[ Microso... Reviews ](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) [ Microso... Reviews ](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) # Microsoft Defender for Cloud Features ##### ## Management (3) Dashboards and Reports Access pre-built and custom reports and dashboards. Workflow Management Creates new or streamlines existing workflows to better handle IT support tickets and service. Administration Console Provides Administration tools/console that are easy to use and learn for routine maintenance tasks Show More ##### ## Operations (3) Governance Allows users to create, edit, and relinquish user access privileges. Logging and Reporting Provides required reports to manage business. Provides adequate logging to troubleshoot and support auditing. API / Integrations Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications. Show More ##### ## Security Controls (4) Anomaly Detection Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns. Data Loss Prevention Stores data securely either on premise or in an adjacent cloud database to prevent loss of data at rest. Security Auditing Analyzes data associated with security configurations and infrastructure to provide vulnerability insights and best practices. Cloud Gap Analytics Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols. Show More ##### ## Administration (10) Risk Scoring Provides risk scoring for suspicious activity, vulnerabilities, and other threats. Secrets Management Provides tools for managing authentication credentials such as keys and passwords. Security Auditing Analyzes data associated with security configurations and infrastructure to provide vulnerability insights and best practices. Configuration Management Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance. Policy Enforcement Allows administrators to set policies for security and data governance. Auditing Analyzes data associated with web traffic and site performance to provide vulnerability insights and best practices. Workflow Management Creates new or streamlines existing workflows to better handle IT support tickets and service. Security Automation Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process. Security Integration Integrates additional security tools to automate security and incident response processes. Multicloud Visibility Allows users to track and control activity across cloud services and providers. Show More ##### ## Monitoring (7) Continuous Image Assurance Provides image verification features to establish container approval requirements and continuously monitor for policy violations to identify containers with known vulnerabilities, malware, and other threats. Behavior Monitoring Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns and fraud indicators. Observability Generate insights across IT systems utilizing event metrics, logging, traces, and metadata. Resource utilization Optimizes resource allocation. Real-time monitoring Consistently monitors processes for applications and IT infrastructure to detect anomalies in real-time. Performance baseline Sets up standard performance baseline to compare live container activities. API monitoring Traces connections between different containerized environments and detects anomalies in functionality, user accessibility, traffic flows, and tampering. Show More ##### ## Protection (4) Dynamic Image Scanning Scans application and image source code for security flaws without executing it in a live environment Runtime Protection Monitors container activities and detects threats across containers, networks, and cloud service providers. Workload Protection Protects compute resources across a networks and cloud service providers. Serves as Firewall and prompts additional authentication for suspicious users. Network Segmentation Allows administrative control over network components, mapping, and segmentation. Show More ##### ## Security (10) Compliance Monitoring Monitors data quality and sends alerts based on violations or misuse. Anomoly Detection Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns. Data Loss Prevention Stores data securely either on premise or in an adjacent cloud database to prevent loss of data at rest. Cloud Gap Analytics Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols. Compliance Monitoring Monitors data quality and send alerts based on violations or misuse. Risk Analysis Identifies potential network security risks, vulnerabilities, and compliance impacts. Reporting Creates reports outlining log activity and relevant metrics. False Positives Does not falsely indicate vulnerable code when no vulnerabilitiy legitimately exists. Custom Compliance Allows users to set custom code standards to meet specific compliances. Agility Detects vulnerabilities at a rate suitable to maintain security, or allows collaborators to do the same. Show More ##### ## Compliance (3) Governance Allows users to create, edit, and relinquish user access privileges. Data Governance Ensures user access management, data lineage, and data encryption. Sensitive Data