Microsoft Defender for Cloud is a first class Azure security posture tool
Updated November 01, 2025
Microsoft Defender for Cloud is a first class Azure security posture tool
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Cloud
In my organization, we use Microsoft Defender for Cloud as a Cloud Security Posture Management tool. It is also used for workload protection which extends to on-prem workloads. Microsoft Defender for Cloud helps us with the management of our Cloud security in that it is native to Azure and covers all aspects on Azure Security. With the workload protection we do not need to invest in other third-party tools for CSPM, CWPP and CNAPP. The scope of our use cases covers the full capabilities of the Azure platform. We leverage also all resources types you can think of and Microsoft has thought of a way to protect and or gain insights from a security perspective.
Pros
- I like that with Microsoft Defender for Cloud you can track your secure score to see how well you are doing with your security controls.
- There are remediation steps for findings with the platform and some can be fix automatically with a few clicks.
- There are recommendations for exactly what controls to put in place to ensure a more secure environment for Azure.
Cons
- I think Microsoft Defender for Cloud could do a better job of making some of the security alerts easier to understand and easier to resolve.
- Since there are some popular ITSM tools that a lot of companies use, I think Microsoft should make it a lot easier for Microsoft Defender for Cloud to integrate with the popular ITSM tools.
- The should be a way for users to trigger their own scans for data security related events.
- Overall, think Microsoft Defender for Cloud provides business value in that it has a lot of features that are practical and help to secure an Azure environment.
- With the recommendations available on the platform, the users of the platform will find it easier to implement controls to secure their Azure environment.
- Microsoft Defender for Cloud helps with the improvement of compliance and risk management with its capabilities and features.
Our environment has a mix of on-prem and cloud resources. We use mostly Azure resources in the cloud. With our current configuration, we use Microsoft Defender for Cloud to get insights into on-prem resources with the deployment of Azure Arc. We plan to start using Google Cloud Platform (GCP) and will integrate GCP to Microsoft Defender for Cloud once we start using it.
With our Microsoft Defender for Cloud tuning, we have reduced the number of threat alerts we used to receive. Some alerts were known and expected and therefore we were able to suppress them to focus on the important alert. I do not know the percentage of reduction off hand. We were also able to rule out some false positives as well.
I think Microsoft Defender for Cloud help reduce the number of security tools we would need to protect our Azure environment. It provides Cloud Security Posture Management and Workload Protection that would have to be implemented with other tools if Microsoft Defender for Cloud was not a capability of Azure. I estimate that there is about $150K in savings yearly.
I believe Microsoft Defender for Cloud stacks up well against the other tools we looked at. It is native to the Azure platform and provides the same insights as the other tools. We selected Microsoft Defender for Cloud because it integrates well with the Azure resources and gives the needed insight, security alerts and recommendations.
Do you think Microsoft Defender for Cloud delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Cloud's feature set?
Yes
Did Microsoft Defender for Cloud live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Cloud go as expected?
Yes
Would you buy Microsoft Defender for Cloud again?
Yes
Comments
Please log in to join the conversation