New and enhanced multicloud regulatory compliance standards in Defender for Cloud
Security compliance across multicloud environments is challenging due to the diversity and complexity of platforms. Each cloud provider—whether AWS, Azure, Google Cloud, or others—has its own security protocols, configurations, and compliance requirements. This variation can lead to discrepancies and gaps in security posture, as what works in one cloud environment may not be applied seamlessly in another. Managing multiple compliance frameworks simultaneously adds complexity, especially when each provider has different methods for meeting these standards. Without unified compliance visibility, security teams are forced to monitor each cloud platform independently, which is time-consuming and prone to human error. This fragmentation can lead to missed compliance requirements, especially when resources are limited or when team members are unfamiliar with specific cloud platforms. As a result, organizations face increased risks of data breaches, fines, and reputational damage if they fail to meet regulatory requirements consistently across all platforms. A streamlined approach ultimately strengthens the organization’s security posture and simplifies the path to achieving and maintaining compliance across complex, multi-cloud landscapes. Microsoft Defender for Cloud aids security teams in meeting various regulations and industry standards through our Regulatory Compliance dashboard. Each standard has multiple compliance controls, which are groups of related security recommendations. Defender for Cloud constantly evaluates the environment against these controls, indicating whether resources are compliant or non-compliant. To help security teams streamline with compliance teams, Defender for Cloud regulatory compliance signals can be integrated into Microsoft Purview Compliance Manager. Today, we’re excited to share enhanced and expanded support of over 30 regulatory compliance frameworks in Defender for Cloud, across Azure, AWS, and GCP. New regulatory compliance frameworks for multicloud environments now available in public preview Unified compliance posture assessments actualized to the latest versions with parity across Azure, AWS, and GCP. New regulatory compliance standards include: E.U. Network and Information Security Directive 2 (NIS2) CIS GCP Foundations v3.0 U.S. Criminal Justice Information Services (CJIS) Security Policy, Version 5.9.5 U.S. Federal Financial Institutions Examination Council Cybersecurity Assessment Tool (FFIEC CAT) U.K. National Cyber Security Centre (NCSC) Cyber Essentials v3.1 U.K. National Cyber Security Centre (NCSC) Cyber Assurance Framework (CAF) v3.2 Enhancements to existing regulatory compliance standards Leverage the latest versions of currently supported regulatory compliance standards with expansion to full parity across Azure, AWS, and GCP. Some key standards include: SWIFT Customer Security Controls Framework (2024) E.U. General Data Protection Regulation (GDPR) ISO IEC 27002:2022 NIST CSF v2.0 PCI DSS v4.0.1 NIST SP 800 53 R5.1.1 View the full list of regulatory compliance standards. Get started with regulatory compliance assessment in Defender for Cloud today.
Protecting Azure AI Workloads using Threat Protection for AI in Defender for Cloud
Understanding Jailbreak attacks Evasion attacks involve subtly modifying inputs (images, audio files, documents, etc.) to mislead models at inference time, making them a stealthy and effective means of bypassing inherent security controls in the AI Service. Jailbreak can be considered a type of evasion attack. The attack involves crafting inputs that cause the AI model to bypass its safety mechanisms and produce unintended or harmful outputs. Attackers can use techniques like crescendo to bypass security filters for example creating a recipe for Molotov Cocktail. Due to the nature of working with human language, generative capabilities, and the data used in training the models, AI models are non-deterministic, i.e., the same input will not always produce the same outputs. A “classic” jailbreak happens when an authorized operator of the system crafts jailbreak inputs in order to extend their own powers over the system. Indirect prompt injection happens when a system processes data controlled by a third party (e.g., analyzing incoming emails or documents editable by someone other than the operator) who inserts a malicious payload into that data, which then leads to a jailbreak of the system. There are various types of jailbreak-like attacks. Some, like DAN, involve adding instructions to a single user input, while others, like Crescendo, operate over multiple turns, gradually steering the conversation towards a specific outcome. Therefore, jailbreaks should be seen not as a single technique but as a collection of methods where a guardrail can be circumvented by a carefully crafted input. Understanding Native protections against Jailbreak Defender for Cloud’s AI Threat Protection (https://learn.microsoft.com/en-us/azure/defender-for-cloud/ai-threat-protection) feature integrates with Azure Open AI and reviews the prompt and response for suspicious behavior (https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-ai-workloads) In case of Jailbreak, the solution integrates with Azure Open AI’s Content Filter Prompt Shields (https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/content-filter), which uses an ensemble of multi-class classification models to detect four categories of harmful content (violence, hate, sexual, and self-harm) at four severity levels respectively (safe, low, medium, and high), and optional binary classifiers for detecting jailbreak risk, existing text, and code in public