Can i have security center CSPM capabilities for AWS and GCP as well?

Occasional Contributor

Hi Guys,

 

Can somebody help me to understand my below query?

 

I understand as part of ASC CWPP, security center protects the workloads of AWS and GCP with the help of Azure Arc. However I doubt is security center CSPM capabilities extended even for AWS or GCP?

 

Please confirm whether ASC CSPM is applicable to AWS and GCP or not?

 

 

Looking forward to hearing the response for this?

 

Thank you very much in advance.

 

Mahesh.

3 Replies
With cloud workloads commonly spanning multiple cloud platforms, cloud security services must do the same.

Azure Security Center protects workloads in Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

Onboarding your AWS account into Security Center, integrates AWS Security Hub and Azure Security Center. Security Center thus provides visibility and protection across both of these cloud environments to provide:

Automatic agent provisioning (Security Center uses Azure Arc to deploy the Log Analytics agent to your AWS instances)
Policy management
Vulnerability management
Embedded Endpoint Detection and Response (EDR)
Detection of security misconfigurations
A single view showing Security Center recommendations and AWS Security Hub findings
Incorporation of your AWS resources into Security Center's secure score calculations
Regulatory compliance assessments of your AWS resources
In the screenshot below you can see AWS accounts displayed in Security Center's overview dashboard.

So we can extend the CSPM capabilities as it mentioned it would detect the misconfigurations and secure score would be equally applied to AWS as well.

With this I am assuming it supports cspm functionalities for non azure clouds as well.. Can somebody please correct me if i am wrong here.
Hello Stanislav,

Thank you for your prompt response.

Regards,
Mahesh.