cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Can i have security center CSPM capabilities for AWS and GCP as well?

maheshcapj
Copper Contributor

‎May 22 2021 05:03 AM

‎May 22 2021 05:03 AM

Can i have security center CSPM capabilities for AWS and GCP as well?

Hi Guys,

 

Can somebody help me to understand my below query?

 

I understand as part of ASC CWPP, security center protects the workloads of AWS and GCP with the help of Azure Arc. However I doubt is security center CSPM capabilities extended even for AWS or GCP?

 

Please confirm whether ASC CSPM is applicable to AWS and GCP or not?

 

 

Looking forward to hearing the response for this?

 

Thank you very much in advance.

 

Mahesh.

1,596 Views
0 Likes
6 Replies
Reply
6 Replies
best response confirmed by maheshcapj (Copper Contributor)
maheshcapj

‎May 22 2021 05:12 AM

‎May 22 2021 05:12 AM

Solution

Re: Can i have security center CSPM capabilities for AWS and GCP as well?

With cloud workloads commonly spanning multiple cloud platforms, cloud security services must do the same.

Azure Security Center protects workloads in Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

Onboarding your AWS account into Security Center, integrates AWS Security Hub and Azure Security Center. Security Center thus provides visibility and protection across both of these cloud environments to provide:

Automatic agent provisioning (Security Center uses Azure Arc to deploy the Log Analytics agent to your AWS instances)
Policy management
Vulnerability management
Embedded Endpoint Detection and Response (EDR)
Detection of security misconfigurations
A single view showing Security Center recommendations and AWS Security Hub findings
Incorporation of your AWS resources into Security Center's secure score calculations
Regulatory compliance assessments of your AWS resources
In the screenshot below you can see AWS accounts displayed in Security Center's overview dashboard.

So we can extend the CSPM capabilities as it mentioned it would detect the misconfigurations and secure score would be equally applied to AWS as well.

With this I am assuming it supports cspm functionalities for non azure clouds as well.. Can somebody please correct me if i am wrong here.
0 Likes
Reply
maheshcapj

‎May 31 2021 12:13 AM

‎May 31 2021 12:13 AM

Re: Can i have security center CSPM capabilities for AWS and GCP as well?

Hello Stanislav,

Thank you for your prompt response.

Regards,
Mahesh.
0 Likes
Reply
Rakesh465

‎Sep 13 2021 04:43 AM

‎Sep 13 2021 04:43 AM

Re: Can i have security center CSPM capabilities for AWS and GCP as well?

@Stanislav Belov can you also confirm if we can leverage CSPM capability for on premise resources through agent?

 

Thanks,

Rakesh

0 Likes
Reply
Stanislav Belov

‎Sep 13 2021 04:32 PM

‎Sep 13 2021 04:32 PM

Re: Can i have security center CSPM capabilities for AWS and GCP as well?

Many, not all, CSPM capabilities are available for on-premises or multi-cloud machines connected to Azure via Azure Arc.
0 Likes
Reply
maheshcapj

‎Sep 15 2021 02:21 AM

‎Sep 15 2021 02:21 AM

Re: Can i have security center CSPM capabilities for AWS and GCP as well?

Thanks for your contribution @Stanislav Belov
0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by maheshcapj (Copper Contributor)
maheshcapj

‎May 22 2021 05:12 AM

‎May 22 2021 05:12 AM

Solution

Re: Can i have security center CSPM capabilities for AWS and GCP as well?

With cloud workloads commonly spanning multiple cloud platforms, cloud security services must do the same.

Azure Security Center protects workloads in Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

Onboarding your AWS account into Security Center, integrates AWS Security Hub and Azure Security Center. Security Center thus provides visibility and protection across both of these cloud environments to provide:

Automatic agent provisioning (Security Center uses Azure Arc to deploy the Log Analytics agent to your AWS instances)
Policy management
Vulnerability management
Embedded Endpoint Detection and Response (EDR)
Detection of security misconfigurations
A single view showing Security Center recommendations and AWS Security Hub findings
Incorporation of your AWS resources into Security Center's secure score calculations
Regulatory compliance assessments of your AWS resources
In the screenshot below you can see AWS accounts displayed in Security Center's overview dashboard.

So we can extend the CSPM capabilities as it mentioned it would detect the misconfigurations and secure score would be equally applied to AWS as well.

With this I am assuming it supports cspm functionalities for non azure clouds as well.. Can somebody please correct me if i am wrong here.

View solution in original post

0 Likes
Reply