Discover Microsoft Defender for Cloud – a unified security management and advanced threat protection system for hybrid cloud workloads
Introduction
Discover the benefits of Microsoft Defender for Cloud. We explore its key features, benefits, and best practices for securing your Azure environment as well as multicloud and hybrid environments.
As cyber threats become more sophisticated, securing cloud environments is an increasing priority for many businesses.
As organisations increasingly migrate their workloads to the cloud, they face a myriad of cyber threats and vulnerabilities. Microsoft Defender for Cloud is a comprehensive, cloud-native security solution that protects cloud-based applications and workloads from these evolving threats.
Through intelligent threat detection, continuous vulnerability assessment, and security recommendations, Defender for Cloud helps businesses enhance their security posture. It offers insights into potential risks and compliance issues, empowering organisations to proactively address vulnerabilities before they can be exploited. Additionally, it provides tools for automating threat response, making it easier for security teams to defend against evolving cyber threats
Whether you’re a small startup or a large enterprise, Microsoft Defender for Cloud empowers you to maintain a strong security posture, detect and respond to threats in real-time, and integrate security into your development processes. By leveraging its comprehensive features, you can safeguard your cloud infrastructure, protect sensitive data, and ensure business continuity.
We will explain how Microsoft Defender for Cloud can help to:
- Enhance your organisation’s security posture
- Detect and respond to threats in real-time
- Integrate with existing security tools and frameworks.
We will also discuss pricing models, tiers and how pricing is calculated for Microsoft Defender for Cloud.
If you’d like to find out more about Microsoft Defender for your organisation, then please contact us for a free discussion with one of our Certified Azure technical consultants:
10 Key Features of Microsoft Defender for Cloud
Microsoft Defender for Cloud offers robust features designed to enhance the security of your Azure, multi-cloud and hybrid environments.
Cloud Security Posture Management (CSPM):
Provides continuous assessment of your cloud environment to identify and mitigate security risks, offering actionable recommendations to improve your security posture.
Cloud Workload Protection Platform (CWPP):
Protects workloads across virtual machines, containers, databases, and more.
This includes advanced threat protection capabilities to secure critical workloads.
DevSecOps Integration:
Unifies security management at the code level across multi-cloud and multiple-pipeline environments. This helps secure your code management environments and pipelines, providing insights into your development environment’s security posture.
Threat Detection and Response:
Uses AI and machine learning to detect and respond to threats in real-time. It integrates with Microsoft 365 Defender to provide a comprehensive view of attacks across cloud resources, devices, and identities.
Regulatory Compliance:
Helps ensure that your cloud deployments meet regulatory and compliance requirements, providing compliance assessments and recommendations based on industry standards.
Vulnerability Management:
Includes vulnerability scanning and management for your cloud resources, helping you identify and remediate vulnerabilities before they can be exploited.
Security Recommendations:
Offers tailored security recommendations to help you secure your cloud and on-premises resources. These recommendations are based on best practices and industry standards.
Attack Path Analysis:
Analyses potential attack paths to identify and mitigate risks before attackers can exploit them.
Infrastructure-as-Code (IaC) Security:
Provides security guidance for IaC, helping you identify and fix misconfigurations and exposed secrets in your code.
Unified Security Operations:
Integrates with existing security tools and frameworks, providing a unified platform for managing security operations across your entire environment.
Microsoft Defender for Cloud Subscription Pricing
The pricing for Microsoft Defender for Cloud is calculated based on the specific services and resources you choose to protect. There are 3 tiers to choose from based on your requirements:
Foundational Cloud Security Posture Management (CSPM) – always free
The Foundational Cloud Security Posture Management (CSPM) tier in Microsoft Defender for Cloud is designed to provide essential security features at no cost.
When you enable Defender for Cloud, you automatically enable the Foundational CSPM capabilities for all the resources in the subscription. These capabilities are part of the free services offered by Defender for Cloud.
This tier is ideal for organisations looking to get started with cloud security without incurring additional costs. It offers a solid foundation for improving your security posture and ensuring compliance with various standards.
Defender Cloud Security Posture Management (CSPM) Plan – chargeable
Microsoft Defender for Cloud’s Cloud Security Posture Management (CSPM) provides guidance to enhance your security and offers visibility into your current security status. It continuously assesses your resources, subscriptions, and organisation for security issues, presenting your security posture through a secure score. A higher score indicates a lower risk level.
Enabling the Defender CSPM plan adds extra protections, including governance, regulatory compliance (see later on for the range of standards that you can assess your environment against), cloud security explorer, attack path analysis, and agentless scanning for machines.
Defender for Cloud Secure Posture Management plan provides more, advanced security posture features. Defender CSPM protects all multi-cloud workloads, but billing is applied only on specific resources chosen at the time of enabling CSPM.
Once the Defender CSPM plan (click for more detail) is enabled on your subscription, you can enable the individual components of the Defender CSPM plan as follows:
- Agentless Scanning for Machines
- Agentless Discovery for Kubernetes
- Agentless Container Vulnerability Assessments
- Sensitive Data Discovery
- Permissions Management
The Defender Cloud Security Posture Management provides advance security posture capabilities as explained above and chargedat £3.93/Billable resource/month at the time of writing. Please see here for the up to date price Pricing – Microsoft Defender for Cloud | Microsoft Azure
Cloud Workload Protection Plans – chargeable
Microsoft Defender for Cloud offers robust cloud workload protection, enabling organisations to swiftly prevent, detect, and respond to contemporary threats in multi-cloud and hybrid environments. It delivers advanced threat protection to secure essential workloads, including virtual machines (VMs), containers, databases, storage, app services, APIs, and more.
