UPDATED 19:56 EST / FEBRUARY 23 2022

CLOUD

Microsoft goes big on multicloud security with Defender for Cloud update

Microsoft Corp. today laid claim to what it says is the industry’s first native multicloud security offering following a major update to Microsoft Defender for Cloud.

The service now provides native support for Google Cloud environments, with the new capability now available in public preview for all customers.

Microsoft Defender for Cloud was previously two separate products — Azure Security Center and Azure Defender – and is designed to provide advanced threat protection across hybrid cloud environments. The company rebranded the platform last year before it announcing was integrating Amazon Web Services Inc.’s public cloud platform.

“We’re excited to announce that Microsoft Defender for Cloud now supports Google Cloud Platform with its native CSPM and CWP capabilities, without any dependencies on Google 1st party tools,” Gilad Elyashar, head of product management for Microsoft Defender for Cloud, said in a blog post. “The support for GCP comes with a simplified onboarding experience, more than 80 out-of-the-box recommendations to harden your environment, and more.”

Microsoft said the service will now be able to protect the most critical workloads running on Google Cloud, including servers and application contains. Those are safeguarded by Microsoft Defender for Endpoint, with features including endpoint detection and response that are based on traditional antimalware capabilities, and attack surface reduction. Other features include server-focused vulnerability assessments, behavioral alerts for virtual machines, operating system recommendations, alerts for missing OS updates, adaptive application controls and file integrity monitoring.

By adding support for Google Cloud, Defender for Cloud can now act as a centralized hub to monitor and secure environments across all three major public cloud infrastructure platforms. That should appeal to many organizations, since multicloud is rapidly becoming the norm among enterprises today. Indeed, some 92% of enterprises reportedly have a multicloud deployment strategy in place, according to a report last year from Flexera Software LLC.

Multicloud is the reality for enterprises and as a consequence many companies are looking for multicloud platform support in their tooling, analyst Holger Mueller of Constellation Research Inc. told SiliconANGLE.

“Reducing the complexity of security operations is of paramount importance,” Mueller added. “This makes Microsoft’s offering very interesting, as it provides the desired single pane of glass for security across AWS, Google Cloud and of course Azure.”

As Elyashar noted, Microsoft has implemented over 80 out-of-the-box recommendations in support for key industry and regulatory standards and security best practices, meaning organizations will be able to improve their security posture on Google Cloud from the get-go. Those recommendations include enabling multi-factor authentication for all non-service accounts, and blocking anonymous access to cloud storage buckets, Elyashar said.

Another useful feature enables security teams to create custom recommendations within the Defender for Cloud portal, helping organizations to meet internal security and compliance requirements. Microsoft said it has simplified the onboarding process, so Defender for Cloud will automatically apply container and server protection to all newly added resources.

Charles King of Pund-IT Inc. said that by adding support for Google Cloud in addition to AWS, Microsoft recognizes the reality that companies are using multiple cloud platforms and have concerns over the security of the apps and data that reside in them. Those companies want assurance that their data is secured against theft and cyberattacks, and that any security platforms they use comply with legal rules and regulations, he added.

“Microsoft has made considerable investments in security solutions and services for their own applications and Azure services, so extending those offerings and features makes practical sense for the company and other cloud providers,” King said. “It’s also worth noting that Microsoft’s approach also addresses a long term weakness in digital security – the fragmented nature of most solutions and the lack of collaboration among many security vendors. If Microsoft’s multicloud security hub works as advertised, it should benefit numerous businesses that work with Azure, Google Cloud and AWS.”

The update to Defender for Cloud comes alongside the launch of CloudKnox Permissions Management, now available in public preview. This helps to provide visibility into user and workload identities across clouds, with automated features that consistently enforce least privilege access and detect and remediate suspicious activities. Microsoft Sentinel, a threat analytics service, also added new features today.

Image: Microsoft

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU