The vendor presents AWS Control Tower as the easiest way to set up and govern a new, secure multi-account AWS environment. With AWS Control Tower, builders can provision new AWS accounts in a few clicks, while knowing new accounts conform to company-wide policies.
N/A
Microsoft Defender for Cloud
Score 8.5 out of 10
N/A
Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.
We were wanting to prove the concept of a low touch process for quickly spinning up boilerplate AWS environments. We were able to get started quickly and to ensure that the AWS Well-Architected Framework principles were followed - at least upfront - however, we found that for our use case and expertise level it ultimately wasn't a fit. We have the skills on our team to manage more of this on our own. My recommendation would be contingent on what skills are already available on your team: if you can "do it yourself" you might as well so that you don't pay for resources you don't need and you have finer grain control over what's created.
Microsoft Defender is very good while we are enhancing our organization's security, and it is very useful in getting threat alerts and vulnerabilities that can harm our system and users. It is recommended to use this to improve overall security and threat protection of our users and organization. With the help of Microsoft Defender, we get fully covered and secured.
detect and respond to security threats in the cloud environment, reducing the risk of data breaches and unauthorized access.
The product assists our organization dealing with sensitive data in achieving and maintaining compliance with data protection rules.
The product provides real-time visibility into the cloud environment, offering insights into ongoing security activities.
It guarantees that security teams can actively handle possible threats by delivering real-time monitoring and notifications, reducing the impact on business operations.
'Regulatory Compliance' is definitely an area of improvement for MDC. The complex and high number of controls within a specific framework should allow a more helpful and detailed guidelines in order to tackle them.
The limitation of options in the incident management menu of MDC has proven to be a hassle while managing security alerts. For example, an analyst cannot even provide a comment about the actions taken on an incident.
There is a missing functionality of connecting other EDR or XDR solutions to MDC which I think should be there for a CSPM tool.
There is no way to easily close an AWS account whether it was created manually or via the AWS Control Tower. It takes too many steps to close it vs to provision a new AWS account
Using AWS Systems Manager and other slightly lower level components has been helpful for us to manage parts of our AWS presence at a more granular level than AWS Control Tower was designed for. It's not at all an apples-to-apples comparison as they solve different use cases, but for us, the use case associated with AWS Systems Manager was a better fit for our specific needs and skillsets. We did not need everything that AWS Control Tower was doing for us.
Defender for Cloud (previously known as Azure Security Center) is a more comprehensive and extensive security solution. Currently, threat analytics make up only a small portion of the whole picture. It encourages a comprehensive picture of the cloud environment across all of its endpoints. For example, firewalls, virtual machine coverage, etc. When compared to the former Threat Analytics, the attack surface of Defender for Cloud is vastly expanded.
