A Defender of your cloud environment that rarely lets you down!
October 25, 2023
A Defender of your cloud environment that rarely lets you down!
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Cloud
The only term that answers all the three questions above is assessing the security posture of a cloud environment. A typical cloud environment can have a wide variety of resources which needs to go through an assessment process to make sure that the configurations of the resources are well tuned to be not vulnerable and weak enough for a cyberattack. Microsoft Defender for Cloud (MDC) makes our job easier by automating this task and generating security recommendations. It excels further by providing the associated remediations and impacts for the security recommendations.
- The CSPM functionality and feature of MDC provides thorough recommendations along with their remediation steps. Some recommendations also have a 'Quick Fix' functionality that makes it a one-click fix for the resource.
- The easy to use and intuitive UI of MDC is another that sets it apart from other CSPMs. It is not only the case for Azure based resources but also for AWS resources as well.
- The wide array of Cloud Workload Protection Plan features provides a variety of preventative features with an exceptionally detailed logging mechanism.
- The 'Attack Path Analysis' makes it very easy to find possible attack paths and vulnerable resources within the environment.
- 'Regulatory Compliance' is definitely an area of improvement for MDC. The complex and high number of controls within a specific framework should allow a more helpful and detailed guidelines in order to tackle them.
- The limitation of options in the incident management menu of MDC has proven to be a hassle while managing security alerts. For example, an analyst cannot even provide a comment about the actions taken on an incident.
- There is a missing functionality of connecting other EDR or XDR solutions to MDC which I think should be there for a CSPM tool.
- Thye most positive impact is that due to the recurring nature of security recommendations in MDC, organizations are now encouraged to do a more frequent security review of their environment which used to be yearly or quarterly earlier.
- The detailed categorization of the vulnerabilities and alerts provides organizations with more context and objectives to do a security-based investment.
- When going for all the MDC plans most organizations have seen a surge on their expenditures which has been a very negative impact.
We do have an on-premises presence with a few servers especially a DC with a firewall appliance in place. When it comes to cloud, we are only on Azure but with a wide variety of IaaS and PaaS resources including but not limited to VMs, API Management instances, WAFs, SQL and non-SQL DBs, Storage accounts etc.
Yes, it has. The number of security alerts are directly proportional to the number of insecure configurations of resources within the environment. By flagging those misconfigurations in great detail along with the required remediation steps, we were able to make our resources more secure and less prone to cyberattacks as before. Wildly speaking, we were able to cut down almost 40% security alerts in the past 6 months.
MDC has helped us in 3 specific category of tools - CSPM, CWPP and incident management platform. If not for MDC, we would have to acquire these products separately from different vendors giving us an economical and operational overhead. Not to forget, we are also utilizing it as an DevOps security tool replacing an IaC tool. If I were to make an assumption, it is nearly saving us about approximately 15000$/year.
Do you think Microsoft Defender for Cloud delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Cloud's feature set?
Yes
Did Microsoft Defender for Cloud live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Cloud go as expected?
Yes
Would you buy Microsoft Defender for Cloud again?
Yes