Learn how the deprecation of Microsoft Entra Permissions Management impacts Microsoft Defender for Cloud
Today, Microsoft announced the planned retirement of Microsoft Entra Permissions Management, targeted for October 1, 2025. As we navigate this transition, we want to reassure customers of our ongoing commitment to deliver Cloud Infrastructure Entitlement Management (CIEM) capabilities within Microsoft Defender for Cloud. Our investment in CIEM remains a strategic priority and an integral component of our comprehensive Cloud-Native Application Protection Platform (CNAPP).
What Does This Mean for Your Defender for Cloud Experience?
The planned changes around Microsoft Entra Permissions Management will not affect existing CIEM capabilities in Microsoft Defender for Cloud. All permissions management functionality you rely on today, including identity discovery, permissions visibility, and entitlement governance, will remain fully available in Defender CSPM, ensuring your cloud security operations continue to run smoothly without interruption.
Our Long-term Investment in CIEM Capabilities
CIEM is a critical component of CNAPP and is essential for addressing security risks associated with identity and permissions misconfigurations in multicloud environments. Microsoft remains committed to continuously enhancing Defender for Cloud’s CIEM capabilities, aligning closely with core CNAPP use cases, including:
- Centralized multicloud identity discovery: Providing visibility and analysis of cloud identities and entitlements across Azure, AWS, and GCP, enabling security teams to proactively identify and address permission-related risks across their entire cloud estate.
- Permissions gap analysis: Assessing assigned permissions against actual usage to highlight unnecessary entitlements, allowing organizations to significantly reduce identity-based risk and permissions sprawl.
- Inactive identity tracking: Identifying and managing inactive identities and unused permissions, supporting the principle of least privilege by removing unnecessary access.
Our roadmap includes ongoing innovation designed to help your organization proactively manage entitlements, mitigate risks, and strengthen overall cloud security posture.
Continuing Our Security Journey Together
We deeply value your trust and collaboration. Our goal is to provide security teams with enhanced CIEM capabilities within Defender for Cloud that support your organization's cloud security efforts now and in the future.
For guidance on enabling and optimizing CIEM capabilities within Microsoft Defender for Cloud, please visit our Microsoft Learn page.
Microsoft