Blog Post

Microsoft Defender for Cloud Blog
3 MIN READ

Monthly news - October 2023

StanislavBelov's avatar
Oct 02, 2023

Microsoft Defender for Cloud

Monthly news

October 2023 Edition

This is our monthly "What's new" blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from September 2023.

Legend:
Product videos Webcasts (recordings) Docs on Microsoft Blogs on Microsoft
GitHub External content Product improvements Announcements
 Microsoft Defender for Cloud

 

The data security dashboard is now available in public preview as part of the Defender CSPM plan. The data security dashboard is an interactive, data-centric dashboard that illuminates significant risks to sensitive data, prioritizing alerts and potential attack paths for data across hybrid cloud workloads.

 

Learn more about the data security dashboard.
Data-aware security posture capabilities for frictionless sensitive data discovery for PaaS Databases (Azure SQL Databases and Amazon RDS Instances of any type) are now in public preview. This public preview allows you to create a map of your critical data wherever it resides, and the type of data that is found in those databases. Sensitive data discovery for Azure and AWS databases, adds to the shared taxonomy and configuration, which is already publicly available for cloud object storage resources (Azure Blob Storage, AWS S3 buckets and GCP storage buckets) and provides a single configuration and enablement experience.

 

Learn more about data-aware security posture.
Defender for Cloud plans are enabled per subscription, and it can become challenging to know which plan has been enabled on which scope, especially in larger environments. That is why we added the Coverage workbook to Defender for Cloud's Workbook Gallery a while back. While some plans simply need to be enabled, others will have additional dependencies. For example, in Defender CSPM, it is not enough to enable the plan on an Azure subscription, or multicloud connector, you will also want to enable agentless scanning for machines, agentless Kubernetes discovery, sensitive data discovery, and agentless vulnerability scanning for container registries. While all of these settings are enabled by default when enabling Defender CSPM today at no additional cost, or resource impact, that was not the case in the past. Also, someone might still accidentally disable one or all of these capabilities, while keeping Defender CSPM still enabled. With the updated Coverage workbook, it is easy to detect such misconfigurations.

Containers vulnerability assessment powered by Microsoft Defender Vulnerability Management (MDVM), now supports an additional trigger for scanning images pulled from an ACR. This newly added trigger provides additional coverage for active images in addition to the existing triggers scanning images pushed to an ACR in the last 90 days and images currently running in AKS.

 

For more information, see Container Vulnerability Assessment powered by MDVM.
Microsoft Monitoring Agent (MMA) is being deprecated in August 2024. Defender for Cloud updated it's strategy by replacing MMA with the release of a SQL Server-targeted Azure Monitoring Agent autoprovisioning process. During the preview, customers who are using the MMA autoprovisioning process with Azure Monitor Agent (Preview) option, are requested to migrate to the new Azure Monitoring Agent for SQL server on machines (Preview) autoprovisioning process. The migration process is seamless and provides continuous protection for all machines.

 

For more information, see Migrate to SQL server-targeted Azure Monitoring Agent autoprovisioning process.
You can now view GitHub Advanced Security for Azure DevOps (GHAzDO) alerts related to CodeQL, secrets, and dependencies in Defender for Cloud. Results will be displayed in the DevOps blade and in Recommendations. To see these results, onboard your GHAzDO-enabled repositories to Defender for Cloud.

 

Learn more about GitHub Advanced Security for Azure DevOps.
Microsoft Defender for Cloud Labs have been updated and now include very detailed step by step guidance on how to enable, configure and test the new Defender for Storage plan capabilities.
Join our experts in the upcoming webinars to learn what we are doing to secure your workloads running in Azure and other clouds.

 

 

Note: If you want to stay current with Defender for Cloud and receive updates in your inbox, please consider subscribing to our monthly newsletter: https://aka.ms/MDCNewsSubscribe

 

Updated Oct 02, 2023
Version 2.0