer Software Company

12%

Manufacturing Company

Government

Comms Service Provider

19%

Government

11%

Computer Software Company

11%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	46
Midsize Enterprise	20
Large Enterprise	53

By reviewers
Company Size	Count
Small Business	26
Midsize Enterprise	7
Large Enterprise	45

No data available

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

I think the pricing of SentinelOne Singularity Cloud Security is a bit high.

See all answers

What needs improvement with PingSafe?

One area that could be improved in SentinelOne Singularity Cloud Security is their policies; the way they have config...

See all answers

How is Prisma Cloud vs Azure Security Center for security?

Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening acros...

See all answers

What do you like most about Microsoft Defender for Cloud?

The entire Defender Suite is tightly coupled, integrated, and collaborative.

See all answers

What is your experience regarding pricing and costs for Microsoft Defender for Cloud?

The pricing is pretty standard.

See all answers

Ask a question

Earn 20 points

Comparisons

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 11% of the time

Wiz vs SentinelOne Singularity Cloud Security

Compared 11% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 4% of the time

Check Point CloudGuard CNAPP vs SentinelOne Singularity Cloud Security

Compared 4% of the time

More SentinelOne Singularity Cloud Security Competitors

AWS GuardDuty vs Microsoft Defender for Cloud

Compared 31% of the time

Wiz vs Microsoft Defender for Cloud

Compared 11% of the time

Prisma Cloud by Palo Alto Networks vs Microsoft Defender for Cloud

Compared 7% of the time

Microsoft Defender XDR vs Microsoft Defender for Cloud

Compared 4% of the time

Tenable Cloud Security vs Microsoft Defender for Cloud

Compared 1% of the time

More Microsoft Defender for Cloud Competitors

AWS GuardDuty vs Trellix Cloud Workload Security

Compared 34% of the time

Trend Vision One - Cloud Security vs Trellix Cloud Workload Security

Compared 13% of the time

More Trellix Cloud Workload Security Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

October 2025

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

Microsoft Defender for Cloud

October 2025

Download Microsoft Defender for Cloud product report

Buyer's Guide

Cloud Workload Protection Platforms (CWPP)

October 2025

Download Trellix Cloud Workload Security product report

Also Known As

PingSafe

Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender

McAfee Cloud Workload Security

Interactive Demo

Demo not available

SentinelOne

Microsoft

Demo not available

Trellix

Overview

SentinelOne Singularity Cloud Security offers a streamlined approach to cloud security with intuitive operation and strong integration capabilities for heightened threat detection and remediation efficiency.

Singularity Cloud Security stands out for its real-time detection and response, effectively minimizing detection and remediation timelines. Its automated remediation integrates smoothly with third-party tools enhancing operational efficiency. The comprehensive console ensures visibility and support for forensic investigations. Seamless platform integration and robust support for innovation are notable advantages. Areas for development include improved search functionality, affordability, better firewall capabilities for remote users, stable agents, comprehensive reporting, and efficient third-party integrations. Clarity in the interface, responsive support, and real-time alerting need enhancement, with a call for more automation and customization. Better scalability and cost-effective integration without compromising capabilities are desired.

What are SentinelOne Singularity Cloud Security's standout features?

Ease of Use: Intuitive operation simplifies navigation across platforms.
Real-Time Detection: Quick identification and response to threats.
Automated Remediation: Streamlines recovery processes with integration capabilities.
Forensic Visibility: Aids in thorough threat analysis and prevention strategies.
Comprehensive Console: Offers full visibility and historical data tracking.
Platform Integration: Supports seamless operation across cloud and hybrid environments.

What benefits should users expect from SentinelOne Singularity Cloud Security?

Enhanced Efficiency: Automation and third-party integration improve threat response.
Improved Detection: Reduces mean time to detect and respond to threats.
Operational Support: Comprehensive visibility and forensic tools aid operational decisions.
Cost Efficiency: Affordable integration with scaling capabilities without high overhead.

SentinelOne Singularity Cloud Security is deployed in industries needing robust cloud security posture management, endpoint protection, and threat hunting. Utilized frequently across AWS and Azure, it assists in monitoring, threat detection, and maintaining compliance in diverse environments while providing real-time alerts and recommendations for proactive threat management.

SentinelOne

Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

Microsoft

Trellix Cloud Workload Security is a comprehensive security solution designed to protect cloud workloads from advanced threats. It provides real-time visibility and control over cloud workloads, enabling organizations to quickly detect and respond to threats.

The most useful functionality of the solution includes automated threat detection, continuous compliance monitoring, and workload protection. With these features, organizations can ensure their cloud workloads are secure and compliant with industry regulations. Trellix Cloud Workload Security helps organizations reduce the risk of data breaches, protect sensitive data, and ensure compliance with regulatory requirements.

Trellix

Sample Customers

Information Not Available

Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.

Information Not Available

Buyer's Guide

Microsoft Defender for Cloud vs. Trellix Cloud Workload Security

September 2025

Free Report: Microsoft Defender for Cloud vs. Trellix Cloud Workload Security

Find out what your peers are saying about Microsoft Defender for Cloud vs. Trellix Cloud Workload Security and other solutions. Updated: September 2025.

DOWNLOAD NOW

872,706 professionals have used our research since 2012.

See our Microsoft Defender for Cloud vs. Trellix Cloud Workload Security report.

See our list of best Cloud Workload Protection Platforms (CWPP) vendors.

We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.