Azure Defender- Built-in Protection for Your Hybrid Cloud Workloads
Azure Security Center is available for free to all Azure users, and it enables cloud security posture management (CSPM) with features such as secure score, detection of security misconfigurations in your Azure machines, asset inventory, and more.
Now, a new integration with the Security Center provides a workload protection platform (CWPP) with features such as security alerts and advanced threat protection for VMs, SQL databases, containers, web applications, your network, and more. Say hello to the “Azure Defender”.
When you enable Azure Defender from the Pricing and settings area of Azure Security Center, the following Defender plans are all enabled simultaneously and provide comprehensive defenses for the compute, data, and service layers of your environment:
- Azure Defender for Servers — Adds threat detection and advanced defenses for your Windows and Linux machines.
- Azure Defender for App Service — Assesses the resources covered by your App Service plan and generates security recommendations based on its findings. Security Center protects the VM instance in which your App Service is running and the management interface. It also monitors requests and responses sent to and from your apps running in App Service.
- Azure Defender for Storage — Detects potentially harmful activity on your Azure Storage accounts. Your data can be protected whether it’s stored as blob containers, file shares, or data lakes.
- Azure Defender for SQL — Extend Azure Security Center’s data security package to secure your databases and their data wherever they’re located.
- Azure Defender for IoT — Providing an end-to-end threat detection and analysis across hybrid cloud workloads and your Azure IoT solution.
- Azure Defender for Key Vault — Providing an additional layer of security intelligence for Azure Key Vault.
- Azure Defender for Kubernetes — Provide environment hardening, workload protection, and run-time protection.
- Azure Defender for Container Registries — The Security Center will scan images that are pushed to the registry, imported into the registry, or any images pulled within the last 30 days. Note– This feature is charged per image.
In addition to the built-in policies, when you’ve enabled any Azure Defender plan, you can add custom policies and initiatives. You can add regulatory standards — such as NIST and Azure CIS — as well as the Azure Security Benchmark for a truly customized view of your compliance.