| Microsoft Defender for Cloud |
|
The container vulnerability assessment powered by Trivy has been retired. Any customers who were previously using this assessment should upgrade to the new AWS container vulnerability assessment powered by Microsoft Defender Vulnerability Management. For instructions on how to upgrade, see How do I upgrade from the retired Trivy vulnerability assessment to the AWS vulnerability assessment...? |
 |
Azure Kubernetes Service (AKS) threat detection features in Defender for Containers are now fully supported in commercial, Azure Government, and Azure China 21Vianet clouds. Review supported features. |
 |
In this blog post we provide organizations with a comprehensive understanding of all the agents and resources deployed as part of Defender for Server, Defender for Container, Defender for SQL in their AWS/GCP environment by Defender for Cloud. The article aims to guide organizations on the impact of Defender for Cloud on their environment and what they need to remove when switching Defender for Cloud plans on the security connector. Where possible this article should avoid duplicating information that is already available on Microsoft Learn and focus on providing information that is not publicly available or documented on Microsoft Learn. |
|
|
A new version of the Defender Agent for Defender for Containers is available. It includes performance and security improvements, support for both AMD64 and ARM64 arch nodes (Linux only), and uses Inspektor Gadget as the process collection agent instead of Sysdig. The new version is only supported on Linux kernel versions 5.4 and higher, so if you have older versions of the Linux kernel, you need to upgrade. Support for ARM 64 is only available from AKS V1.29 and above. For more information, see Supported host operating systems. |
 |
Microsoft Defender for Cloud (MDC) has been instrumental in offering proactive security management through its detailed Attack Path insights, helping organizations identify and mitigate potential vulnerabilities before they can be exploited. While these insights have long provided value within the MDC portal and through one-time snapshots via Azure Resource Graph, a significant update enhances how organizations can leverage this information. The introduction of continuous export capabilities for these insights represents a transformative step forward, enabling the integration of MDC's proactive security intelligence with external analytical tools and solutions over extended periods.
In this article we discuss how to enable continuous export of attack path insights and track your progress over time. |
 |
The updated experience for managing security policies, initially released in Preview for Azure, is expanding its support to cross cloud (AWS and GCP) environments. This Preview release includes:
- Managing regulatory compliance standards in Defender for Cloud across Azure, AWS, and GCP environments.
- Same cross cloud interface experience for creating and managing Microsoft Cloud Security Benchmark(MCSB) custom recommendations.
- The updated experience is applied to AWS and GCP for creating custom recommendations with a KQL query.
|
 |
Watch new episodes of the Defender for Cloud in the Field show to learn about the DevOps security capabilities in Defender CSPM, and recommendation prioritization in Microsoft Defender for Cloud |
 |
By default, Defender for Servers is enabled as a subscription-wide setting, covering all Azure VMs, Azure Arc-enabled Servers and VMSS nodes at the same time. However, there are scenarios in which it makes sense to downgrade individual machines from Defender for Servers Plan 2 to Plan 1, or only enable Defender for Servers Plan 1 on a subset of machines in a subscription.
This PowerShell script allows you to select machines based on Azure resource tags, or a resource group to configure them individually rather than using the same plan setting for all machines in a subscription. |
 |
Discover how other organizations successfully use Microsoft Defender for Cloud to protect their cloud workloads. This month we are featuring docunite GMBH – a document management system specialized for the real estate industry – that uses Microsoft security solutions, including Defender for Cloud, to secure their environment. |
 |
Join our experts in the upcoming webinars to learn what we are doing to secure your workloads running in Azure and other clouds. |
