Defender for Cloud from SOC perspective
September 20, 2023
Defender for Cloud from SOC perspective
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Cloud
We mainly use it for Cloud Apps detections and investigations. Tool solves the problem for easy log management, detections and alerts for whole enterprise.
- Great UI
- Easy to use
- Good documentation
- Great detection rules
- UI filters are sometimes off, and does not provide necessary fields
- Limited results from log data
- Improving security posture
- Providing additional visibility in user and app activity
- Providing analytics for management
We use on prem resources and most of the major cloud providers: AWS, GCP, Azure.
In general OOB tool generates quite few alerts and requires manual tuning based on the environment to reduce false positive load. Out of all generated alerts only minority are true positives. But after tuning out benign activity tool does provide some good insights.
I am not involved in this
Do you think Microsoft Defender for Cloud delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Cloud's feature set?
Yes
Did Microsoft Defender for Cloud live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Microsoft Defender for Cloud go as expected?
I wasn't involved with the implementation phase
Would you buy Microsoft Defender for Cloud again?
Yes