Microsoft Defender for Cloud is a cloud security posture management (CSPM) that detects vulnerabilities in cloud configurations, strengthens the security posture of your entire environment, and protects workloads running in hybrid and multi-cloud environments from a variety of threats and workloads protection solutions.
What is CSPM and CWPP?
CSPM: Cloud Security Posture Management
Organizations can use CSPM to perform continuous compliance monitoring, prevent configuration changes, and support security operations center investigations. CSPM can also serve as DevOps security measures by setting limits on the configurations or behaviors allowed in the cloud.
CWPP: Cloud Workload Protection Platform
Making sure the right workloads are in the right place and managed correctly is a complex process that can easily lead to security incidents. Consolidate management of multiple cloud providers and deploy CWPP to cover all types of workloads, including physical servers, virtual machines, containers, and serverless.
How does Defender for Cloud detect threats?
To detect real threats and reduce false positives, Defender for Cloud collects, analyzes, and aggregates report from your Azure network and resources. It also works with partner solutions, such as firewalls and endpoint security solutions. Defender for Cloud analyzes this data (often combining data from multiple sources) to identify threats.
Some services that Defender for Cloud provides
-Microsoft Defender for servers
-Microsoft Defender for containers
-Microsoft Defender for SQL on databases connected to Azure
-Microsoft Defender for SQL outside Of Azure
-Microsoft Defender for MySQL
-Microsoft Defender for App Service
-Microsoft Defender para Key Vault
-Microsoft Defender for ARM
-Microsoft Defender for DNS
Darwin Guerra
