We use several Microsoft tools, which are the majority of the features in the company, that is already a point in favor because we trust it, but the problem we had was that there is protection in the cloud, but we decided to be a little more extreme with the access of the workers to avoid any type of loss or problems with the information, for that reason we added this additional Feature to the company to offer greater security, managing to keep our information safe since it is important to mention that the information of Our Company is extremely risky, because we handle sensitive user data, such as payment tokens.
Pros
Easy Integration
Alert Efficients
Cons
Complex Configuration and UI Overload
Alert Fatigue and Prioritization Challenges
Likelihood to Recommend
For me, the perfect fit is the use of other Microsoft features like Azure, where integration is obviously needed.
I feel that using other tools like AWS or something outside of Microsoft might be a bit complicated to fit in.
We have recently migrated our entire infrastructure to the Azure cloud and needed a simple but effective solution since I don't have a dedicated security team. With Defender I was able to secure my cloud environment and my endpoints. The only area where I required assistance was setting up the initial rule sets.
Pros
Endpoint security on Azure VM's
Email Security
Reporting and hunting
remediation
Cons
It can be very overwhelming when first using it. It's very comprehensive.
Likelihood to Recommend
In the scenario where you have limited resources in the area of staffing, it is a big help. I wouldn't recommend it for a high-security environment unless there are trained personnel that focuses on security and are VERY familiar with ASC.
VU
Verified User
Director in Information Technology (Staffing & Recruiting company, 51-200 employees)
The name of this tool has now changed to Microsoft Defender for Cloud, but the functionality remains the same. It is a must-have for your Cloud workloads; Including IaaS and PaaS usage. It combines Security best practices, Vulnerability management, and Threat Detection and Response. Secure Score is a nice way of keeping track of your overall security posture. Can be used in other clouds like AWS and GCP.
Pros
Secure Score
Vulnerability management
Alerts and Threat Detection
Cons
UI can always use improvements.
Recommendation section can have a lot of false positives.
Dashboards
Likelihood to Recommend
This is a great tool for protecting cloud workloads, it's almost a must for PaaS services in Azure. Services like Key Vault, PaaS databases, or Azure WAF all benefit from Defender for Cloud. Workloads where installing an agent is not an option, also make a great candidate. It also makes it easier to monitor resources in other clouds, thus making it easier for SOC to monitor all assets.