repositories. When Prompt Shield detects a Jailbreak attempt, it filters / annotate the user’s prompt. Defender for Cloud then picks up this information and makes it available to the security teams. Note that User Prompts are protected from Direct Attacks like Jailbreak by default. As a result, once you enable Threat Protection for AI in Defender for Cloud your security teams will have complete visibility on these. Fig 1. Threat Protection for AI alert Tangible benefits for your Security Teams Since the Defender for Cloud is doing the undifferentiated heavy lifting here your Security Governance, Architecture, and Operations all benefit like so, Governance Content is available out of the box and is enabled by default in several critical risk scenarios. This helps meet your AI security controls like OWASP LLM 01: Prompt Injection (https://genai.owasp.org/llmrisk/llm01-prompt-injection/) You can further refine the Content Filter levels for each model running in AI Foundry depending on the risk such as the data model accesses (RAG), public exposure, etc. The application of the control is enabled by default The Control reporting is available out of the box and can/will follow the existing workflow that you have set up for remainder of your cloud workloads Defender for Cloud provides Governance Framework Architecture Threat Protection for AI can be enabled at subscription level so the service scales with your workloads and provides coverage for any new deployments There is native integration with Azure Open AI so you do not need to write and manage custom patterns unlike a third party service The service is not in-line so you do not have to worry about downstream impact on the workload Since Threat Protection for AI is a capability within Defender for Cloud, you do not need to define specific RBAC permissions for users or service The alerts from the capability will automatically follow the export flow you have set up for the rest of the Defender for Cloud capabilities. Operations The alerts are already ingested in the Microsoft XDR portal so you can continue threat hunting without learning new tools there by maximizing your existing skills You can set up Workflow Automation to respond to AI alerts much like alerts from other capabilities like Defender for Storage. So, your overall logic app patterns can be reused with small tweaks Since your SOC analyst might still be learning Gen AI threats and your playbooks might not be up to date, the alerts (see Fig 1 above) contain steps that they should take to resolve The alerts are available in XDR portal, which you might already be familiar with so won’t have to learn a new solution Fig 2. Alerts in XDR Portal The alerts contain the prompt as an evidence in addition to other relevant attributes like IP, user details, targeted resource. This helps you quickly triage the alerts Fig 3. Prompt Evidence captured as part of the alert You can train the model using the detected prompts to block any future responses on similar user prompts Summary Threat Protection for AI: Provides holistic coverage of your Gen AI workloads Helps you maximize the investment in Microsoft Solutions Reduces the need for learning another solution to protect another new workloads Drives overall cost, time, and operational efficiencies Enroll in the preview https://learn.microsoft.com/en-us/azure/defender-for-cloud/ai-onboarding#enroll-in-the-limited-preview
Introducing the new File Integrity Monitoring with Defender for Endpoint integration
As the final and most complex piece of this puzzle is the release of File Integrity Monitoring (FIM) powered by Defender for Endpoint, marks a significant milestone in the Defender for Servers simplification journey. The new FIM solution based on Defender for Endpoint offers real-time monitoring on critical file paths and system files, ensuring that any changes indicating a potential attack are detected immediately. In addition, FIM offers built-in support for relevant security regulatory compliance standards, such as PCI-DSS, CIS, NIST, and others, allowing you to maintain compliance.
Defender for Cloud unified Vulnerability Assessment powered by Defender Vulnerability Management
We are thrilled to announce that Defender for Cloud is unifying our vulnerability assessment engine to Microsoft Defender Vulnerability Management (MDVM) across servers and containers. Security admins will benefit from Microsoft’s unmatched threat intelligence, breach likelihood predictions and business contexts to identify, assess, prioritize, and remediate vulnerabilities - making it an ideal tool for managing an expanded attack surface and reducing overall cloud risk posture.Leveraging Azure native tooling to hunt Kubernetes security issues
This series shows you how you can maximize your investments in Microsoft Security tools by leveraging XDR Portal and Defender for Kubernetes to hunt for security issues. If you are in red team this article will shorten your learning curve by allowing you to identify security issues using KQL with Container Security Alerts. This series is part of “Security using Azure Native services” series and assumes that you are following the series “A guide to using Microsoft Sentinel for monitoring the security of your containerized applications and orchestration platforms” https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/setting-up-sentinel-for-kubernetes-monitoring/ba-p/4118593Unleashing the Power of Microsoft Defender for Cloud – Unique Capabilities for Robust Protection
So you have implemented a non-native Cloud Security Posture Management solution but there are security gaps that you might not have considered. How Defender for Cloud is uniquely positioned to secure your cloud attack surface.
