Microsoft Defender for Cloud is a service for managing your security posture and securing your cloud workload. It can identify weaknesses and vulnerabilities in your infrastructure configurations, help strengthen your overall security posture, and protect your workloads in multicloud or hybrid environments from threats.
In the figure below, it is possible to understand the macro coverage of Microsoft Defender For Cloud and its level of performance.
What are the main advantages of using Microsoft Defender for Cloud?
Assessing and strengthening your infrastructure's security configurations, whether in Azure or in environments with multiple Cloud providers, such as AWS, Google Cloud and Oracle Cloud.
Manage environmental compliance using standardized regulatory models for various sectors, such as:
Governmental,
Financial,
Hospitals,
Health and Natural Sciences,
Automotive,
Education,
Energy and others.
Detects vulnerabilities to protect your hybrid and multicloud workloads from malicious attacks.
How to access Microsoft Defender For Cloud?
Initially, you need to get a free Azure account. Below is the link to the official Microsoft page.
Get started for free on Azure
When accessing your Azure account, search for Microsoft Defender for Cloud or Microsoft Defender for Cloud (if you are using Portuguese-BR).
Select the item indicated in the image above
Indication 1 shows the summary of the “scope” of the service in question, where we check the Subscriptions that are covered by the security service, resources or total services analyzed, the recommendations that should be analyzed by you and the alerts.
Indication 2 shows the safety rating, essentially composed of the general score of the environment that includes the following factors:
Controls: Sets of detection rules that were applied to the scan for analysis.
Recommendations: Here, the number of operating system updates or other pending updates, vulnerabilities related to network configurations, exposed public network ports and other recommended resources to maximize the security of your infrastructure are highlighted.
At the bottom of the page, we identified more indicators of the security services, see below:
In statement 1, Regulatory compliance, refers to a view of the safety items that are or are not covered based on market regulatory standards.
In indication 2, Most Predominant Recommendations, the most relevant security recommendations are displayed in addition to the number of recommendations by resource type. To view more details, just click on the link for each recommendation.
Security Alerts: How to view?
To view the main security alerts, access the SECURITY ALERTS link in the left menu, see below:
In indication 1, we have the Security Alerts section.
In indication 2 , it is possible to visualize the number of active alerts and the severity of each one of them.
In indication 3, it is possible to have a simplified view of the alert, defined by:
the severity,
the title,
the affected resource,
the start of the activity and
the type of tactic commonly used by an attacker due to the alert.
Periodically monitor these alerts and configure so that you receive these notifications in order to always be one step ahead of the security of your infrastructure.
Are there any costs for using Microsoft Defender for Cloud?
For use on Azure there is no additional cost. The cloud security posture management features in Microsoft Defender for Cloud are free for your Azure subscription, however for more specific features you can view pricing via the Azure calculator.
Conclusion
Microsoft Defender for Cloud is one of the essential tools for cloud administrators, as it generates insights that help define behaviors and culture of continuous assessment of the environment.
It provides management sectors with highly relevant insights and solutions for mitigating risk and raising compliance standards through well-defined and globally validated sets or even through custom configurations, protecting not only workloads in Azure, but also on other cloud providers.
Designed for environments of all sizes, Microsoft Defender for Cloud can protect everything from virtual servers, PaaS, databases, IoT devices, local firewalls, and many other resources.
