With greater than 90 p.c of organizations adopting a multicloud technique1 and cloud-based cyberattacks rising 48 p.c yr over yr,2 securing multicloud and hybrid environments is extra vital than ever. To efficiently defend multicloud infrastructure—the place prospects are using two or extra cloud suppliers—in addition to purposes and knowledge, immediately’s organizations must each proactively cut back threat and rapidly detect and reply to threats in actual time.
Multicloud and multiplatform deployments enhance the potential for safety dangers and knowledge breaches. As we speak, many purchasers are working to safe a posh patchwork of applied sciences throughout totally different units, purposes, platforms, and clouds. Some are additionally coping with separate safety infrastructures for every cloud they’re working in, which introduces unimaginable complexity, creates seams for attackers to use, and will increase the chance of errors.
I’m excited to share a number of improvements that enhance multicloud visibility and assist prospects proactively cut back threat and reply to threats in actual time. Learn on to see how we proceed to broaden our end-to-end safety answer to assist organizations defend towards threats throughout all endpoints and clouds.
Microsoft Defender for Cloud
Defend multicloud and hybrid environments with complete safety throughout the complete lifecycle, from improvement to runtime.
Prolong multicloud visibility to proactively forestall breaches
As we speak, we’re thrilled to announce new superior multicloud posture administration capabilities for Google Cloud Platform (GCP) in Microsoft Defender for Cloud to assist prospects proactively forestall breaches throughout multicloud and hybrid environments.
Microsoft is acknowledged as a Consultant Vendor within the 2023 Gartner Market Information for Cloud Native Utility Safety Platforms.3 Microsoft Defender for Cloud grew to become the primary cloud supplier to supply multicloud workload safety for cloud infrastructure, purposes, and knowledge throughout the complete lifecycle for all three public clouds.4 Since then, we’ve quickly expanded our CNAPP capabilities to offer superior posture administration with Microsoft Defender Cloud Safety Posture Administration (Defender CSPM), DevSecOps safety with integrations into GitHub Superior Safety, and continued investments in our cloud workload safety (CWP) options throughout servers, containers, APIs, storage, and databases.
Determine 1. Assault path exhibiting a GCP digital machine uncovered to the web with permissions to a knowledge retailer.
On August 15, 2023, Defender CSPM will lengthen its superior agentless scanning, data-aware safety posture, cloud safety graph, and assault path evaluation capabilities to GCP, offering a single contextual view of cloud dangers throughout Amazon Net Companies (AWS), Azure, GCP, and hybrid environments. Defender CSPM gives superior posture administration capabilities and is acknowledged by KuppingerCole as an General Chief, Market Champion, Product Chief, and Innovation Chief in its 2023 CSPM Management Compass, noting “Organizations in search of a CSPM which gives multicloud capabilities together with data-aware safety posture ought to take into account Microsoft Defender for Cloud.”5 Defender CSPM gives superior posture administration capabilities with full visibility throughout cloud and hybrid sources from agentless scanning, built-in contextual insights from code, identities, knowledge, web publicity, compliance, assault path evaluation, and extra, to prioritize your most crucial dangers. Prospects will be capable to leverage agentless scanning to realize full visibility of their GCP, AWS, Azure, and on-premises compute sources within the cloud safety graph and assault path evaluation to prioritize and mitigate threat towards potential threats.
Inside the new Defender CSPM capabilities for GCP, we’re additionally extending our delicate knowledge discovery capabilities to GCP Cloud Storage. With this development, prospects will be capable to uncover all their GCP Cloud Storage buckets, determine greater than 100 delicate info varieties, and assess their knowledge safety posture by means of cloud safety graph queries and assault path evaluation. Now prospects can determine probably delicate knowledge publicity dangers throughout Azure, AWS, and GCP storage sources and harden their multicloud knowledge safety posture.
We selected Microsoft Defender for Cloud as our CNAPP due to the strong, clever end-to-end cloud safety it gives with proactive CSPM and in defending our cloud workloads. We’ve already been impressed with the worth of Microsoft’s cloud workload safety, so it was a straightforward option to additionally use Defender CSPM. Its agentless scanning permits us to rapidly acquire insights about our VMs, storage accounts, and containers, and assault path evaluation with its contextual insights helps us prioritize and remediate dangers. Defender for Cloud is crucial in additional serving to our safety groups save time to concentrate on stopping safety incidents and provides us peace of thoughts by realizing now we have safety throughout the applying lifecycle.