Compliance Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards. Show More ##### ## Functionality - Software Composition Analysis (3) Language Support Supports a useful and wide variety of programming languages. Integration Integrates seamlessly with the build environment and development tools like repositories, package managers, etc. Transparency Grants comprehensive user-friendly insight into all open source components. Show More ##### ## Effectiveness - Software Composition Analysis (3) Remediation Suggestions Provides relevant and helpful suggestions for vulnerability remediation upon detection. Continuous Monitoring Monitors open source components proactively and continuously. Thorough Detection Comprehensively identifies all open source version updates, vulnerabilities, and compliance issues. Show More ##### ## Activity Monitoring (4) Usage Monitoring Tracks infrastructure resource needs and alerts administrators or automatically scales usage to minimize waste. Database Monitoring Monitors performance and statistics related to memory, caches and connections. API Monitoring Detects anomalies in functionality, user accessibility, traffic flows, and tampering. Activity Monitoring Actively monitors status of work stations either on-premise or remote. Show More ##### ## Documentation (3) Feedback Provides thorough, actionable feedback regarding security vulnerabilities, or allows collaborators to do the same. Prioritization Prioritizes detected vulnerabilities by potential risk, or allows collaborators to do the same. Remediation Suggestions Provides suggestions for remediating vulnerable code, or allows collaborators to do the same. Show More ##### ## Configuration (5) DLP Configuration Offers data loss prevention tools to protect data from leaving the environments it is allowed to. Configuration Monitoring Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance. Unified Policy Management Allows users to track and control security policies across cloud services and providers. Adaptive Access Control Provides a risk-based approach to determining trust within the network. API / Integrations Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications. Show More ##### ## Visibility (2) Multicloud Visibility Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks. Asset Discovery Detect new assets as they enter a cloud environments and networks to add to asset inventory. Show More ##### ## Vulnerability Management (4) Threat Hunting Facilitates the proactive search for emerging threats as they target servers, endpoints, and networks. Vulnerability Scanning Analyzes your existing cloud, network, and IT infrastructure to outline access points that can be easily compromised. Vulnerability Intelligence Stores information related to new and common vulnerabilities and how to resolve them once incidents occur. Risk-Prioritization Allows for vulnerability ranking by customized risk and threat priorities. Show More ##### ## Alerts management (3) Multi-mode alerts Alerts over email, text, phone call, or more to multiple parties. Opimization alerts Provides information related to unnecessary spending and unused resources. Incident alerts Gives alerts when incidents arise. Show More ##### ## Automation (2) Resolution automation Diagnoses and resolves incidents without the need for human interaction. Automation Efficiently scales resource usage to optimize spend whith increased or decreased resource usage requirements. Show More ##### ## Analysis (4) Search Allows users to search logs for troubleshooting and open-ended exploration of data. Reporting Creates reports outlining resource, underutilization, cost trends, and/or functional overlap. Visualization Presents information and analytics in a digestible, intuitive, and visually appealing way. Track trends Allows users to track log trends. Show More ##### ## Issue Resolution (3) Root cause identification Directly identifies, or increases identification speed for, root causes for container issues. Resolution guidance Provides paths, suggestions, or other general assistance towards issue resolution. Proactive identification Proactively identifies trends on container systems that could lead to failures or errors. Show More ##### ## Security - Cloud-Native Application Protection Platform (CNAPP) (4) Workload and container security Scans containers, workloads, and kubernetes clusters for any misconfigurations or vulnerabilities. Threat detection and response Monitor live environments for anomalies, risks and threats to ensure rapid response. DevSecOps Integrations Integrates with CI/CD pipelines to detect security risks early in the development life cycle. Unified Visibility Consolidate all security data across the tech and cloud stacks into one dashboard. Show More ##### ## Artificial Intelligence - Cloud-Native Application Protection Platform (CNAPP) (3) Intelligent remediations and suggestions Offers an AI-powered engine to provide remediation guidance to the user based on the type of threat. Risk prioritization Uses context-aware analysis to identify critical and non-critical risks across