Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.
N/A
Picus Security
Score 8.2 out of 10
N/A
Picus Security, headquartered in San Francisco, offers Continuous Security Validation and Mitigation as the most proactive approach to ensure cyber-resilience. The Picus Platform measures the effectiveness of defenses by using emerging threat samples in production environments, providing the insight required to build the right security strategy to better manage complex operations.
Microsoft is well-suited with its definitive cloud, and I also like its Microsoft Intune ID. The conditional policies are great with that, and they're really good and well situated, so you can't beat them at that conditional policy level. Less appropriate, as I said, some of these low-hanging fruit features, like being good in phishing campaigns, and then I feel like maybe doing better at their seam products. So we'll see how that goes.
If you want to analyze the full path focusing on the signatures it’s the best product in the market. If you want to test phishing, data exfiltration/DLP, DNS I don’t recommend Picus. Scenario based attacks also lacking. However Picus support is awesome and I like the development team. When we open a case, they’ll always return with the right answer
It has thousands of signatures and up-to-date attack vectors (It's the largest set in the market)
Attack vectors are mapped with existing vendors like Checkpoint and Mcafee, where you don't spend time finding out which cve mapped to which protection
Ability to focus/highlght solely new threats, it's superb for 0days and up-to-date protections. As there are always timing issue between updates and apply the updates on the products.
Blocked vs not blocked ratios on the dashboard with drill down menu specifiying the set of protections or signatures on the defensive measures
Already mapped mitre att&ck framework on the dasboard. SOC and analyst team using the Mitre framework.
Detection analytics enhance the analytics capabilities with pinpoint accuracy where to focus and how to prevent
Timeline and scheduled reports from the dashboard in flexible format
Granular permissions and role-based access management could improve security. This would enable organizations to control who has access to and can set specific features.
While it offers integration with various Microsoft services, expanding support for third-party cloud platforms and applications would enhance its versatility. Many organizations use multiple cloud providers, and broader compatibility would be advantageous.
The cost structure could be more transparent, especially for larger organizations with extensive cloud resources. Clearer cost breakdowns and predictions would help organizations budget more effectively.
It is a great product that integrates nicely when running an Azure platform and even multi-cloud environment. Not looking for point-solutions but a suite that answers most requirements. It is very comfortable being able to use KQL, workbooks and automation that is native to the azure platform
My visibility is limited because I'm only doing very small pieces of what the overall org does. And also, we have limitations on what we're allowed to use. It's not like we get a new product as users or leadership level users, and everything is on, and we can just do whatever we want. We're very restricted in what we can use any tooling within the org because of the different levels of regulatory constraints we have, because of just the nature of who we are inherently. So that's why. I don't think it's necessarily the product. I think it's more or less of what we're able to do with the product.
Microsoft Defender for Cloud is definitely the choice with the latest market trend and attacks that are currently happening. Microsoft has been able to safe guard a lot after the recent serious attacks happening globally in the digital world. There is a trust in this software and with the latest updates and machine learning capabilities, Microsoft Defender for Cloud should be the choice.
We use other vendors Verodin, AttackIQ, SafeBreach, Cymulate etc. All of them have their advantages and disadvantages. Please take a look at TrustRadius reviews of each product. I don’t want to go head to head for each product in this review. I select Picus because it's local startup company in our region. I like their support and engineering team. Support is marvelous. Product is giving what we expected from the product. Price is adequate. Reporting and dashboard is superb.
It simplifies security management and saves time. I'm not sure, but I'm very confident it saved me a couple of paychecks by centralizing the data I need to secure the cloud environment.
I also utilize the inventory overview to monitor my team's activities and verify they are following internal regulations, as well as cost overruns.
The recommendations can be utilized as a valuable instructional tool. I have the team explain why they are receiving them, why they are not following them, and what they are doing differently.
With Picus we have the tangible KPIs for the security
Detetcion and Prevention rates for the latest attacks are significantly increased
We work with many security vendors. We use picus scores and share specific outputs with the company in case of decreasing score rates where the development and product team analyzes their updates or product engines to increase the rates.
It helps our strategic plans where to focus and invest for the following years and planning/prioritizing the security budgets to specific highlighted areas
