Monthly news - November 2023
Published Nov 07 2023 04:44 AM 2,273 Views

Microsoft Defender for Cloud

Monthly news

November 2023 Edition


This is our monthly "What's new" blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from October 2023.

Product videos.png Product videos webcast recordings.png Webcasts (recordings) Docs on MS.png Docs on Microsoft Blogs on MS.png Blogs on Microsoft
GitHub.png GitHub External.png External content Product improvements.png Product improvements Public Preview sign-up.png Announcements
 Microsoft Defender for Cloud
Public Preview sign-up.png


Microsoft Defender for Cloud now supports the latest CIS Azure Security Foundations Benchmark - version 2.0.0 in the Regulatory Compliance dashboard, and a built-in policy initiative in Azure Policy. The release of version 2.0.0 in Microsoft Defender for Cloud is a joint collaborative effort between Microsoft, the Center for Internet Security (CIS), and the user communities. The version 2.0.0 significantly expands assessment scope, which now includes 90+ built-in Azure policies and succeed the prior versions 1.4.0 and 1.3.0 and 1.0 in Microsoft Defender for Cloud and Azure Policy. For more information, you can check out this blog post.
Blogs on MS.png In today's digital landscape, where over 90 percent of organizations have embraced multicloud solutions, security teams face the growing complexity of maintaining robust security controls and cloud security posture across multi-cloud environments. Microsoft Defender for Cloud offers protection for cloud infrastructure, applications, and data providing a single contextual view of cloud risks across Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). In this blog, we will walk through a few scenarios of misconfigured GCP resources and how Microsoft Defender for Cloud can help proactively identify misconfigurations and allow security teams prevent risks and remediate quickly.
Blogs on MS.png In a typical complex web application, file uploads are a common occurrence across various application scenarios (for instance an application responsible for handling employee payroll may have one module accepting proof of identity documents from employees for personal information updates and other module handling employee reimbursement requests based on the uploaded expense receipts). This blog post elucidates one of the architectural patterns that can be employed for efficiently monitoring the malware scan status while utilizing Microsoft Defender for storage malware scanning.

Docs on MS.png


New DevOps posture management recommendations are now available in public preview for all customers with a connector for Azure DevOps or GitHub. DevOps posture management helps to reduce the attack surface of DevOps environments by uncovering weaknesses in security configurations and access controls. Learn more about DevOps posture management.
Blogs on MS.png On October 3rd, high severity vulnerabilities in curl were preannounced. The curl project has announced that curl8.4.0 has now been released, earlier than expected. Two vulnerabilities have now been disclosed: high-severity CVE-2023-38545 and low-severity CVE-2023-38546. Microsoft Defender for Cloud has multiple ways to quickly determine where in your environment you are vulnerable that are covered in this blog.
Product improvements.png Defender for APIs has updated its support for Azure API Management API revisions. Offline revisions no longer appear in the onboarded Defender for APIs inventory and no longer appear to be onboarded to Defender for APIs. Offline revisions don't allow any traffic to be sent to them and pose no risk from a security perspective.
GitHub.png Microsoft Defender for Cloud Labs have been updated and now include several new detailed step by step guidance on how to enable, configure and test the Defender for Cloud capabilities.
Blogs on MS.png Discover how other organizations successfully use Microsoft Defender for Cloud to protect their cloud workloads. This month we are featuring Rockwell Automation – the largest industrial automation company in the world – that uses Microsoft security solutions, including Defender for Cloud, to secure their environment.
webcast recordings.png Join us Wednesday, December 6th for a virtual day of demos and technical deep dives. And bring your questions for everyone's favorite – Ask Microsoft Anything (AMA). We’re excited for you to join us in the AI era of security. Our goal is to connect you to your security peers and equip you with the technical knowledge that will help you and your team safely and confidently adopt AI.
webcast recordings.png Join our experts in the upcoming webinars to learn what we are doing to secure your workloads running in Azure and other clouds.



Note: If you want to stay current with Defender for Cloud and receive updates in your inbox, please consider subscribing to our monthly newsletter:


1 Comment
Version history
Last update:
‎Nov 07 2023 04:44 AM
Updated by: