Microsoft Defender for Cloud

• Microsoft Defender for Cloud
• Microsoft Defender for Cloud documentation
• Become a Microsoft Defender for Cloud Ninja

Microsoft Tech Community Blogs

• Detect Container Drift with Microsoft Defender for Containers
• Securing Multi-Cloud Gen AI workloads using Azure Native Solutions
• Using Defender XDR Portal to hunt for Kubernetes security issues
• Leveraging Azure native tooling to hunt Kubernetes security issues
• Monthly News - August 2024
• Microsoft Power BI and Microsoft Defender for Cloud
• Cloud security posture and contextualization across cloud boundaries from a single dashboard
• Monthly news - June 2024
• Best Practices to Manage and Mitigate Security Recommendations
• Accelerate cloud security risk remediation with Microsoft Copilot for Security
• Securing your API Management service from day one with Defender for APIs
• Vulnerability Assessment with Defender for Servers, Powered by Defender Vulnerability Management
• Secure your AI applications from code to runtime with Microsoft Defender for Cloud
• Microsoft Defender for Cloud Extends Support to Enable Increased API Security Testing Visibility
• Securing cloud-native applications in the age of AI: Defender for Cloud sets a new standard
• End to end container security with unified SOC experience
• Monthly news - May 2024
• Microsoft Defender for Open-Source Relational Databases Now Supports Multicloud (AWS RDS)
• Protecting Containers: A Primer for Moving from an EDR-based Threat Approach
• Introducing our CNAPP mastery e-book!
• Operationalizing Attack Path Insights
• eBPF-Powered Threat Protection using Inspektor Gadget
• Microsoft Defender for Cloud Adds Full Coverage for Azure Open-Source Relational Databases
• How to better manage cost of API calls that Defender for Cloud makes to AWS
• Unleashing the Power of Microsoft Defender for Cloud – Unique Capabilities for Robust Protection
• Monthly news - April 2024
• Microsoft Defender for Cloud Free Trial per Plan
• Secrets scanning for Cloud deployments
• Native-First Cloud Security Approach
• Microsoft Defender for API Security - Estimate Your Plan Cost Easily
• Resource-level billing change for Defender for Servers Customers
• Prepare for upcoming transitions in Defender for Servers
• Protect Against OWASP API Top 10 Security Risks Using Defender for APIs
• Exposure Management: The Evolution of Vulnerability Management
• Defender CSPM enhances risk prioritization, remediation, and compliance for multicloud environments
• Monthly news - March 2024
• Unlocking New Dimensions in Cybersecurity - Advanced Export for Defender for Cloud Attack Insights
• Defender for Cloud deployment in AWS/GCP - Agents, Resources, IAM and Cleanup options
• Enforcement of Defender CSPM for Premium DevOps Security Capabilities
• Monthly news - February 2024
• Bridging the Gap Between Code and Cloud with Defender for Cloud
• Agentless Container Posture Management in Multicloud
• Contextual Risk Estimation for Effective Prioritization
• Agentless malware scanning for servers with Defender for Cloud
• Defender for Cloud - Qualys retirement plan for Vulnerability assessment on cloud workloads
• Monthly news - January 2024
• Securing DevOps with Microsoft's CNAPP: Defender for Cloud
• Agentless scanning for virtual machines in the cloud – technical deep dive
• Monthly news - December 2023
• Better Together = Defender CSPM + Database Protections
• Defender for cloud's Agentless secret scanning for virtual machines is now generally available!
• Simplifying Onboarding to Microsoft Defender for Cloud with Terraform
• Effective novelty detection in cloud security domain
• Defender for Cloud unified Vulnerability Assessment powered by Defender Vulnerability Management
• Securing your GitLab Environment with Microsoft Defender for Cloud
• Microsoft Announces General Availability of Defender for APIs
• Enhancing Defender CSPM across the application lifecycle
• Announcing new CNAPP capabilities in Defender for Cloud
• Monthly news - November 2023
• Securing Cloud Resources: Assessing Internet Exposure for Enhanced Defense and Risk Management
• Microsoft Defender for Cloud latest protection against sophisticated abuse of Azure VM Extensions
• E2E Bootstrap Solution for Malicious File Scanning Using Microsoft Defender for Storage in Azure
• Microsoft Defender for Cloud Now Supports CIS Azure Security Foundations Benchmark 2.0.0
• High severity curl vulnerability: prepare with Microsoft Defender for Cloud
• Proactively secure your Google Cloud Resources with Microsoft Defender for Cloud
• Monthly news - October 2023
• New expanded visibility into multicloud data security in Microsoft Defender for Cloud
• How to keep track of Defender for Cloud Coverage
• Monthly news - September 2023
• Agentless Discovery for Kubernetes is now offered as part of Defender for Containers
• Defender for APIs Better Together with Azure Web Application Firewall and Azure API Management
• Proactively secure your AWS Cloud Resources with Microsoft Defender for Cloud
• New multicloud CNAPP innovations in Microsoft Defender for Cloud
• Monthly news - August 2023
• Malware Scanning for cloud storage GA announcement | prevent malicious content distribution
• Microsoft Defender for Cloud - strategy and plan towards Log Analytics Agent (MMA) deprecation
• Enhanced Cloud Security: Value-Added with Defender CSPM's Agentless Features
• Microsoft Defender for Cloud - 'SQL servers on machines should have vulnerability findings resolved'
• Announcing Microsoft Defender for Cloud capabilities to counter identity-based supply chain attacks
• Incident Triage: Microsoft Defender for Cloud Attack Path Analysis and Microsoft Sentinel
• Comprehensive Guide on Agent-based and Agentless Cloud Protection
• Microsoft Defender for APIs enriches Defender CSPM capabilities.
