Likelihood to Recommend We were wanting to prove the concept of a low touch process for quickly spinning up boilerplate AWS environments. We were able to get started quickly and to ensure that the AWS Well-Architected Framework principles were followed - at least upfront - however, we found that for our use case and expertise level it ultimately wasn't a fit. We have the skills on our team to manage more of this on our own. My recommendation would be contingent on what skills are already available on your team: if you can "do it yourself" you might as well so that you don't pay for resources you don't need and you have finer grain control over what's created.
Read full review Microsoft Defender is very good while we are enhancing our organization's security, and it is very useful in getting threat alerts and vulnerabilities that can harm our system and users. It is recommended to use this to improve overall security and threat protection of our users and organization. With the help of Microsoft Defender, we get fully covered and secured.
Read full review Pros Easily create new AWS accounts. Easily secure and manage AWS accounts. Landing zone with SSO is a huge win for larger teams. Read full review detect and respond to security threats in the cloud environment, reducing the risk of data breaches and unauthorized access. The product assists our organization dealing with sensitive data in achieving and maintaining compliance with data protection rules. The product provides real-time visibility into the cloud environment, offering insights into ongoing security activities. It guarantees that security teams can actively handle possible threats by delivering real-time monitoring and notifications, reducing the impact on business operations. Read full review Cons The AWS SSO GUI is not very intuitive and determining how to apply policies to users without creating redundant logins has been a challenge. The default guardrails do not fully encompass all the security checks that we needed. There does not appear to be any way to control roles at the IAM level from the control tower account through the GUI. Some features on AWS accounts still require logging into the individual account with the root user and cannot be done from AWS Control Tower. Read full review 'Regulatory Compliance' is definitely an area of improvement for MDC. The complex and high number of controls within a specific framework should allow a more helpful and detailed guidelines in order to tackle them. The limitation of options in the incident management menu of MDC has proven to be a hassle while managing security alerts. For example, an analyst cannot even provide a comment about the actions taken on an incident. There is a missing functionality of connecting other EDR or XDR solutions to MDC which I think should be there for a CSPM tool. Read full review Usability There is no way to easily close an AWS account whether it was created manually or via the AWS Control Tower. It takes too many steps to close it vs to provision a new AWS account
Read full review Alternatives Considered Using
AWS Systems Manager and other slightly lower level components has been helpful for us to manage parts of our AWS presence at a more granular level than AWS Control Tower was designed for. It's not at all an apples-to-apples comparison as they solve different use cases, but for us, the use case associated with
AWS Systems Manager was a better fit for our specific needs and skillsets. We did not need everything that AWS Control Tower was doing for us.
Read full review Defender for Cloud (previously known as Azure Security Center) is a more comprehensive and extensive security solution. Currently, threat analytics make up only a small portion of the whole picture. It encourages a comprehensive picture of the cloud environment across all of its endpoints. For example, firewalls, virtual machine coverage, etc. When compared to the former Threat Analytics, the attack surface of Defender for Cloud is vastly expanded.
Read full review Return on Investment Less time manually deploying accounts which was error prone. Central logging allowed us to have 1 place to view logs. Read full review It creates a great insight in all assets that are available The CSPM makes sure that certain risk that might have been missed are addressed Being able to query across the data gives great insights in threats and possible vulernabilties for CVEs Read full review ScreenShots Microsoft Defender for Cloud Screenshots