vulnerabilities. Anomaly detection using machine learning Help detect anomalies across cloud workloads which could help present a potential breach. Show More ##### ## Cloud Configuration Management - Cloud-Native Application Protection Platform (CNAPP) (2) Multi-cloud visibility Offers a unified view of all cloud assets across multi-cloud platforms such as AWS, Azure, GCP etc. Cloud Security Posture Management (CSPM) Continuously scans cloud environments for any misconfigurations, and provide benchmarks and guided remediation. Show More ##### ## Agentic AI - Cloud Security Monitoring and Analytics (3) Autonomous Task Execution Capability to perform complex tasks without constant human input Proactive Assistance Anticipates needs and offers suggestions without prompting Decision Making Makes informed choices based on available data and objectives Show More ##### ## Agentic AI - Cloud-Native Application Protection Platform (CNAPP) (2) Autonomous Task Execution Capability to perform complex tasks without constant human input Adaptive Learning Improves performance based on feedback and experience Show More ##### ## Agentic AI - Cloud Detection and Response (CDR) (3) Autonomous Task Execution Capability to perform complex tasks without constant human input Proactive Assistance Anticipates needs and offers suggestions without prompting Decision Making Makes informed choices based on available data and objectives Show More ##### ## Services - Cloud Detection and Response (CDR) (1) Managed Services Offers managed detection and response services. Show More ##### ## Model Protection - AI Security Solutions (4) Input Hardening Provides specific capability to defend AI assets from adversarial attacks (including prompt injection, data poisoning, model inversion or extraction) without requiring retraining of the underlying model. Input/Output Inspection Enables automatic inspection of model inputs (prompts) and/or outputs (responses) to prevent unsafe, sensitive or manipulated content. Integrity Monitoring Monitors the integrity of model weights, dependencies or metadata (for example via SBOM/AIBOM) to detect tampering, drift or unauthorised modification. Model Access Control Verifies the ability to enforce who or what (users, agents, systems) may access a model or LLM asset. Show More ##### ## Runtime Monitoring - AI Security Solutions (2) AI Behavior Anomaly Detection Detects unusual or harmful runtime behaviour of AI models, agents or workflows (such as unexpected output patterns, excessive permissions use, or unknown agents). Audit Trail Provides a persistent, searchable audit log of AI‑asset inputs, outputs and interactions (including who/what invoked the model, when, and with what data) for forensics and compliance. Show More ##### ## Policy Enforcement and Compliance - AI Security Solutions (4) Scalable Governance Ensures that the AI‑security platform supports scaling of AI‑asset protection (models, agents, multi‑cloud deployments) and applies governance/compliance frameworks as AI usage grows. Integrations Enables integration of the AI‑security solution with traditional security stacks (SIEM, SOAR, cloud security, application security, identity/access management) to unify visibility and response. Shadow AI Offers visibility into unmanaged or unauthorized AI/agent use (“shadow AI”) across the organisation and enforces control over such usage (e.g., agent creation, LLM‑based services). Policy‑as‑Code for AI Assets Supports codified, machine‑enforceable security policies targeting AI models/agents (for example, blocking certain categories of prompts, enforcing least‑privilege for model use, enforcing “no external data” rules). Show More ##### ## Functionality - AI Security Posture Management (AI-SPM) Tools (5) Security Ecosystem Integration Integrate with existing security infrastructure (SIEM, CASB, IAM, DSPM/CSPM/SSPM) to bring AI‑SPM into the wider security ecosystem. AI Asset Discovery Discover AI applications, agents, chatbots and integrations across SaaS, APIs and other environments. Adaptive Policy Updates Support continuous updates to policies and controls as AI‑tool usage evolves and new threats emerge. Access and Permissions Monitoring Monitor data flows, permissions and resource access associated with AI integrations and tools. Policy Enforcement Enforce AI‑specific security policies in real time, such as limiting agent permissions and blocking unauthorized AI activity. Show More ##### ## Risk Assessment - AI Security Posture Management (AI-SPM) Tools (2) AI Risk Assessment Continuously assess AI integration risks including misconfigurations, policy violations and exposure to external AI services. AI Asset Posture Scoring Provide dashboards, risk scores and prioritisation for remediation across the AI‑asset estate. Show More ##### ## Governance & Compliance - AI Security Posture Management (AI-SPM) Tools (2) AI‑Generated Content Controls Monitor AI‑generated content for sensitive/regulated information and apply remediation or blocking controls. Audit Trails Maintain audit logs, governance controls and