In this article we are going to continue learning about capabilities of Microsoft security solutions. If you couldn’t read the previous article, please check it from here.
Defender plans
A variety of cutting-edge intelligent protections are included in Microsoft Defender for Cloud for your workloads. The workload protections are offered by Microsoft Defender subscription plans customized to the kinds of resources you subscribe to. The following are the available Microsoft Defender for Cloud plans:
Cloud Plan | Explanation |
Microsoft Defender for servers | Enhances your Windows and Linux devices’ threat detection and sophisticated defenses. |
Microsoft Defender for App Service | Vulnerabilities that target apps using the App Service are identified. |
Microsoft Defender for Storage | Identifies behavior on your Azure Storage accounts that might be hazardous. |
Microsoft Defender for SQL | Wherever they may be, safeguards the data in your systems. |
Microsoft Defender for Kubernetes | Delivers run-time protection, workload protection, and cloud-native Kubernetes security environment hardening. |
Microsoft Defender for container registries | Safeguards all of your subscription’s registries based on Azure Resource Manager. |
Microsoft Defender for Key Vault | Advanced threat protection for Azure Key Vault. |
Microsoft Defender for Resource Manager | Automatically keeps track of your organization’s resource management activities. |
Microsoft Defender for DNS | Offers an extra degree of safety for sites using name resolution services supplied by Azure DNS. |
Microsoft Defender for open-source relational protections | Offers open-source relational database threat defenses. |
Azure Security Benchmark and security baselines for Azure
Organizations can secure their cloud systems on Azure with the use of the closely linked Azure Security Benchmark (ASB) and security baselines for Azure.
The Azure Security Benchmark
Prescriptive best practices and suggestions are offered by the Azure Security Benchmark (ASB) to assist increase the security of workloads, data, and services on Azure. Check GitHub Azure Security Benchmark V3 to understand it clearly.
Microsoft Defender for Cloud constantly evaluates a company’s hybrid cloud infrastructure to examine risk variables in accordance with policies and best practices from Azure Security Benchmark. In the ASB, controls including network security, identity and access control, data protection, data recovery, incident response, and more are employed.
Security baselines for Azure
Security baselines for Azure apply recommendations from the defined Azure Security Benchmark to the particular service. For instance, the security baseline for Azure Active Directory incorporates recommendations from the Azure Security Benchmark version 2.0.
Through enhanced tools, tracking, and security features, security baselines for Azure assist enterprises in enhancing their security. They also give businesses a standardized environment security experience. The control domains specified by the Azure Security Benchmark and relevant to the service are used to group the content in the security baseline.
The following details are included in each Azure security baseline:
Azure ID | The identification number for the recommended Azure Security Benchmark. |
Azure control | The information is organized by the control domain areas that are relevant to the service for which the security baseline is developed and are listed in the Azure Security Benchmark. |
Benchmark Recommendation | This corresponds to the suggested ASB ID in this case (or Azure ID). Every suggestion defines a specific control inside a control domain. |
Customer Guidance | The justification for the suggestion and references to instructions on how to put it into practice. |
Responsibility | Who is in charge of carrying out the control? Customer responsibility, Microsoft responsibility, or joint accountability are all potential outcomes. |
Microsoft Defender for Cloud monitoring | Does the control get monitored by Microsoft Defender for Cloud? |
The picture below is an extract from the Azure AD security baseline and serves as an illustration of the kind of stuff that is included there.