How Defender for Cloud works
Here, we discuss how Defender for Cloud works to protect your multicloud environments. You learn how to access Defender for Cloud via the Azure portal and use it to strengthen your Secure Score and overall security posture.
CSPM
Cloud Security Posture Management (CSPM) is a proactive system by which organizations can identify and remediate misconfigurations, threats, misuse and compliance violations across a multicloud infrastructure.
Defender for Cloud uses a Secure Score to inform you of the state of your overall security posture.
The Overview page provides Contoso a bird's eye view of their multicloud environments and details about how secure their systems are. Contoso can review the recommendations and have their SOC team remediate them. For example, Contoso can find out if their servers are protected by firewalls and if the proper protocols are in place.
Contoso can also review if security policies and compliance standards are met. This review helps ensure that regulatory compliance standards are in place, such as PCI-DSS, a necessary compliance standard for accepting payments online.
Vulnerability assessment is also available and provides recommendations regarding vulnerabilities and misconfigurations that might exist on your databases or servers.
By following all of the provided recommendations, you can reduce your attack surface and limit your vulnerabilities from cyberattacks.
CWP
Cloud workload protection is the reactive part of Defender for Cloud. Defender for Servers can send you alerts informing you about potential cyberattacks such as brute-force attacks. You can also set up automatic responses if Defender for Cloud detects a cyberattack against your environments.
You can generate alerts through Defender for Cloud's enhanced security features. Alerts are available on the Alerts page in Defender for Cloud. The Alerts page lets you know about possible cyberattacks or potential malicious actions taken against your resources.