• Correlating alerts in Microsoft Defender for Cloud
• Monthly news - July 2023
• Continuous Export as Trusted Service to Event Hub
• Introducing the Azure Workbook for Defender CSPM Visualization: Enhance Your Cloud Security Posture
• Microsoft Defender for API Security Dashboard
• Defender for SQL Vulnerability Assessment Updates
• Monthly news - June 2023
• Microsoft Defender for Cloud - Automate Notifications when new Attack Paths are created
• Your Ultimate Solution for Catching Container Image Exposure Before It Happens
• Microsoft Defender for Cloud Onboarding workbook V2
• Microsoft Defender for DevOps Azure DevOps Connector - Microsoft Defender for Cloud PoC Series
• Remediating Infrastructure-as-Code Misconfigurations with DevOps Security in Defender for Cloud
• One click to cover containers & Kubernetes in Defender CSPM (agentless)
• Container Security with Microsoft Defender for Cloud
• Microsoft Defender for DevOps GitHub Connector - Microsoft Defender for Cloud PoC Series
• Validating Microsoft Defender for APIs Alerts
• Creating custom recommendations & standards for your workloads with Microsoft Defender for Cloud
• Monthly news - May 2023
• Microsoft bolsters cloud-native security in Defender for Cloud with new API security capabilities
• Onboarding your AWS/GCP environment to Microsoft Defender for Cloud with Terraform
• Uncover the latest cloud data security capabilities from Microsoft Defender for Cloud
• Monthly news - April 2023
• Announcing Defender CSPM GA & new data security capabilities in Microsoft Defender for Cloud
• Improved experience for managing the default Azure security policies
• Announcing Microsoft cloud security benchmark v1 (General Availability)
• How to configure Security Events collection with Azure Monitor Agent
• Microsoft Defender PoC Series – Defender CSPM
• Prioritize Risk remediation with Microsoft Defender for Cloud Attack Path Analysis
• Monthly news - March 2023
• Leveraging Defender for Containers to simplify policy management in your Kubernetes Clusters
• Proacting Hunting with Cloud Security Explorer in Defender for Cloud
• Consuming Microsoft Defender for Cloud Data
• DevOps Security - Configuration of DevOps Pipeline Classic and YAML method
• Protect your storage resources against blob-hunting
• Remediating Security Issues in Code with Pull Request Annotations
• A Proactive Approach to Cloud Security Posture Management with Microsoft Defender for Cloud
• Microsoft Defender for Endpoint for Linux and Microsoft Defender for Servers
• Defender for Servers Security Alerts Improvements
• What you need to know when deleting and re-creating the security connector(s) in Defender for Cloud
• Initial access techniques in Kubernetes environments used by Kinsing malware
• New express configuration for Vulnerability Assessment in Microsoft Defender for SQL- Public Preview
• How-to use Microsoft Defender for Cloud Ransomware alerts to preserve Azure Backup recovery points
• 4 Factors Customers Used in Selecting Microsoft Defender for Cloud
• How Microsoft cloud security benchmark (MCSB) helps you succeed in your cloud security journey
• Microsoft cloud security benchmark: Azure compute benchmark is now aligned with CIS!
