Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.
N/A
Palo Alto Networks Cortex XDR
Score 8.7 out of 10
N/A
Traps
replaces traditional antivirus with multi-method prevention, a proprietary
combination of malware and exploit prevention methods that protect
users and endpoints from known and unknown threats.
Microsoft Defender is very good while we are enhancing our organization's security, and it is very useful in getting threat alerts and vulnerabilities that can harm our system and users. It is recommended to use this to improve overall security and threat protection of our users and organization. With the help of Microsoft Defender, we get fully covered and secured.
Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.
detect and respond to security threats in the cloud environment, reducing the risk of data breaches and unauthorized access.
The product assists our organization dealing with sensitive data in achieving and maintaining compliance with data protection rules.
The product provides real-time visibility into the cloud environment, offering insights into ongoing security activities.
It guarantees that security teams can actively handle possible threats by delivering real-time monitoring and notifications, reducing the impact on business operations.
'Regulatory Compliance' is definitely an area of improvement for MDC. The complex and high number of controls within a specific framework should allow a more helpful and detailed guidelines in order to tackle them.
The limitation of options in the incident management menu of MDC has proven to be a hassle while managing security alerts. For example, an analyst cannot even provide a comment about the actions taken on an incident.
There is a missing functionality of connecting other EDR or XDR solutions to MDC which I think should be there for a CSPM tool.
Day to day, Cortex is easy to use when you have no alerts and when an agent upgrade doesn't go south. Alerts are far too "clicky", there's too many steps to drilling down to what actually happened to trigger an alert. Investigating alerts in Cortex takes about 5x longer than it should.
The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.
Defender for Cloud (previously known as Azure Security Center) is a more comprehensive and extensive security solution. Currently, threat analytics make up only a small portion of the whole picture. It encourages a comprehensive picture of the cloud environment across all of its endpoints. For example, firewalls, virtual machine coverage, etc. When compared to the former Threat Analytics, the attack surface of Defender for Cloud is vastly expanded.
Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.
