Cross-tenant management in Defender for Cloud

Cross-tenant management enables you to view and manage the security posture of multiple tenants in Defender for Cloud by using Azure Lighthouse. Manage multiple tenants efficiently, from a single view, without having to sign in to each tenant's directory.

  • Service providers can manage the security posture of resources, for multiple customers, from within their own tenant.

  • Security teams of organizations with multiple tenants can view and manage their security posture from a single location.

Set up cross-tenant management

Azure delegated resource management is one of the key components of Azure Lighthouse. Set up cross-tenant management by delegating access to resources of managed tenants to your own tenant using these instructions from Azure Lighthouse's documentation: Onboard a customer to Azure Lighthouse.

How cross-tenant management works in Defender for Cloud

You're able to review and manage subscriptions across multiple tenants in the same way that you manage multiple subscriptions in a single tenant.

From the top menu bar, select the filter icon, and select the subscriptions, from each tenant's directory, you'd like to view.

Filter tenants.

The views and actions are basically the same. Here are some examples:

  • Manage security policies: From one view, manage the security posture of many resources with policies, take actions with security recommendations, and collect and manage security-related data.

  • Improve Secure Score and compliance posture: Cross-tenant visibility enables you to view the overall security posture of all your tenants and where and how to best improve the secure score and compliance posture for each of them.

  • Remediate recommendations: Monitor and remediate a recommendation for many resources from various tenants at one time. You can then immediately tackle the vulnerabilities that present the highest risk across all tenants.

  • Manage Alerts: Detect alerts throughout the different tenants. Take action on resources that are out of compliance with actionable remediation steps.

  • Manage advanced cloud defense features and more: Manage the various threat protection services, such as just-in-time (JIT) VM access, Adaptive network hardening, adaptive application controls, and more.

Next steps

This article explains how cross-tenant management works in Defender for Cloud. To discover how Azure Lighthouse can simplify cross-tenant management within an enterprise that uses multiple Microsoft Entra tenants, see Azure Lighthouse in enterprise scenarios.