• New OpenSSL v3 vulnerability: prepare with Microsoft Defender for Cloud
• Automate SecOps to Developer Communication with DevOps Security in Defender for Cloud
• Automate DevOps Security in Defender for Cloud Recommendation Remediation
• Compliance for Exposed Secrets Discovered by DevOps Security in Defender for Cloud
• Announcing Microsoft cloud security benchmark (Public Preview)
• DevOps Security Workbook
• Pre-Deployment Protection for Infrastructure as Code
• Deploying and Managing Microsoft Defender for Cloud as Code
• Securing Containers from Build to Runtime
• Containers Security Mapping Dashboard
• Defender for Cloud Onboarding workbook
• Demystifying Dependencies and Pricing of Microsoft Defender for Cloud Multicloud Capabilities
• Microsoft Defender for Cloud PoC Series - Multicloud with AWS
• Microsoft Defender for Cloud PoC Series - Multicloud with GCP
• Deploy Microsoft Defender for Cloud via Terraform
• Automation for responding to Microsoft Defender for Key Vault alerts
• Microsoft Defender for Azure Cosmos DB - now generally available
• Defender for Servers Plan 2 now integrates with Defender for Endpoint unified solution
• Drive your organization to security actions using Governance experience
• Microsoft Defender for Cloud RSA announcements -
• How to demonstrate the new containers features in Microsoft Defender for Cloud
• Defender for Endpoint and Defender for Cloud- which dashboard should you use?
• Security posture management and server protection for AWS and GCP are now generally available
• New Ransomware Recommendation Dashboard in Microsoft Defender for Cloud
• Automation to block compromised identity detected by Microsoft Defender for Resource Manager
• Policy Distribution Dashboard for Microsoft Defender for Cloud
• Azure Security Benchmark v3 Workbook
• Microsoft Defender for Cloud Cost Estimation Dashboard
• Detecting identity attacks in Kubernetes
• Automation to Block Outgoing Traffic to Malicious Websites detected by Microsoft Defender for DNS
• Microsoft Defender for Key Vault - Deploy to Azure Synapse Analytics
• Protect your Google Cloud workloads with Microsoft Defender for Cloud
• 7 steps to author, develop, and deploy custom recommendations for Windows using Guest Configuration
• Validating Alerts on Microsoft Defender for SQL on machines
• Microsoft Defender for Cloud PoC Series - Microsoft Defender for Containers
• How Defender for Cloud displays machines affected by Log4j vulnerabilities
• Introducing Microsoft Defender for Containers
• Microsoft Defender for Cloud - Use cases
• A new name for multi-cloud security: Microsoft Defender for Cloud
• Secure sensitive data in your cloud resources
• Announcing Azure Security Benchmark v3
• Ignite 2021: Microsoft Defender for Cloud news
• New enhancements added to network security dashboard
• Automatically Extend Multiple Suppression Rules on Security Alerts
• What’s New: Azure Security Benchmark Workbook (Preview)
• Microsoft Defender for Cloud Server Monitoring Dashboard
• Microsoft Defender for Cloud Alerts Workbook
• Microsoft Defender for Cloud PoC Series - Defender for Servers
• How Defender for Cloud finds VMs affected by OMI vulnerabilities in Azure VM Management Extensions
• Sharing access to Workbooks in Microsoft Defender for Cloud
• Microsoft Defender for Cloud PoC Series - Microsoft Defender for Kubernetes
• Microsoft Defender for Cloud PoC Series - Microsoft Defender for Container Registries
• Meeting the Cybersecurity Executive Order requirements with Microsoft Defender for Cloud
• Validating Microsoft Defender for App Service Alerts
• Microsoft Defender for Cloud PoC Series – Microsoft Defender for SQL
• How and why you should enforce Defender for Cloud plans with Azure policies
• Microsoft Defender for Cloud PoC Series – Microsoft Defender for App Service
• Microsoft Defender for Cloud PoC Series – Microsoft Defender for Key Vault
• Apply Adaptive Network Hardening across multiple Subscriptions
• Microsoft Defender for Cloud PoC Series – Microsoft Defender for DNS
• Microsoft Defender PoC Series – Microsoft Defender for Storage
• Microsoft Defender for Cloud PoC Series – Microsoft Defender for Resource Manager
• Azure Secure Score vs. Microsoft Secure Score
• Microsoft Defender for Storage – Price Estimation Dashboard
• New large-scale campaign targets Kubeflow
• Microsoft Defender for Endpoint for Linux is coming soon to Microsoft Defender for Cloud
• Time Indicators - Average Time taken to remediate resources
• Microsoft Defender for Cloud expands SQL protection to open-source relational databases
• General availability of new capabilities in Azure Defender – RSA 2021
• Time indicators in Microsoft Defender for Cloud assessments
• Remove Deprecated User Accounts across multiple Subscriptions
• How to Generate a Microsoft Defender for Cloud exemption and disable policy report
• Planning your Multi-Cloud Adoption with Microsoft Defender for Cloud
• Protect non-Azure resources using Azure Arc and Microsoft Defender for Cloud
• Eliminate Password-Based Attacks on Azure Linux VMs
• Security Control: Implement security best practices
• Detecting who is changing Alert Suppression rules in Azure Defender
• Azure Network Security using Microsoft Defender for Cloud integration with Azure Firewall Manager
• Validating Microsoft Defender for DNS Alerts
• Validating Microsoft Defender for Resource Manager Alerts
• Security Control: Encrypt data in transit
• Security Control: Enable encryption at rest
• Azure Defender and Security Center – Ignite 2021 Announcements
• Security Control: Protect Applications Against DDoS Attacks
• Security Control: Apply System Updates
• Weekly Secure Score Progress Report
• Security Control: Enable audit and logging
• Mapping between Azure Security Benchmark & CIS Microsoft Azure Foundations Benchmark available now!
