Armor is a cloud and mobile security solution. The vendor’s value proposition is that this solution was purpose-built to deliver the highest level of defense and control for an organization’s critical data, no matter where it’s hosted.
The vendor says they are so confident in the ability of their solution to protect an organization’s data that they back it with their Cyber Warranty Guarantee.
N/A
Microsoft Defender for Cloud
Score 8.5 out of 10
N/A
Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.
Armor gives you what you need to be successful regardless of technical ability. If you can maintain the systems yourself, you are definitely ahead of the game with their service. If you're not prepared to configure and maintain the systems, they do a pretty good job of getting it set up during the onboarding process so that you don't need to dig into the technical guts too much. If you find yourself in over your head, their support staff can handle it for you in most cases.
Microsoft Defender is very good while we are enhancing our organization's security, and it is very useful in getting threat alerts and vulnerabilities that can harm our system and users. It is recommended to use this to improve overall security and threat protection of our users and organization. With the help of Microsoft Defender, we get fully covered and secured.
detect and respond to security threats in the cloud environment, reducing the risk of data breaches and unauthorized access.
The product assists our organization dealing with sensitive data in achieving and maintaining compliance with data protection rules.
The product provides real-time visibility into the cloud environment, offering insights into ongoing security activities.
It guarantees that security teams can actively handle possible threats by delivering real-time monitoring and notifications, reducing the impact on business operations.
Authentication and access against the secure messaging portal is overkill when the response I'm logging in to see merely says, "yes, we have your message. An agent will respond shortly". There should be an option to receive updates like this through email.
The online portal that allows us to clone servers is very slow to respond. More than once I've spun up an additional server due to the lack of visual feedback on the initial request.
The web application firewall does not seem to be sophisticated enough to differentiate between logged in administrators and end users. We use a CMS system which allows admins to create scripts. These often get barred by the WAF even though they are not malicious.
'Regulatory Compliance' is definitely an area of improvement for MDC. The complex and high number of controls within a specific framework should allow a more helpful and detailed guidelines in order to tackle them.
The limitation of options in the incident management menu of MDC has proven to be a hassle while managing security alerts. For example, an analyst cannot even provide a comment about the actions taken on an incident.
There is a missing functionality of connecting other EDR or XDR solutions to MDC which I think should be there for a CSPM tool.
Approximately 50% of all messages we receive are automated. Either that an agent will be assigned, has been assigned, or a ticket is closed. I'd like to see more 'real' interaction, and less box ticking, though I appreciate process has to be followed. That's the one point off. Everything else is very good.
Defender for Cloud (previously known as Azure Security Center) is a more comprehensive and extensive security solution. Currently, threat analytics make up only a small portion of the whole picture. It encourages a comprehensive picture of the cloud environment across all of its endpoints. For example, firewalls, virtual machine coverage, etc. When compared to the former Threat Analytics, the attack surface of Defender for Cloud is vastly expanded.
