A solution to simplify security and gain multidirectional protection across any public or private cloud to block inbound attacks, lateral movement, and data exfiltration using a single solution. Cisco Multicloud Defense protects all cloud environments using a single software-as-a-service (SaaS) control plane, eliminating inefficient, complex, and costly point solutions.
N/A
Microsoft Defender for Cloud
Score 8.5 out of 10
N/A
Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.
The sell key was for my company the monitoring all outgoing data and between each cloud provider which we use from all departments which keeps their data in a cloud environment. We could apply specific rules for monitoring and DPL on all traffic, which was the key feature that we were missing in the cloud solution. Also, they provide security features like intrusion prevention, antimalware, and full-path URL filtering, which are nice to have. Applying all at the start can be really time consuming but for the time we spent and how the solution help us to prevent data leave our company it was for sure worth it.
If you need to proceed with pay as you go service then go ahead with Microsoft Defender for Cloud. This could be expensive in the long run but if the organization usage is slightly less than then this would suite the purpose. Also, it has the latest threat updates, so you're future proof in terms of potential treats.
DLP monitoring - key item for us which helps to view if anything which should leave our environment our or even between each part of network between/inside specific clouds
Segmentation of subnet, basic but helpful to isolate each host into their own part of single subnet and connect them, including all visibility features which are offered by Cisco defense systems
Allow/deny rules helps us to block, monitor and logs traffic passing in each direction of our environment
Automation is crucial to managing sprawl and the additional complexity that comes with it. SOC management workbooks and process automation give significant flexibility.
The Security posture score and Security Alerts are neatly centralized and offer me crucial information quickly.
Defender for Cloud avoids the common compromise of simplicity for completeness (former Azure Security Center). The security warnings and advice go into great detail while remaining current and useful.
UI/UX. It can get a little messy when navigating around with all the flyouts in the Azure portal which can be frustrating, particularly when under time pressure.
The query languages for the queries and workbooks are another language that needs to be learned - it would be nice to have kept it closer to T-SQL or something like that to minimize the need to learn new syntax.
Adding cost estimations to the security recommendations would really improve the experience.
It is a great product that integrates nicely when running an Azure platform and even multi-cloud environment. Not looking for point-solutions but a suite that answers most requirements. It is very comfortable being able to use KQL, workbooks and automation that is native to the azure platform
The ease of use, analytics, and just overall security feature set of Cisco Multicloud Defense is hard to beat. Their product is very intriguing and quite a bit similar. However, I have learned from past experiences that you get what you pay for. Cisco may be a little more pricy but it is worth it.
I believe Microsoft Defender for Cloud stacks up well against the other tools we looked at. It is native to the Azure platform and provides the same insights as the other tools. We selected Microsoft Defender for Cloud because it integrates well with the Azure resources and gives the needed insight, security alerts and recommendations.