—Cloud Safety Supervisor, Mercedes-Benz Group AG
Get multicloud coverage monitoring as a free providing
Microsoft’s cloud safety benchmark (MCSB) extends safety management steering and compliance checks to GCP, finishing multicloud monitoring throughout Azure, AWS, and GCP as a free providing. MCSB gives a cloud-centric management framework mapped to main regulatory trade benchmarks (CIS, PCI, NIST, and extra) and cloud-specific implementation instruments turned on by default to take care of your cloud safety compliance throughout clouds.6 As we speak, together with present Azure and AWS steering, organizations can now leverage the MCSB safety steering for GCP environments and entry GCP checks (as a preview characteristic) within the context of MCSB controls within the regulatory compliance dashboard in Microsoft Defender for Cloud. Along with the coverage compliance checking out there by means of MCSB, Microsoft prospects additionally profit from the free expanded cloud logging help we introduced final month.
Forestall malware add and distribution in close to actual time
Defender for Cloud can also be advancing cloud knowledge safety at runtime. We’re excited to share the upcoming common availability of Malware Scanning in Microsoft Defender for Storage.7 Beginning September 1, 2023, safety groups can allow an extra layer of safety to detect and stop storage accounts from performing as some extent of malware entry and distribution.
Organizations depend on cloud storage to retailer and entry knowledge and recordsdata, which regularly comprise delicate and important knowledge. Nonetheless, on account of its crucial and linked position in a company’s cloud setting, cloud storage could be an efficient assault vector for malicious actors to add and distribute malware. Malware safety strategies previously have targeted totally on compute sources. Safety for storage on this outdated mannequin would require complicated networking workarounds that negatively impression general efficiency.
We constructed Malware Scanning in Defender for Storage to chop by means of the networking complexities and optimize malware detection for Microsoft Azure Blob Storage in close to actual time when content material is uploaded. Content material is mechanically scanned for metamorphic and polymorphic malware, with outcomes mechanically recorded on the blob metadata.
Learn extra about Defender for Cloud’s new multicloud safety capabilities.
Handle vulnerability threat throughout cloud deployments
As organizations undertake new applied sciences throughout cloud computing, Web of Issues (IoT) units, and distant work, their assault floor is increasing, making vulnerability administration more and more difficult. Safety groups should rethink methods to safe a rising and numerous portfolio of units exterior of conventional organizational boundaries, including complexity to the vulnerability administration course of. This course of requires a mixture of coverage and scope definition that can’t be bought off the shelf. As a substitute, it should be established and matured inside a company, primarily based on its particular threat urge for food and maturity degree.
Lately, Microsoft has established itself as a number one answer for vulnerability threat administration (VRM) by leveraging its menace intelligence and safety experience. Microsoft Defender Vulnerability Administration has grow to be a number one answer for an unlimited vary of buyer organizations, offering them end-to-end capabilities throughout the VRM lifecycle. It’s designed to assist organizations determine, assess, prioritize, and remediate vulnerabilities of their IT environments, making it a really perfect software for managing an expanded assault floor and decreasing general threat posture, We’re thrilled to announce Defender Vulnerability Administration is now provided as a standalone answer, which implies that prospects can buy it individually and benefit from the complete set of core and premium capabilities throughout their portfolio of managed and unmanaged units. Microsoft 365 E5 and Defender for Endpoint Plan 2 prospects have the core capabilities included and might proceed to get the complete vulnerability administration answer with the Defender Vulnerability Add-on.
Determine 2. Core and premium capabilities of Microsoft Defender Vulnerability Administration and the way prospects would purchase them.
Dedicated to defending the whole group’s property, we’re excited to announce the final availability of vulnerability assessments for containers in Defender CSPM and the preview of vulnerability assessments for containers in Microsoft Defender for Containers utilizing Defender Vulnerability Administration. With the rise of containerization and microservices, it’s extra vital than ever to safe the software program provide chain and be certain that container photographs are free from vulnerabilities. Defender Vulnerability Administration’s new container vulnerability evaluation capabilities allow organizations to scan container photographs for vulnerabilities and prioritize remediation efforts, primarily based on the severity of the vulnerabilities.
