Microsoft cloud security benchmark in Defender for Cloud

Industry standards, regulatory standards, and benchmarks are represented in Microsoft Defender for Cloud as security standards. These standards are assigned to scopes such as Azure subscriptions, AWS accounts, and GCP projects.

Defender for Cloud continuously assesses your hybrid cloud environment against these standards, and provides information about compliance in the Regulatory compliance dashboard.

When you onboard subscriptions and accounts to Defender for Cloud, the Microsoft cloud security benchmark (MCSB) automatically starts to assess resources in scope.

This benchmark builds on the cloud security principles defined by the Azure Security Benchmark and applies these principles with detailed technical implementation guidance for Azure, for other cloud providers (such as AWS and GCP), and for other Microsoft clouds.

Image that shows the components that make up the Microsoft cloud security benchmark.

The compliance dashboard gives you a view of your overall compliance standing. Security for non-Azure platforms follows the same cloud-neutral security principles as Azure. Each control within the benchmark provides the same granularity and scope of technical guidance across Azure and other cloud resources.

Screenshot of a sample regulatory compliance page in Defender for Cloud.

From the compliance dashboard, you're able to manage all of your compliance requirements for your cloud deployments, including automatic, manual, and shared responsibilities.


Shared responsibilities is only compatible with Azure.

Next steps