reporting tied specifically to AI assets, agent behaviours and integrations. Show More [ ![OX Security](https://images.g2crowd.com/uploads/product/image/large_detail/large_detail_3f93fbe8e36ac5a64fa56484c3cd96ee/ox-security.png "OX Security") Sponsored OX Security 4.8/5 (51) Visit Website ](javascript:void(0)) ## Top-Rated Alternatives [ ![Wiz](https://images.g2crowd.com/uploads/product/hd_favicon/991dbad301661dc9e1b78a7e252252b4/wiz-wiz.svg "Wiz") Wiz 4.7/5 (807) ](https://www.g2.com/products/wiz-wiz/reviews) [ ![Orca Security](https://images.g2crowd.com/uploads/product/hd_favicon/7bfb8b139d34ddbb4c7f1c4dc8e7b029/orca-security.svg "Orca Security") Orca Security 4.7/5 (275) ](https://www.g2.com/products/orca-security/reviews) [ ![Cortex Cloud](https://images.g2crowd.com/uploads/product/hd_favicon/dfd7fb4e8735ab6c09fc57deedbfc1a2/cortex-cloud.svg "Cortex Cloud") Cortex Cloud 4.1/5 (112) ](https://www.g2.com/products/cortex-cloud/reviews) [ View All Alternatives ](https://www.g2.com/products/microsoft-defender-for-cloud/competitors/alternatives) Microsoft Defender for Cloud Comparisons ![Product Avatar Image](https://images.g2crowd.com/uploads/product/image/small_square/small_square_504423766e296a0eeef13491cb738385/aws-security-hub.png "Product Avatar Image") AWS Security Hub 4.4/5 (28) [ Compare Now ](https://www.g2.com/compare/aws-security-hub-vs-microsoft-defender-for-cloud) ![Product Avatar Image](https://images.g2crowd.com/uploads/product/image/small_square/small_square_65c94fd396adf448fb1d27e503b86982/wiz-wiz.png "Product Avatar Image") Wiz 4.7/5 (813) [ Compare Now ](https://www.g2.com/compare/microsoft-defender-for-cloud-vs-wiz-wiz) ![Product Avatar Image](https://images.g2crowd.com/uploads/product/image/small_square/small_square_3a7a925cc43d97814fa81ec2d6c06f45/aws-control-tower.jpeg "Product Avatar Image") AWS Control Tower 3.9/5 (25) [ Compare Now ](https://www.g2.com/compare/aws-control-tower-vs-microsoft-defender-for-cloud) ##### Categories on G2 [ Cloud Compliance ](https://www.g2.com/categories/cloud-compliance)[ Container Monitoring ](https://www.g2.com/categories/container-monitoring-tools)[ Software Composition Analysis ](https://www.g2.com/categories/software-composition-analysis) [ Cloud Security Posture Management (CSPM) ](https://www.g2.com/categories/cloud-security-posture-management-cspm)[ Secure Code Review ](https://www.g2.com/categories/secure-code-review)[ Cloud Workload Protection Platforms ](https://www.g2.com/categories/cloud-workload-protection-platforms)[ Cloud Security Monitoring and Analytics ](https://www.g2.com/categories/cloud-security-monitoring-and-analytics)[ Container Security ](https://www.g2.com/categories/container-security-tools)[ Cloud-Native Application Protection Platform (CNAPP) ](https://www.g2.com/categories/cloud-native-application-protection-platform-cnapp)[ Cloud Detection and Response (CDR) ](https://www.g2.com/categories/cloud-detection-and-response-cdr)[ AI Security Posture Management (AI-SPM) Tools ](https://www.g2.com/categories/ai-security-posture-management-ai-spm-tools)[ AI Security Solutions ](https://www.g2.com/categories/ai-security-solutions) Show More ##### Explore More [ What is the most affordable MFA solution for SMBs? ](https://www.g2.com/discussions/what-is-the-most-affordable-mfa-solution-for-smbs)[ Best data observability solution for software companies ](https://www.g2.com/discussions/best-data-observability-solution-for-software-companies)[ Which feature management platforms work best for teams managing thousands of flags across multiple environments? ](https://www.g2.com/discussions/which-feature-management-platforms-work-best-for-teams-managing-thousands-of-flags-across-multiple-environments) [ Best platforms for automating cloud compliance audits ](https://www.g2.com/discussions/what-are-the-best-platforms-for-automating-cloud-compliance-audits)[ Which AI content tool is best for social media posts? ](https://www.g2.com/discussions/which-ai-content-tool-is-best-for-social-media-posts)[ Pros and Cons Details ](https://www.g2.com/products/microsoft-defender-for-cloud/reviews?qs=pros-and-cons) Show More [ What is the most affordable MFA solution for SMBs? ](https://www.g2.com/discussions/what-is-the-most-affordable-mfa-solution-for-smbs)[ Best data observability solution for software companies ](https://www.g2.com/discussions/best-data-observability-solution-for-software-companies)[ Which feature management platforms work best for teams managing thousands of flags across multiple environments? ](https://www.g2.com/discussions/which-feature-management-platforms-work-best-for-teams-managing-thousands-of-flags-across-multiple-environments) [ Best platforms for automating cloud compliance audits ](https://www.g2.com/discussions/what-are-the-best-platforms-for-automating-cloud-compliance-audits)[ Which AI content tool is best for social media posts? ](https://www.g2.com/discussions/which-ai-content-tool-is-best-for-social-media-posts)[ Pros and Cons Details ](https://www.g2.com/products/microsoft-defender-for-cloud/reviews?qs=pros-and-cons)