What is Azure Defender for Cloud (Microsoft Defender for Cloud)?
Answer
Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) that protects Azure, hybrid, and multi-cloud environments. Two main capabilities: CSPM: continuously assesses your security posture with a Secure Score, provides recommendations aligned with industry standards (CIS, NIST, PCI-DSS), and detects misconfigurations like public storage blobs and open management ports. Workload Protection: advanced threat detection for VMs (detecting unusual processes), Containers (Kubernetes threat detection), Databases (SQL injection attempts), App Service, Storage, and Key Vault. It integrates with Microsoft Sentinel for SIEM. The Enhanced Security features cost per resource per hour; the CSPM basic tier is free. It supports non-Azure resources via Azure Arc.
Previous
What is Azure Event Grid and how does it differ from Event Hubs and Service Bus?
Next
What is Azure Arc and what problem does it solve?
More Microsoft Azure Questions
View all →- Advanced What is the Azure landing zone and how is it structured?
- Advanced What is Azure Service Mesh and how does it relate to Istio?
- Advanced How does Azure implement zero-trust security architecture?
- Advanced What is Azure Event Grid and how does it differ from Event Hubs and Service Bus?
- Advanced What is Azure Arc and what problem does it solve?