Microsoft is now the only major cloud provider to offer security solutions that span the top three major cloud providers in the world – Azure, AWS, and Google Cloud Platform (GCP). The Microsoft Defender for Cloud solution previously supported Azure and AWS. The solution now offers GCP support. Defender for Cloud checks for weak and misconfigurations and leverages the Center for Internet Security (CIS) benchmark in its checks. The current solution for GCP supports virtual machines, containers, and other GCP services. In addition, Microsoft announced the CloudKnox Permissions Management tool to enforce least privilege across clouds. Finally, Microsoft Sentinel is gaining a new log type designed for faster searching and longer-term retention extending retention from 2 years to 7 years. More information and details on each of these announcements can be found here
Why This Matters
- Microsoft is focused on being a leading security company and with offerings now covering all three major cloud providers, only niche security companies can offer similar services. This allows organizations using Azure and another cloud to use the Azure platform to centrally manage and enforce security. This is an offering that AWS and Google cannot match today.
- Misconfiguration of cloud services is a common weakness that can lead to data loss and data breaches. The CloudKnox tool now helps better enforce the least privilege settings helping mitigate some of these configuration issues.
- Sentinel moving to a new log type and 7-year retention helps address regulatory and compliance needs from organizations that may have previously wanted Sentinel, but could not due to the compliance retention requirements.