Azure Security Center and Azure Defender are now Microsoft Defender for Cloud. In this post we will give you additional insight into the name change and clarify how it affects your in-product experience.
Since the launch of Azure Security Center in 2016, the product has become a market-leading Cloud Security Posture Management (CSPM) solution. Forrester assessed Azure Security Center's Total Economic Impact to customers and concluded that it delivers 219% ROI over 3 years and a payback in less than 6 months. Since its launch, the product has constantly evolved to address new and emerging security threats. A combination of changing workloads, increasingly sophisticated attacks, market shifts, and customer engagement have been driving factors for product innovation. In addition to CSPM, threat protection for cloud workloads has become critical in building a cohesive cloud security strategy for customers and these capabilities were part of Azure Defender.
Last year at Microsoft Ignite, we introduced a first set of capabilities to support multi-cloud environments with the launch of AWS and GCP connectors, using Azure Arc. This year we announced native CSPM support for AWS and significant enhancements in onboarding AWS workloads, as well as support for Amazon EKS Kubernetes clusters and AWS EC2. As part of this shift to support multi-cloud environments natively and better reflect the integrated capabilities of our security offering that help customers secure any cloud platform, we unified the two product names under the new name Microsoft Defender for Cloud.
A new name to highlight our multi-cloud focus
Azure Security Center and Azure Defender worked together seamlessly before and that’s not changing with the new name. Cloud Security Posture Management and workload protection capabilities will continue to be available from the same console.
Image 1: Overview of the Microsoft Defender for Cloud capabilities
Cloud security posture management capabilities will remain free to use with your Azure subscriptions. If you want to enable protection for your workloads in Azure, AWS, other cloud providers, or on-premises, you will need to enable the enhanced security features, which were previously Azure Defender. When enabling the relevant Microsoft Defender plans, you will have access to threat detections for the workload you select, as well as other enhanced security capabilities that are documented in this article. You will continue to have the same level of granularity to enable plans as before.
Image 2: Overview of the enhanced security plans in Defender for Cloud.
Another option is to enable Microsoft Defender for Cloud plans across all supported workloads using the option below:
Image 3: Portal view that allows users to enable all paid Defender for Cloud plans
Frequently asked questions
I have implemented workflow automations with different Logic Apps, do I have to update my workflow automation and logic app? No, everything will continue to work as is.
Does Microsoft Defender for Servers still integrate with MDE? Yes, no changes are being made to the integration model.
Will the integration to Sentinel need to be updated if the connector name changed? No, your current connector will continue to work as expected.
Are any of the Defender plan prices changing as part of the new name? No. All Microsoft Defender for Cloud pricing plans remain the same.
Will the integration to Microsoft Defender for Cloud Apps (formerly known as Microsoft Cloud App Security) need to be updated if the connector name has changed? No, the existing connector will continue to work as expected.
Which Microsoft Defender for Cloud plans work on AWS resources? Defender for Servers and Defender for Kubernetes.
Will Do we still have 30 days trial for all Microsoft Defender for Cloud plans? Yes.