AWS CloudTrail vs. Cybereason Defense Platform vs. Microsoft Defender for Cloud Apps

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
AWS CloudTrail
Score 8.8 out of 10
N/A
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account. With CloudTrail, users can log, continuously monitor, and retain account activity related to actions across AWS infrastructure. CloudTrail provides event history of AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking,…N/A
Cybereason Defense Platform
Score 9.2 out of 10
N/A
Cybereason EDR consolidates intelligence about each attack into a Malop (malicious operation), a contextualized view of the full narrative of an attack. Each Malop organizes the relevant attack data into an easy-to-read, interactive graphical interface, providing a complete timeline, the flow of the attack in the network, and any malicious communications. Remediation actions can be automated or accomplished remotely with a click. The Cybereason Defense Platform empowers analysts of all…N/A
Microsoft Defender for Cloud Apps
Score 7.7 out of 10
N/A
Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) is a multimode cloud access security broker.N/A
Pricing
AWS CloudTrailCybereason Defense PlatformMicrosoft Defender for Cloud Apps
Editions & Modules
No answers on this topic
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
AWS CloudTrailCybereason Defense PlatformMicrosoft Defender for Cloud Apps
Free Trial
YesNoNo
Free/Freemium Version
YesNoNo
Premium Consulting/Integration Services
NoNoNo
Entry-level Setup FeeNo setup feeNo setup feeNo setup fee
Additional DetailsYou can view, filter, and download the most recent 90 days of your account activity for all management events in supported AWS services free of charge. You can set up a trail that delivers a single copy of management events in each region free of charge. Once a CloudTrail trail is set up, Amazon S3 charges apply based on your usage. You will be charged for any data events or additional copies of management events recorded in that region. In addition, you can choose CloudTrail Insights by enabling Insights events in your trails. CloudTrail Insights analyzes write management events, and you are charged based on the number of events that are analyzed in that region.
More Pricing Information
Community Pulse
AWS CloudTrailCybereason Defense PlatformMicrosoft Defender for Cloud Apps
Considered Multiple Products
AWS CloudTrail
Chose AWS CloudTrail
We mainly needed to focus on logging and auditing of AWS services and activity, while Datadog & New Relic are more about performance monitoring and analytics. Moreover, AWS CloudTrail has a seamless integration with AWS, since it's coming from one bucket of products. So having …
Chose AWS CloudTrail
For this specific functionality, I am not aware of any other product that can do what [AWS] Cloudtrail does.
We did not evaluate any other products.
Chose AWS CloudTrail
Our company has not used any alternatives. Within our industry, it seems that AWS CloudTrail is the defacto standard for this type of functionality within the AWS environment.
Chose AWS CloudTrail
I think in the end, CloudTrail has more features and you can dive deeper inside the logs so it depends on your usage and what you expect in the end to make the right choice, I would say that both tools are really useful and bring a lot of benefits to I.T. companies.
Cybereason Defense Platform
Chose Cybereason Defense Platform
Cybereason provides superior protection than either Microsoft or CrowdStrike and a better TCO. We receive less false positives than with Microsoft Defender and Cybereason is easier for level 1 users to use.
Chose Cybereason Defense Platform
It doesn't rely on signatures, most parts of their detection are behavior-based, and their marketing says that they have the lowest false positive rate in the market. It composes our server and notebooks endpoint solutions to protect against external threats and block internal …