Learn extra in regards to the new standalone provide and the expanded capabilities of Defender Vulnerability Administration.
Get further safety and expanded endpoint protection
You possibly can’t defend and handle what you may’t see. Which means a Zero Belief mannequin can’t simply be restricted to the endpoints enrolled in Microsoft Intune—it should lengthen to units built-in with Microsoft Safety options. For those who can’t distribute compliance or safety insurance policies to all of your units, you may’t implement a Zero Belief mannequin.
Now you may broaden protection and supply further safety from a single unified pane of glass with Microsoft Intune, which might handle the safety settings of any gadget with Microsoft Defender for Endpoint, together with Home windows, macOS, and Linux endpoints.8 These insurance policies and settings permit safety admins to stay within the Defender portal to handle Defender for Endpoint and the Intune endpoint safety insurance policies for Defender safety settings configurations. Now safety admins can deploy insurance policies from Intune to handle the Defender safety settings on units onboarded to Defender for Endpoint, with out enrolling these units with Intune.
Safe Rating integration with Microsoft Intune implies that suggestions for gadget well being and safety settings on your group’s endpoints from Intune are actually included in Microsoft Safe Rating. Safe Rating is the measurement of a company’s safety posture. This rating is used to evaluate threat, drive configuration actions, plan enhancements, and report back to administration. Extra factors in Safe Rating equates to extra actions taken to enhance a company’s safety posture.
And eventually, we not too long ago introduced a brand new answer that provides one other layer of safety for Samsung Galaxy units with hardware-backed gadget attestation.9 Gadget attestation is an important mechanism to confirm gadget belief and well being to assist detect if a tool has been compromised. Constructing on our strategic partnership with Samsung, this attestation helps to forestall malicious endpoints from accessing group sources utilizing legitimate shopper info taken from one other gadget and limiting tampering with shopper requests. Samsung’s hardware-backed cryptography and Intune app safety insurance policies confirm the shopper endpoint and safe the communication between Intune shopper and repair. It allows a trusted, on-device hardware-backed well being verify, giving organizations that permit Samsung Galaxy cell units to entry their company community the boldness that personally owned Galaxy units have the identical sturdy degree of additional safety as company-owned units.
Persevering with to ship for our prospects
With our newest product and have bulletins, prospects working to safe their multicloud and multiplatform deployments can have a clearer view of their setting, cut back threat, and acquire enhancements within the security of their knowledge and techniques. At Microsoft, we’re dedicated to offering our prospects with the instruments and sources they should defend every little thing.
Be part of us at Black Hat 2023
Microsoft Safety has a central presence at this yr’s Black Hat USA, going down August 5 to 10, 2023, at Mandalay Bay in Las Vegas, Nevada. For those who haven’t already made plans to attend, try our earlier weblog publish for details about our Black Hat periods, product demos, conferences at our sales space (quantity 1740), and a buyer pleased hour.
Study extra
To study extra about Microsoft Safety options, go to our web site. Bookmark the Safety weblog to maintain up with our knowledgeable protection on safety issues. Additionally, observe us on LinkedIn (Microsoft Safety) and Twitter (@MSFTSecurity) for the most recent information and updates on cybersecurity.
12023 State of the Cloud Report, Flexera. 2023.
2Cloud-based cyber assaults elevated by 48 p.c in 2022, Continuity Central. January 19, 2023.
3Gartner®, Market Information for Cloud-Native Utility Safety Platforms, Neil MacDonald, et al. March 14, 2023.
4The subsequent wave of multicloud safety with Microsoft Defender for Cloud, a Cloud-Native Utility Safety Platform (CNAPP), Vlad Korsunsky. March 22, 2023.
5Management Compass: Cloud Safety Posture Administration, KuppingerCole. July 27, 2023.
6Saying Microsoft cloud safety benchmark (Public Preview), Jim Cheng. October 13, 2022.
7Malware Scanning for cloud storage GA pre-announcement | forestall malicious content material distribution, Inbal Argov. July 26, 2023.
8Handle safety settings for Home windows, macOS, and Linux natively in Defender for Endpoint, Dan Levy. July 11, 2023.
9{Hardware}-backed gadget attestation powers cell employees, Michael Wallent. July 27, 2023.