Microsoft Defender for Cloud offers comprehensive workload protection plans to secure various types of workloads across Azure, multicloud and hybrid environments.
Here are the key plans and their pricing details (correct at the time of writing). For up-to-date pricing, please see here Pricing – Microsoft Defender for Cloud | Microsoft Azure
Product | Pricing | Features |
---|---|---|
Defender for Servers | Plan 1: £3.71 per server per month.
Plan 2: £11.05 per server per month. |
Includes advanced threat protection, vulnerability management, and file integrity monitoring for Windows and Linux virtual machines, whether on-premises or in the cloud (Azure, AWS, GCP).
Key Differences of Plan1 & Plan2 |
Defender for Storage | £8 per storage account per month. | Provides malware scanning and data protection for Azure Blobs, Azure Files and Azure Data Lake Storage Gen2 resources. |
Defender for Containers | £5.20 per vCore per month. | Includes image scanning, runtime protection, and security for containerized applications running in Azure Kubernetes Service (AKS). |
Defender for Databases | £11.35 per instance per month (for SQL on Azure-connected databases). | Offers threat detection and vulnerability assessments for SQL servers on Azure SQL Database, Azure SQL Managed Instance, Azure SQL elastic pools, Azure Synapse Analytics dedicated SQL pool, SQL on Azure Virtual Machines and SQL on Azure Arc enabled resources (in the customer’s datacentre, on the edge or in a multi-cloud environment). |
Defender for APIs | £151.37 per subscription/ month up to 1 million API calls. | Provides API security, threat detection, and access control to protect APIs from threats and vulnerabilities. |
Benchmarks and Standards
The Microsoft Cloud Security Benchmark (MCSB) uses a comprehensive set of security recommendations and best practices developed by Microsoft, aligned with widely recognised compliance frameworks such as CIS, NIST SP 800-53, and PCI-DSS. It offers up-to-date, cloud-agnostic guidelines for securing Azure, AWS, and GCP environments. Microsoft recommends MCSB for customers seeking to enhance their security posture and align with industry standards.
Here are some of the key standards available:
- ISO 27001: Information security management.
- PCI-DSS: Payment Card Industry Data Security Standard.
- GDPR: General Data Protection Regulation for Europe.
- HIPAA: Health Insurance Portability and Accountability Act for healthcare.
- NIST: National Institute of Standards and Technology.
- CIS Controls: Center for Internet Security Controls.
Getting Started with Microsoft Defender for Cloud
Our recommended approach is as follows:
- Sign in to Azure Portal with your credentials
- Navigate and enable Microsoft Defender. Search for Microsoft Defender for Cloud and Enable to start the process. This will activate the Foundational CSPM settings.
- Configure environment settings. Settings such as auto-provisioning, email notifications, resource types ensure comprehensive security coverage.
- Review Secure Score and recommendations. Check your Secure Score to understand your current security posture and follow the security recommendations.
- Add compliance policies. Add policies such as ISO 27001 or PCI-DSS to ensure your resources meet regulatory requirements.
- Explore advanced features. If needed, these include threat detection, vulnerability management and workload protection.
If you’d like to find out more about how Microsoft Defender for Cloud could work in your organisation or have questions about the tools or pricing, then please contact us for a free discussion with one of our Certified Azure technical consultants:
If you’ve enjoyed reading this Blog Post, then sign up to receive our monthly newsletter where we share new blogs, technical updates, product news, case studies, company updates, Microsoft and Cloud news (scroll down to the sign up block on this page)
We promise that we won’t share your email address with other business or parties, and will keep your details safe. You can choose to unsubscribe at any time.
Contact our Microsoft specialists
Phone or email us to find out more – or book a free, no-obligation call with our technical consultants using the contact form.
“It’s great to work with the Compete366 team, the team members are really knowledgeable, helpful and responsive. No question is too difficult for them. They have really helped us to manage our Azure costs and ensure we have the right environment. When we bring a new customer on-board we can scale up immediately via the Azure portal and quickly make environments available to our customers.”
“We also find that there’s never a heavy sales pitch from them – they are technically focused and recommend what’s right for us.”
“We had great support from the Compete366 AVD expert, who was really helpful, and guided me through options to tackle issues that arose.”
“The great thing about our AVD set up is that we have a custom set up for each project which Compete366 showed me how to do. And with the scalability and flexibility of AVD – we can meet clients’ expectations and get project users up and running more quickly.”
“We were immediately impressed with the advice that the Compete366 specialists in Azure Architecture were able to provide. This was all new to us and we really needed some external expertise that we could use to get our questions answered. The beauty of working with Compete366 is that we transferred our Azure consumption to them, and at the same time received all of their advice and guidance free of charge.”
“Working with Compete366 has been like extending our own team – they are extremely and easy to work with. Right from the outset, it was clear what was on offer – everything was presented to us in a straightforward and uncomplicated way. They also provided just the right level of challenge to our developers and saved us time and money by suggesting better ways to implement our infrastructure.”
“Compete366 were able to help us leverage some useful contacts in Microsoft. We really value the expert advice and guidance that they have offered us in setting up a highly scalable infrastructure. We are also setting in place a regular monthly meeting which will allow us to further refine our architecture and ensure we keep on track as our requirements grow and change.”
“I have been delighted with the migration, where my team worked very hard, supported by expert advice from Compete366, and achieved everything in the timescale we had set out. Compete 366 made sure that we didn’t make any expensive mistakes, and guided us through the process”