Microsoft Defender for Cloud Apps
Chose Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps stacks up against Netskope. There are areas in which Netskope offers more insights into web traffic however because of the tight integration to the Microsoft ecosystem is one of the reasons why we choose Microsoft Defender for Cloud Apps. It …
Chose Microsoft Defender for Cloud Apps
Many of the competitors who started in the CASB space have expanded into the SASE category. If organizations do not need the additional controls provided by a SASE solution, then Defender for Cloud Apps is pretty good. If an organization needs a true SASE solution, you would be …
Chose Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps was chosen primarily due to its ability to work perfectly within our mostly M365 environment. Given that this was an added feature of our E5 license, we chose to dive into it and use it due to it's good visibility into user actions and the …
Chose Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps acts as an additional security layer for all SaaS applications our organizations uses to do business and helps providing detailed information about this Apps that we normally use across the entire organizations on a single dashboard, enabling …
Chose Microsoft Defender for Cloud Apps
Netskope CASB, Broadcom CloudSOC CASB and formerly from Symantec
Chose Microsoft Defender for Cloud Apps
We had a past experience with Microsoft ATA, one of the engines that Cloud App Security now uses to provide insights on internal threats, Microsoft ATA was discontinued and all of its features became part of the Microsoft Defender suite, surely, Cloud App Security and the …
Chose Microsoft Defender for Cloud Apps
Microsoft Cloud App Security is more professional than Google 360. It helped organize documents better and staff [was] more willing to integrate it into their daily routines. Microsoft offered more options for organizations and it made more sense the way their application was …
Chose Microsoft Defender for Cloud Apps
More flexible and more features with easy integration with cloud services like Microsoft Azure and other cloud services. Overall both gives similar features but we prefer Microsoft cloud app security due to its high threat detection rate. mostly we have been able to stop the …
Chose Microsoft Defender for Cloud Apps
We did not evaluate other tools, as our main driver was Defender ATP and MCAS came included
Chose Microsoft Defender for Cloud Apps
I would go for MS because we leverage Azure in our organization and that helps.
Chose Microsoft Defender for Cloud Apps
MCAS works well for our particular needs in the DLP, Data Protection, cloud discovery and Threat Detection spaces; most of these tools can accomplish the same tasks and also do enforcements with a forward proxy solution - MCAS does not offer that and if you need it you will …
Features
AWS CloudTrailCybereason Defense PlatformMicrosoft Defender for Cloud Apps
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
AWS CloudTrail
-
Ratings
Cybereason Defense Platform
9.1
Ratings
6% above category average
Microsoft Defender for Cloud Apps
-
Ratings
Anti-Exploit Technology00 Ratings8.30 Ratings00 Ratings
Endpoint Detection and Response (EDR)00 Ratings9.60 Ratings00 Ratings
Centralized Management00 Ratings9.60 Ratings00 Ratings
Hybrid Deployment Support00 Ratings6.00 Ratings00 Ratings
Infection Remediation00 Ratings10.00 Ratings00 Ratings
Vulnerability Management00 Ratings10.00 Ratings00 Ratings
Malware Detection00 Ratings10.00 Ratings00 Ratings
Best Alternatives
AWS CloudTrailCybereason Defense PlatformMicrosoft Defender for Cloud Apps
Small Businesses
Armor
Armor
Score 6.0 out of 10
ThreatLocker
ThreatLocker
Score 9.2 out of 10

