Manage Your AWS & GCP Workloads On Azure Security Center
Azure is constantly adding more and more capabilities for cross-cloud governs like the ability to Assess, Discover, and Migrate AWS & GCP VMs to Azure and the ability to monitor and control your AWS spending in Azure Cost Management ( just to name a few). Now, adding to the already incredible capabilities of the Azure Defender, a new feature will allow you to gain visibility and protection of your AWS and GCP workloads under Azure Security Center.
To gain this capability you will need to onboard your AWS & GCP accounts into Security Center and integrate AWS Security Hub/ GCP Security Command and Azure Security Center. Now, the Security Center will provide:
- Automatic agent provisioning (Security Center uses Azure Arc to deploy the Log Analytics agent to your AWS instances)
- Policy management
- Vulnerability management
- Embedded Endpoint Detection and Response (EDR)
- Detection of security misconfigurations
- A single view showing Security Center recommendations and AWS Security Hub/ GCP Security Command Center findings
- Incorporation of your AWS/GCP resources into Security Center’s secure score calculation
- Regulatory compliance assessments of your AWS resources
- Integration of GCP Security Command Center recommendations based on the CIS standard into the Security Center’s regulatory compliance dashboard
Note: This feature is part of Azure Defender service and is not available in the free Security Center option.