Defender for clouds offers a number of enchanced security features that protects the cloud. There are two types of security:
- Basic security Features(Free)– Defender for Cloud is activated for free on all of your Azure subscriptions when you open it for the first time in the Azure portal or if you enable it using the API. To assist you in safeguarding your Azure resources, Defender for Cloud by default offers the secure score, security policy and basic recommendations, and network security evaluation.
- Enable the improved security features for free for the first 30 days if you wish to test them out. If you opt to keep using the service beyond the first 30 days, we’ll begin automatically billing you for usage. See the pricing page for information on prices in your country or region.
- Enhanced security features(paid)- When the improved security capabilities are enabled, Defender for Cloud may offer unified threat prevention and security management across all of your hybrid cloud workloads, including:
- Microsoft Defender for endpoint- Microsoft Defender for Servers includes Microsoft Defender for Endpoint for comprehensive endpoint detection and response (EDR).
- Vulnerability assessment for virtual machines, container registries, and SQL resources – Solutions for vulnerability assessment can quickly find, manage, and fix problems. View, look into, and correct the issues right inside Defender for Cloud.
- Track compliance with standards- In accordance with the policies and industry best practices in Azure Security Benchmark, Defender for Cloud regularly evaluates your hybrid cloud system to identify the risk elements. You can use a variety of additional industry standards, legal benchmarks, and industry standards when you enable the increased security elements in accordance with your organization’s requirements. From the regulatory compliance dashboard, add requirements and monitor your compliance with them.
- Breadth threat protection – Cloud-native threat defense for the Azure services—Azure Resource Manager, Azure DNS, Azure network layer, and Azure Key Vault—that are shared by all of your resources. Defender for Cloud can safeguard cloud resources that are connected to the Azure administration layer and the Azure DNS layer because to its unique view into both layers.
- Access and applications controls- By using machine learning-powered suggestions tailored to your individual workloads to construct allow lists and blocklists, you can block malware and other harmful programs. With just-in-time, controlled access to management ports on Azure VMs, the attack surface of the network is reduced. Brute force and other network assaults are significantly reduced by access and application limits.
- Multicloud security- Connect your accounts from Amazon Web Services (AWS) and Google Cloud Platform (GCP) to protect resources and workloads on those platforms with a range of Microsoft Defender for Cloud security features.
- Hybrid security- Get a unified view of security across all of your on-premises and cloud workloads. Apply security policies and continuously assess the security of your hybrid cloud workloads to ensure compliance with security standards. Collect, search, and analyze security data from multiple sources, including firewalls and other partner solutions.