AWS CloudTrail vs. Microsoft Defender for Cloud Apps

AWS CloudTrail

Microsoft Defender for Cloud Apps

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
AWS CloudTrail	Score 8.8 out of 10	N/A	AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account. With CloudTrail, users can log, continuously monitor, and retain account activity related to actions across AWS infrastructure. CloudTrail provides event history of AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking,…	N/A
Microsoft Defender for Cloud Apps	Score 7.6 out of 10	N/A	Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) is a multimode cloud access security broker.	N/A

Pricing

AWS CloudTrail

Microsoft Defender for Cloud Apps

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
AWS CloudTrail	Microsoft Defender for Cloud Apps
Free Trial
Yes	No
Free/Freemium Version
Yes	No
Premium Consulting/Integration Services
Yes	No

Entry-level Setup Fee

No setup fee

Additional Details

You can view, filter, and download the most recent 90 days of your account activity for all management events in supported AWS services free of charge. You can set up a trail that delivers a single copy of management events in each region free of charge. Once a CloudTrail trail is set up, Amazon S3 charges apply based on your usage. You will be charged for any data events or additional copies of management events recorded in that region. In addition, you can choose CloudTrail Insights by enabling Insights events in your trails. CloudTrail Insights analyzes write management events, and you are charged based on the number of events that are analyzed in that region.

—

More Pricing Information

Community Pulse
	AWS CloudTrail	Microsoft Defender for Cloud Apps

Best Alternatives
	AWS CloudTrail	Microsoft Defender for Cloud Apps
Small Businesses	Armor Score 6.0 out of 10	No answers on this topic
Medium-sized Companies	Druva Security Cloud Score 9.4 out of 10	Avanan Score 9.8 out of 10
Enterprises	Druva Security Cloud Score 9.4 out of 10	Avanan Score 9.8 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	AWS CloudTrail	Microsoft Defender for Cloud Apps
Likelihood to Recommend	8.0 (4 ratings)	7.0 (11 ratings)
Usability	- (0 ratings)	8.0 (1 ratings)
Support Rating	- (0 ratings)	5.0 (1 ratings)

User Testimonials
	AWS CloudTrail	Microsoft Defender for Cloud Apps
Likelihood to Recommend	Amazon AWS It is necessary to enable [AWS] Cloudtrail when using AWS in a production environment, otherwise you will not have any idea what is happening within your accounts. Third party monitoring applications will all require [AWS] CloudTrail to be enabled as well. I would not recommend it solely as a monitoring tool, to get the most out of it you must send the logs elsewhere. Either to Cloudwatch logs or a third party product. Incentivized Verified User Anonymous Read full review	Microsoft Microsoft Defender for Cloud Apps is well suited when working with other Microsoft Applications. For example, if you are working with Microsoft Office 365 it works very well when implementing CASB features. It works when implementing monitoring or blocks on Sanctioned applications however customizing the message to users is not that great. Incentivized Verified User Anonymous Read full review
Pros	Amazon AWS API Log User activity tracking Real-time alerts Incentivized AS Anton Smyslov Product Owner Read full review	Microsoft The integration to Microsoft Entra ID is seamless, which allows Conditional Access to redirect the session to Microsoft Defender for Cloud App for it to take actions (Block or Monitor). Tracker users' activity is very good when troubleshooting or running an investigate. Detecting risky users through tight integration with Microsoft Entra ID is a very good feature. Detecting mass downloads and blocking the download of files from non-manage company devices is a very good feature as well. Incentivized Verified User Anonymous Read full review
Cons	Amazon AWS [In my experience] Cost can easily get out of control with multiple trails on full logging Logs can be difficult to decipher Incentivized Verified User Anonymous Read full review	Microsoft It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. It doesn't provide any way to scan Microsoft Teams when an external exchange of images is happening. You can always do the filtering on the documents during the chat, but if there is an image, then some kind of OCR capability is required to detect it. At present, there is no way [Microsoft Cloud App Security] can go and detect those kinds of images and alert us Incentivized Sai karthik Satyavarapu Senior Technical Specialist Read full review
Usability	Amazon AWS No answers on this topic	Microsoft The interface is pretty simple and easy to use; however, you will need to do a lot of investigative research on your own to get comfortable with it. Originally, many of the Microsoft security tools had their own seperate consoles. Overtime, they have blended into one interface which is the ideal state. In some cases it is clear Microsoft had to pick which console a certain feature or setting was going to reside in and this leads to some confusion. For example, DLP is managed through Defender for Cloud Apps but you will also need to jump into Purview. For things like reverse proxy on your M365 tenant, you will need to go into Azure and setup conditional access rules. Not a big problem and I can understand why the settings are located where they are but for someone just starting out with Defender for Cloud Apps, it will take some time to figure out. Incentivized Verified User Anonymous Read full review
Support Rating	Amazon AWS No answers on this topic	Microsoft I have not utilized actual support but the Sales and Product teams have been super helpful in moving our implementation forward and showing us the best practices. Incentivized Verified User Anonymous Read full review
Alternatives Considered	Amazon AWS I think in the end, CloudTrail has more features and you can dive deeper inside the logs so it depends on your usage and what you expect in the end to make the right choice, I would say that both tools are really useful and bring a lot of benefits to I.T. companies. Incentivized Verified User Anonymous Read full review	Microsoft More flexible and more features with easy integration with cloud services like Microsoft Azure and other cloud services. Overall both gives similar features but we prefer Microsoft cloud app security due to its high threat detection rate. mostly we have been able to stop the threat in very very less time. Incentivized Sneha Sharma Assistant System Engineer Read full review
Return on Investment	Amazon AWS Allows us to investigate any strange api actions Increases security Audit trail of changes made in AWS Incentivized Verified User Anonymous Read full review	Microsoft Cloud App Security saves us thousands of dollars finding and rectifying apps security issues Identity Security Posture helps the organization identity stay in shape, saving thousands of dollars on security consultations The cost of suffering a breach cannot be quantified, CAS helps minimize the chances of the attackers succeeding, with excellent historical logging for most operations Incentivized Verified User Anonymous Read full review
ScreenShots	AWS CloudTrail Screenshots