Microsoft Defender for Cloud is a comprehensive security solution designed to secure all your Azure, on-premises, and multicloud resources, including Amazon AWS and Google GCP. With Defender for Cloud, you can tackle three essential security requirements: assess, secure, and defend.
Defender for Cloud assesses your security posture by providing a secure score, an aggregated representation of the security findings that highlights your current security situation and identifies any new security opportunities. Defender for Cloud secures your workloads by providing step-by-step recommendations for known security risks. Finally, Defender for Cloud alerts you in real time, allowing you to react immediately and prevent security events from developing.
Defender for Cloud covers two broad pillars of cloud security: Cloud Workload Protection Platform (CWPP) and Cloud Security Posture Management (CSPM). CSPM offers hardening guidance to help you improve your security posture while providing visibility into your current security situation. The secure score continually assesses your resources and subscriptions and provides hardening recommendations based on any identified security misconfigurations. Attack path analysis helps you remediate the highest risk issues by exposing exploitable paths that attackers may use to breach your environment. Defender for Cloud offers two options for protecting your resources: a free option and a premium option, with the latter offering full coverage and benefits.
Defender for Cloud includes security alerts powered by Microsoft Threat Intelligence and a range of intelligent protections for your workloads. These workload protections are provided through Microsoft Defender plans specific to the types of resources in your subscriptions. For example, you can enable Microsoft Defender for Storage to get alerted about suspicious activities related to your storage resources.
Defender for Cloud is an Azure-native service, meaning many Azure services are monitored and protected without deployment. Defender for Cloud can automatically deploy a Log Analytics agent to gather security-related data for Azure and hybrid/multicloud environments. At the same time, the CSPM features can be extended to multicloud machines without the need for any agents. Defender for Cloud helps you detect threats across Azure PaaS, Azure data services, and more. Get a step-by-step walkthrough of Defender for Cloud through this interactive tutorial, or learn from a cybersecurity expert by watching Lessons Learned from the Field.