No answers on this topic

Medium-sized Companies
Druva Security Cloud
Druva Security Cloud
Score 9.4 out of 10
BlackBerry Protect (CylancePROTECT)
BlackBerry Protect (CylancePROTECT)
Score 9.1 out of 10
Avanan
Avanan
Score 9.9 out of 10
Enterprises
Druva Security Cloud
Druva Security Cloud
Score 9.4 out of 10
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 10.0 out of 10
Avanan
Avanan
Score 9.9 out of 10
All AlternativesView all alternativesView all alternativesView all alternatives
User Ratings
AWS CloudTrailCybereason Defense PlatformMicrosoft Defender for Cloud Apps
Likelihood to Recommend
8.0
(0 ratings)
8.7
(0 ratings)
8.0
(0 ratings)
Usability
-
(0 ratings)
-
(0 ratings)
8.7
(0 ratings)
Support Rating
-
(0 ratings)
-
(0 ratings)
5.0
(0 ratings)
User Testimonials
AWS CloudTrailCybereason Defense PlatformMicrosoft Defender for Cloud Apps
Likelihood to Recommend
Most probably it would be suitable for Finance industries, where security is at the head of the table. However, in our case for E-commerce, it's also quite suitable, since we have quite a significant amount of data and usage of AWS services. Especially with usage of AWS services, AWS CloudTrail comes into play as a heavy plus. For instance, troubleshooting any issues in AWS services is really nice. Therefore, it would be less appropriate with a small amount of AWS service usage and some basic web hosting.
Read full review
Cybereason is good at detections and has some false positives, but when we need their support, it's too slow. My team used to test Cybereason, submitting lots of malware and threats, trying to find problems, and for research purposes. In my experience, every time we found a bug, their support team denied the problems and took lots of weeks to give some answer when we insisted.
Read full review
It is well suited if your team is working with Microsoft tools and Azure services. but if you are using other cloud service providers and don't want to spend efforts in learning integration with third-party software then this is not a great fit for you. overall we are very satisfied with the product. If your corporation with Microsoft tools then I would recommend it.
Read full review
Pros
  • Logs details
  • Easy implementation
  • Great support
Read full review
  • EDR
  • Threat hunting
  • anti-malware
  • collecting telemetry
Read full review
  • The integration to Microsoft Entra ID is seamless, which allows Conditional Access to redirect the session to Microsoft Defender for Cloud App for it to take actions (Block or Monitor).
  • Tracker users' activity is very good when troubleshooting or running an investigate.
  • Detecting risky users through tight integration with Microsoft Entra ID is a very good feature.
  • Detecting mass downloads and blocking the download of files from non-manage company devices is a very good feature as well.
Read full review
Cons
  • Delay
  • User interface, must send logs elsewhere to view them
Read full review
  • Slow support
  • Bugs on their interface
  • Log extraction
Read full review
  • Cloud discovery throws away found services not found in the MCAS database of SaaS apps.
  • Many panes of glass required for a fully enabled implementation to administer, configure and utilize 100% of the product.
  • Room for improvement in the reporting realm - not enough records are visible and exportable for high record count policy reports.
Read full review
Usability
No answers on this topic
No answers on this topic
The interface is pretty simple and easy to use; however, you will need to do a lot of investigative research on your own to get comfortable with it. Originally, many of the Microsoft security tools had their own seperate consoles. Overtime, they have blended into one interface which is the ideal state. In some cases it is clear Microsoft had to pick which console a certain feature or setting was going to reside in and this leads to some confusion. For example, DLP is managed through Defender for Cloud Apps but you will also need to jump into Purview. For things like reverse proxy on your M365 tenant, you will need to go into Azure and setup conditional access rules. Not a big problem and I can understand why the settings are located where they are but for someone just starting out with Defender for Cloud Apps, it will take some time to figure out.
Read full review
Support Rating
No answers on this topic
No answers on this topic
I have not utilized actual support but the Sales and Product teams have been super helpful in moving our implementation forward and showing us the best practices.
Read full review
Alternatives Considered
For this specific functionality, I am not aware of any other product that can do what [AWS] Cloudtrail does. We did not evaluate any other products.
Read full review
Cybereason provides superior protection than either Microsoft or CrowdStrike and a better TCO. We receive less false positives than with Microsoft Defender and Cybereason is easier for level 1 users to use.
Read full review
Microsoft Defender for Cloud Apps stacks up against Netskope. There are areas in which Netskope offers more insights into web traffic however because of the tight integration to the Microsoft ecosystem is one of the reasons why we choose Microsoft Defender for Cloud Apps. It also offered savings. We didn't have to invest in another tool to gain the benefits of a CASB. For productivity tools we use Micorosft Office 365 and therefore Microsoft Defender for Cloud Apps provides very good insight into these applications because of the tight integration with the Microsoft ecosystem. These are both Microsoft products.
Read full review
Return on Investment
  • Saved us from purchasing and managing 3rd party solutions
  • Satisfies Security/Governance requirements
  • No upkeep/maintenance
Read full review
  • Helps on threat hunting
  • MalOps is very good
  • When we face a bug, it takes too much time for them to respond
Read full review
  • It has good features which helps our organization to quickly fix challenges.
  • It depends on the requirements. Certain requirements are really complex.
  • The deployment itself is quite fast because [Microsoft Cloud App Security] is on the cloud, but there are a lot of requirements from the regulations and the bank's standards perspective.
Read full review
ScreenShots

AWS CloudTrail Screenshots

Screenshot of CloudTrail Insights: Identify and respond to unusual operational activity
•Unexpected spikes in resource provisioning
•Bursts of IAM management actions
•Gaps in periodic maintenance activity
•Automatic analysis of API calls and usage patterns
•Alerts when unusual activity is detected