AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account. With CloudTrail, users can log, continuously monitor, and retain account activity related to actions across AWS infrastructure. CloudTrail provides event history of AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking,…
N/A
Cybereason Defense Platform
Score 9.2 out of 10
N/A
Cybereason EDR consolidates intelligence about each attack into a Malop (malicious operation), a contextualized view of the full narrative of an attack. Each Malop organizes the relevant attack data into an easy-to-read, interactive graphical interface, providing a complete timeline, the flow of the attack in the network, and any malicious communications. Remediation actions can be automated or accomplished remotely with a click. The Cybereason Defense Platform empowers analysts of all…
N/A
Microsoft Defender for Cloud Apps
Score 7.7 out of 10
N/A
Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) is a multimode cloud access security broker.
N/A
Pricing
AWS CloudTrail
Cybereason Defense Platform
Microsoft Defender for Cloud Apps
Editions & Modules
No answers on this topic
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
AWS CloudTrail
Cybereason Defense Platform
Microsoft Defender for Cloud Apps
Free Trial
Yes
No
No
Free/Freemium Version
Yes
No
No
Premium Consulting/Integration Services
No
No
No
Entry-level Setup Fee
No setup fee
No setup fee
No setup fee
Additional Details
You can view, filter, and download the most recent 90 days of your account activity for all management events in supported AWS services free of charge.
You can set up a trail that delivers a single copy of management events in each region free of charge. Once a CloudTrail trail is set up, Amazon S3 charges apply based on your usage. You will be charged for any data events or additional copies of management events recorded in that region. In addition, you can choose CloudTrail Insights by enabling Insights events in your trails. CloudTrail Insights analyzes write management events, and you are charged based on the number of events that are analyzed in that region.
We mainly needed to focus on logging and auditing of AWS services and activity, while Datadog & New Relic are more about performance monitoring and analytics. Moreover, AWS CloudTrail has a seamless integration with AWS, since it's coming from one bucket of products. So having …
Our company has not used any alternatives. Within our industry, it seems that AWS CloudTrail is the defacto standard for this type of functionality within the AWS environment.
I think in the end, CloudTrail has more features and you can dive deeper inside the logs so it depends on your usage and what you expect in the end to make the right choice, I would say that both tools are really useful and bring a lot of benefits to I.T. companies.
Cybereason provides superior protection than either Microsoft or CrowdStrike and a better TCO. We receive less false positives than with Microsoft Defender and Cybereason is easier for level 1 users to use.
It doesn't rely on signatures, most parts of their detection are behavior-based, and their marketing says that they have the lowest false positive rate in the market. It composes our server and notebooks endpoint solutions to protect against external threats and block internal …
Microsoft Defender for Cloud Apps stacks up against Netskope. There are areas in which Netskope offers more insights into web traffic however because of the tight integration to the Microsoft ecosystem is one of the reasons why we choose Microsoft Defender for Cloud Apps. It …
Many of the competitors who started in the CASB space have expanded into the SASE category. If organizations do not need the additional controls provided by a SASE solution, then Defender for Cloud Apps is pretty good. If an organization needs a true SASE solution, you would be …
Microsoft Defender for Cloud Apps was chosen primarily due to its ability to work perfectly within our mostly M365 environment. Given that this was an added feature of our E5 license, we chose to dive into it and use it due to it's good visibility into user actions and the …
Microsoft Defender for Cloud Apps acts as an additional security layer for all SaaS applications our organizations uses to do business and helps providing detailed information about this Apps that we normally use across the entire organizations on a single dashboard, enabling …
We had a past experience with Microsoft ATA, one of the engines that Cloud App Security now uses to provide insights on internal threats, Microsoft ATA was discontinued and all of its features became part of the Microsoft Defender suite, surely, Cloud App Security and the …
Microsoft Cloud App Security is more professional than Google 360. It helped organize documents better and staff [was] more willing to integrate it into their daily routines. Microsoft offered more options for organizations and it made more sense the way their application was …
More flexible and more features with easy integration with cloud services like Microsoft Azure and other cloud services. Overall both gives similar features but we prefer Microsoft cloud app security due to its high threat detection rate. mostly we have been able to stop the …
MCAS works well for our particular needs in the DLP, Data Protection, cloud discovery and Threat Detection spaces; most of these tools can accomplish the same tasks and also do enforcements with a forward proxy solution - MCAS does not offer that and if you need it you will …
Most probably it would be suitable for Finance industries, where security is at the head of the table. However, in our case for E-commerce, it's also quite suitable, since we have quite a significant amount of data and usage of AWS services. Especially with usage of AWS services, AWS CloudTrail comes into play as a heavy plus. For instance, troubleshooting any issues in AWS services is really nice. Therefore, it would be less appropriate with a small amount of AWS service usage and some basic web hosting.
Cybereason is good at detections and has some false positives, but when we need their support, it's too slow. My team used to test Cybereason, submitting lots of malware and threats, trying to find problems, and for research purposes. In my experience, every time we found a bug, their support team denied the problems and took lots of weeks to give some answer when we insisted.
It is well suited if your team is working with Microsoft tools and Azure services. but if you are using other cloud service providers and don't want to spend efforts in learning integration with third-party software then this is not a great fit for you. overall we are very satisfied with the product. If your corporation with Microsoft tools then I would recommend it.
The integration to Microsoft Entra ID is seamless, which allows Conditional Access to redirect the session to Microsoft Defender for Cloud App for it to take actions (Block or Monitor).
Tracker users' activity is very good when troubleshooting or running an investigate.
Detecting risky users through tight integration with Microsoft Entra ID is a very good feature.
Detecting mass downloads and blocking the download of files from non-manage company devices is a very good feature as well.
The interface is pretty simple and easy to use; however, you will need to do a lot of investigative research on your own to get comfortable with it. Originally, many of the Microsoft security tools had their own seperate consoles. Overtime, they have blended into one interface which is the ideal state. In some cases it is clear Microsoft had to pick which console a certain feature or setting was going to reside in and this leads to some confusion. For example, DLP is managed through Defender for Cloud Apps but you will also need to jump into Purview. For things like reverse proxy on your M365 tenant, you will need to go into Azure and setup conditional access rules. Not a big problem and I can understand why the settings are located where they are but for someone just starting out with Defender for Cloud Apps, it will take some time to figure out.
I have not utilized actual support but the Sales and Product teams have been super helpful in moving our implementation forward and showing us the best practices.
Cybereason provides superior protection than either Microsoft or CrowdStrike and a better TCO. We receive less false positives than with Microsoft Defender and Cybereason is easier for level 1 users to use.
Microsoft Defender for Cloud Apps stacks up against Netskope. There are areas in which Netskope offers more insights into web traffic however because of the tight integration to the Microsoft ecosystem is one of the reasons why we choose Microsoft Defender for Cloud Apps. It also offered savings. We didn't have to invest in another tool to gain the benefits of a CASB. For productivity tools we use Micorosft Office 365 and therefore Microsoft Defender for Cloud Apps provides very good insight into these applications because of the tight integration with the Microsoft ecosystem. These are both Microsoft products.
It has good features which helps our organization to quickly fix challenges.
It depends on the requirements. Certain requirements are really complex.
The deployment itself is quite fast because [Microsoft Cloud App Security] is on the cloud, but there are a lot of requirements from the regulations and the bank's standards perspective.