Back to 2b site

Manage Your AWS & GCP Workloads On Azure Security Center

Azure is constantly adding more and more capabilities for cross-cloud governs like the ability to Assess, Discover, and Migrate AWS & GCP VMs to Azure and the ability to monitor and control your AWS spending in Azure Cost Management ( just to name a few). Now, adding to the already incredible capabilities of the Azure Defender, a new feature will allow you to gain visibility and protection of your AWS and GCP workloads under Azure Security Center.

To gain this capability you will need to onboard your AWS & GCP accounts into Security Center and integrate AWS Security Hub/ GCP Security Command and Azure Security Center. Now, the Security Center will provide:

  • Automatic agent provisioning (Security Center uses Azure Arc to deploy the Log Analytics agent to your AWS instances)
  • Policy management
  • Vulnerability management
  • Embedded Endpoint Detection and Response (EDR)
  • Detection of security misconfigurations
  • A single view showing Security Center recommendations and AWS Security Hub/ GCP Security Command Center findings
  • Incorporation of your AWS/GCP resources into Security Center’s secure score calculation
  • Regulatory compliance assessments of your AWS resources
  • Integration of GCP Security Command Center recommendations based on the CIS standard into the Security Center’s regulatory compliance dashboard
Azure Security Center’s overview dashboard (Picture Source: Microsoft)

Azure Security Center’s overview dashboard (Picture Source: Microsoft)

Note: This feature is part of Azure Defender service and is not available in the free Security Center option.

Check out Microsoft documentation to learn how to connect your AWS and GCP accounts.

Feel free to reach us out with any Azure related question: [email protected]