Share via

Difference between CSPM and CWP

Vitalii Liashuk 160 Reputation points
2024-02-18T12:30:49.6866667+00:00

Hi, What is the difference between CSPM and CWP? For example CSPM gives me capabilities agentless scanning of my servers on Azure, but Defender for servers plan (CWP) gives me the same capability. Why should I pay twice for the same solution? What is the main goals of each side? Thank you!

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,412 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marcin Policht 25,755 Reputation points MVP
    2024-02-18T12:36:03.95+00:00

    Microsoft Defender for Cloud provides "Cloud Security Posture Management" (CSPM), which delivers a security analysis of all the resources in your managed environment (including support for non-Azure resources), and Cloud Workload Protection (CWP) which gives specific protection for your resources such as VMs, cloud storage, databases, security keys, containers, etc. While the two might cover the same resources/services, their objectives are different. More specifically:

    • Focus: CSPM primarily focuses on assessing and ensuring the security configuration of your cloud environment, while CWP is more concerned with protecting the workloads and applications within that environment.
    • Functions: CSPM functions include policy assessment, continuous monitoring, and remediation recommendations, while CWP functions involve threat detection, vulnerability management, and behavior analysis.
    • Use Cases: CSPM is beneficial for ensuring compliance, reducing misconfigurations, and improving the overall security posture of your cloud infrastructure. CWP is critical for protecting against threats and vulnerabilities within your cloud workloads.

    hth
    Marcin

    1 person found this answer helpful.
  2. Akshay-MSFT 17,871 Reputation points Microsoft Employee
    2024-02-28T06:43:01.26+00:00

    @Vitalii Liashuk

    Adding on @Marcin Policht inputs:

    The difference between CWPP and CSPM is what part of the cloud they secure.

    • CWPPs secure workloads running across whatever cloud environments they’re deployed in.
    • CSPM offer similar assessments and automated security processes, but for the cloud infrastructures themselves.

    Defender for server Plan offers Defender for Servers Plan 1 applicable to subscription only and Plan 2 for subscription and workspace. Is an offering under Microsoft Defender for Cloud.

    Microsoft defender for cloud is a complete CSPM solution and not CWP. > Microsoft Defender for Cloud's main pillars is cloud security posture management (CSPM).> Defender for Cloud continually assesses your resources against security standards that are defined for your Azure subscriptions, AWS accounts, and GCP projects. Defender for Cloud issues security recommendations based on these assessments.

    Defender for Cloud provides the following CSPM offerings:

    • Foundational CSPM - Defender for Cloud offers foundational multicloud CSPM capabilities for free. These capabilities are automatically enabled by default for subscriptions and accounts that onboard to Defender for Cloud.
    • Defender Cloud Security Posture Management (CSPM) plan - The optional, paid Defender for Cloud Secure Posture Management plan provides more, advanced security posture features.

    User's image

    Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.

    Thanks,

    Akshay Kaushik

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.