As organizations migrate to the cloud and grow their cloud presence, the threat landscape and attack surfaces also expand and multiply.
Security teams that are responsible for their organization’s security posture need to drive the personnel within their organization to harden their workloads and remediate misconfigurations.
Security teams often find this task very tedious and sometimes almost impossible due to a lack of organized processes, unclear authority, or insufficient resources.
We are delighted to announce the public preview of a new security governance experience in Microsoft Defender for Cloud that allows security teams to drive these processes in a streamlined, consistent, transparent way.
With this novel experience, security teams can now assign owners and remediation timeframes for security recommendations in Microsoft Defender for Cloud. This lets them drive the process of improving the security posture, and provide organization-wide visibility of the process.
Resource owners can be guided to focus on only the security recommendations that have been assigned to them and be notified by email of their outstanding tasks.
You can start assigning owners and remediation timeframes to multi-cloud and hybrid cloud security recommendations by using automatic Governance rules or manually assigning owners and timeframe when needed.
When owners and remediation timeframes are assigned for security recommendations, you can start monitoring the security status of your environment and you’ll be able to answer the following questions:
- What security recommendations are overdue?
- Who should I contact to resolve outstanding recommendations?
- When should I expect security recommendations to be resolved?
- When should I expect the secure score to be affected by resources that are currently in grace period?
Here are some of the brand-new security governance capabilities:
View a list of all security recommendations filtered by status and/or assigned owner/s to understand the progress of all remediation tasks:
Focus on security recommendations that are assigned to you:
View the list of affected resources for each security recommendation, along with the updated statuses and owners, and take actions:
As the resource owner, you're able to delegate the remediation task to another person or provide clarity across your organization by setting an expected time for the remediation:
See all personnel in your organization that are assigned to security recommendation along with their progress:
Monitor the completion status of the governance rules that are defined in your environment for better understanding of the overall security status:
Email notifications can be sent to all security recommendation owners and their managers on a weekly cadence to drive them to take remediation actions.
More information:
- Drive your organization to remediate security recommendations with governance
- Find recommendations that can improve your security posture
- See Microsoft Defender for Cloud RSA announcements (June 2022)
