Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.
N/A
Salt
Score 6.2 out of 10
N/A
Built on Python, Salt is an event-driven automation tool and framework to deploy, configure, and manage complex IT systems. Salt is used to automate common infrastructure administration tasks and ensure that all the components of infrastructure are operating in a consistent desired state.
Microsoft Defender for Cloud is very good at allowing users to see how their Azure environment is secure through the secure score. The recommendations are an excellent source of the controls that should be in place to ensure a secure environment. There needs to be more protection and features for data security.
SaltStack is a very well architected toolset and framework for reliably managing distributed systems' complexity at varied scale. If the diversity of kind or number of assets is low, or the dependencies are bounded and simple, it might be overkill. Realization that you need SaltStack might come in the form of other tools, scripts, or jobs whose code has become difficult, unreliable, or unmaintainable. Rather than a native from-scratch SaltStack design, be aware that SaltStack can be added on to tools like Docker or Chef and optionally factor those tools out or other tools into the mix.
detect and respond to security threats in the cloud environment, reducing the risk of data breaches and unauthorized access.
The product assists our organization dealing with sensitive data in achieving and maintaining compliance with data protection rules.
The product provides real-time visibility into the cloud environment, offering insights into ongoing security activities.
It guarantees that security teams can actively handle possible threats by delivering real-time monitoring and notifications, reducing the impact on business operations.
Targeting is easy and yet extremely granular - I can target machines by name, role, operating system, init system, distro, regex, or any combination of the above.
Abstraction of OS, package manager and package details is far advanced beyond any other CRM I have seen. The ability to set one configuration for a package across multiple distros, and have it apply correctly no matter the distrospecific naming convention or package installation procedure, is amazing.
Abstraction of environments is similarly valuable - I can set a firewall rule to allow ssh from "management", and have that be defined as a specific IP range per dev, test, and prod.
It is a great product that integrates nicely when running an Azure platform and even multi-cloud environment. Not looking for point-solutions but a suite that answers most requirements. It is very comfortable being able to use KQL, workbooks and automation that is native to the azure platform
Just for the fact that there is always room to improve, but at the same time because it gives us that single picture across all Microsoft Stack, including the other dependent stack. I think it's the usability and tying into Sentinel is quite helpful as a reseller for us.
We haven't had to spend a lot of time talking to support, and we've only had one issue, which, when dealing with other vendors is actually not that bad of an experience.
Microsoft Defender for Cloud is definitely the choice with the latest market trend and attacks that are currently happening. Microsoft has been able to safe guard a lot after the recent serious attacks happening globally in the digital world. There is a trust in this software and with the latest updates and machine learning capabilities, Microsoft Defender for Cloud should be the choice.
We moved to SaltStack from Puppet about 3 years ago. Puppet just has too much of a learning curve and we inherited it from an old IT regime. We wanted something we could start fresh with. Our team has never looked back. SaltStack is so much easier for us to use and maintain.
It simplifies security management and saves time. I'm not sure, but I'm very confident it saved me a couple of paychecks by centralizing the data I need to secure the cloud environment.
I also utilize the inventory overview to monitor my team's activities and verify they are following internal regulations, as well as cost overruns.
The recommendations can be utilized as a valuable instructional tool. I have the team explain why they are receiving them, why they are not following them, and what they are doing differently.
We manage two complex highly available self-healing (all infrastructure and systems) environments using SaltStack. Only one person is needed to run SaltStack. That is a HUGE return on investment.
Building tooling on top of SaltStack has allowed us to share administrative abilities by role - e.g. employee X can deploy software Y. No need to call a sysadmin and etc.
Recovery from problems, or time to stand-up new systems is now counted in minutes (usually under eight) rather than hours. This is a strategic advantage for rolling out new services.
