Defender for Cloud glossary

This glossary provides a brief description of important terms and concepts for the Microsoft Defender for Cloud platform. Select the Learn more links to go to related terms in the glossary. This glossary can help you to learn and use the product tools quickly and effectively.

A

Term	Description	Learn more
AAC	Adaptive application controls are an intelligent and automated solution for defining allowlists of known-safe applications for your machines.	Adaptive Application Controls
ACR Tasks	A suite of features within Azure container registry	Frequently asked questions - Azure Container Registry
ADO	Azure DevOps provides developer services for allowing teams to plan work, collaborate on code development, and build and deploy applications.	What is Azure DevOps?
AKS	Azure Kubernetes Service, Microsoft's managed service for developing, deploying, and managing containerized applications.	Kubernetes Concepts
Alerts	Alerts defend your workloads in real-time so you can react immediately and prevent security events from developing.	Security alerts and incidents
ANH	Adaptive network hardening	Improve your network security posture with adaptive network hardening
APT	Advanced Persistent Threats	Video: Understanding APTs
Arc-enabled Kubernetes	Azure Arc-enabled Kubernetes allows you to attach and configure Kubernetes clusters running anywhere. You can connect your clusters running on other public cloud providers or clusters running on your on-premises data center.	What is Azure Arc-enabled Logic Apps? (Preview)
ARM	Azure Resource Manager-the deployment and management service for Azure.	Azure Resource Manager Overview
ASB	Azure Security Benchmark provides recommendations on how you can secure your cloud solutions on Azure.	Azure Security Benchmark
Auto-provisioning	To make sure that your server resources are secure, Microsoft Defender for Cloud uses agents installed on your servers to send information about your servers to Microsoft Defender for Cloud for analysis. You can use auto provisioning to quietly deploy the Azure Monitor Agent on your servers.	Configure auto provision

B

Term	Description	Learn more
Blob storage	Azure Blob Storage is the high scale object storage service for Azure and a key building block for data storage in Azure.	what is Azure blob storage?

C

Term	Description	Learn more
Cacls	Change access control list, Microsoft Windows native command-line utility often used for modifying the security permission on folders and files.	access-control-lists
CIS Benchmark	(Kubernetes) Center for Internet Security benchmark	CIS
CORS	Cross origin resource sharing, an HTTP feature that enables a web application running under one domain to access resources in another domain.	CORS
CNCF	Cloud Native Computing Foundation	Build CNCF projects by using Azure Kubernetes service
CSPM	Cloud Security Posture Management	Cloud Security Posture Management (CSPM)
CWPP	Cloud Workload Protection Platform	CWPP

D

Term	Description	Learn more
DDOS Attack	Distributed denial-of-service, a type of attack where an attacker sends more requests to an application than the application is capable of handling.	DDOS FAQs

E

Term	Description	Learn more
EDR	Endpoint Detection and Response	Microsoft Defender for Endpoint
EKS	Amazon Elastic Kubernetes Service, Amazon's managed service for running Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes.	EKS
eBPF	Extended Berkley Packet Filter	What is eBPF?

F

Term	Description	Learn more
FIM	File Integrity Monitoring	(File Integrity Monitoring in Microsoft Defender for Cloud
FTP	File Transfer Protocol	Deploy content using FTP

G

Term	Description	Learn more
GCP	Google Cloud Platform	Onboard a GPC Project
GKE	Google Kubernetes Engine, Google's managed environment for deploying, managing, and scaling applications using GCP infrastructure.	Deploy a Kubernetes workload using GPU sharing on your Azure Stack Edge Pro

J

Term	Description	Learn more
JIT	Just-in-Time VM access	Understanding just-in-time (JIT) VM access

K

Term	Description	Learn more
KQL	Kusto Query Language-a tool to explore your data and discover patterns, identify anomalies and outliers, create statistical modeling, and more.	KQL Overview

L

Term	Description	Learn more
LSA	Local Security Authority	Secure and use policies on virtual machines in Azure

M

Term	Description	Learn more
MDC	Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for all of your Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources.	What is Microsoft Defender for Cloud?
MDE	Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.	Protect your endpoints with Defender for Cloud's integrated EDR solution: Microsoft Defender for Endpoint
MFA	multi factor authentication, a process in which users are prompted during the sign-in process for an extra form of identification, such as a code on their cellphone or a fingerprint scan.	How it works: Azure Multi Factor Authentication
MITRE ATT&CK	A globally accessible knowledge base of adversary tactics and techniques based on real-world observations.	MITRE ATT&CK
MMA	Microsoft Monitoring Agent, also known as Log Analytics Agent	Log Analytics Agent Overview

N

Term	Description	Learn more
NGAV	Next Generation Anti-Virus
NIST	National Institute of Standards and Technology	National Institute of Standards and Technology

R

Term	Description	Learn more
RaMP	Rapid Modernization Plan, guidance based on initiatives, giving you a set of deployment paths to more quickly implement key layers of protection.	Zero Trust Rapid Modernization Plan
RBAC	Azure role-based access control (Azure RBAC) helps you manage who has access to Azure resources, what they can do with those resources, and what areas they have access to.	RBAC Overview
RDP	Remote Desktop Protocol (RDP) is a sophisticated technology that uses various techniques to perfect the server's remote graphics' delivery to the client device.	RDP Bandwidth Requirements
Recommendations	Recommendations secure your workloads with step-by-step actions that protect your workloads from known security risks.	What are security policies, initiatives, and recommendations?
Regulatory Compliance	Regulatory compliance refers to the discipline and process of ensuring that a company follows the laws enforced by governing bodies in their geography or rules required	Regulatory Compliance Overview

S

Term	Description	Learn more
Secure Score	Defender for Cloud continually assesses your cross-cloud resources for security issues. It then aggregates all the findings into a single score that represents your current security situation: the higher the score, the lower the identified risk level.	Security posture for Microsoft Defender for Cloud
Security Initiative	A collection of Azure Policy Definitions, or rules, that are grouped together towards a specific goal or purpose.	What are security policies, initiatives, and recommendations?
Security Policy	An Azure rule about specific security conditions that you want controlled.	Understanding Security Policies
SOAR	Security Orchestration Automated Response, a collection of software tools designed to collect data about security threats from multiple sources and respond to low-level security events without human assistance.	SOAR

T

Term	Description	Learn more
TVM	Threat and Vulnerability Management, a built-in module in Microsoft Defender for Endpoint that can discover vulnerabilities and misconfigurations in near real time and prioritize vulnerabilities based on the threat landscape and detections in your organization.	Investigate weaknesses with Microsoft Defender for Endpoint's threat and vulnerability management

Z

Term	Description	Learn more
Zero-Trust	A new security model that assumes breach and verifies each request as though it originated from an uncontrolled network.	Zero-Trust Security

Next Steps

Microsoft Defender for Cloud-overview