• Continuously Export Secure Score for Over-Time Tracking and Reporting (Preview)
• Identifying Subscriptions that are not Managed by Microsoft Defender for Cloud
• Enhance your CI/CD deployment by using Vulnerability Assessments from Microsoft Defender for ACR
• Investigate Microsoft Defender for Cloud alerts using Azure Sentinel
• Security Control: Apply adaptive application control
• Security Control: Remediate Security Configurations
• Fileless Attack Detection for Linux is now Generally Available
• Container Image Scanning Notification Playbook
• Microsoft Defender for Key Vault
• Secure Score Over Time Power BI Dashboard
• How to keep track of Resource Exemptions in Microsoft Defender for Cloud
• Secure Score by Groups Workbook
• Querying your Secure Score Across Multiple Subscriptions in Microsoft Defender for Cloud
• Customizing Endpoint Protection Recommendation in Microsoft Defender for Cloud
• Security Control: Manage Access and Permissions
• Ignite 2020 - Introducing Azure Defender and Azure Security Center updates
• Resource exemption in Microsoft Defender for Cloud
• Azure Security Benchmark v2 is now available with expanded security control assessments
• Assigning Permissions in Microsoft Defender for Cloud
• TeamTNT activity targets Weave Scope deployments
• Continuously export security findings from vulnerability assessment solution recommendations
• Security Control: Enable Endpoint Protection
• Automation to Block Brute-force Attacked IP detected by Microsoft Defender for Cloud
• Become a Microsoft Defender for Cloud Ninja
• Threat Protection for SQL IaaS VMs running on-premises using Microsoft Defender for Cloud
• Security Control: Restrict Unauthorized Network Access
• Threat Protection for SQL IaaS VMs hosted on Azure Arc using Microsoft Defender for Cloud
• Built-in vulnerability assessment for VMs in Microsoft Defender for Cloud
• Microsoft Defender for Cloud Secure Score Reduction Alert
• Security Control: Enable MFA
• Asset inventory experience in Azure Security Center
• Fileless Attack Detection for Linux Preview is Expanding
• Threat Protection for SQL IaaS VMs using Microsoft Defender
• Creating a Custom Dashboard for Azure Security Center with Azure Resource Graph
• Security Control: Secure Management Ports
• How Secure Score affects your governance
• Azure Security Center new security alerts experience
• Deliver a Security Score weekly briefing
• How to respond to potential Malware uploaded to Azure Storage Blob
• Continuously Export Microsoft Defender for Cloud Alerts and Recommendations via Policy
• Security Control: Remediate Vulnerabilities
• Suppression rules for Azure Security Center alerts are now available in public preview
• Microsoft Defender for Cloud Data Flow
• Security Controls in Microsoft Defender for Cloud: Secure Score Series - Overview
• Working with Logic App Parameters While Building Azure Security Center Automations
• Azure Security Center – automating Change Requests in ServiceNow using Workflow automation.
• Centralized Policy Management in Microsoft Defender for Cloud using Management Groups
• Exporting Azure Container Registry Vulnerability Assessment in Microsoft Defender for Cloud
• How to isolate an Azure VM using Azure Security Center’s Workflow automation
• Validating Azure Key Vault Threat Detection in Microsoft Defender for Cloud
• Send ASC Recommendations to Azure Resource Stakeholders
• Exporting Vulnerability Assessment Results in Microsoft Defender for Cloud
• Obtaining the Direct Link to Security Recommendations
• Closing an Incident in Azure Sentinel and Dismissing an Alert in Azure Security Center
• The Adventure of Automating Azure Security Center Part 1
• Using Azure Security Center API for Workflow Automation
• Gain visibility for CVE-2020–0601 with Azure security center recommendation across your tenant.
• How to Identify the User that Dismissed an Alert in Microsoft Defender for Cloud
• Enumerating storage accounts to calculate Microsoft Defender for Storage plan for Storage Cost
• Searching ATP for Microsoft Defender for Storage Alerts in Log Analytics Workspace
• Validating Microsoft Defender for Storage Detections
• Sending emails when a new recommendation is triggered in Microsoft Defender for Cloud
• Find disabled Security Center Recommendations using PowerShell
• Configuring Security Center Resource Type Pricing with Azure Policy (contains updated policies)
• How to demonstrate the new containers features in Azure Security Center
• Ignite 2019 releases for Azure Security Center and Azure platform security
• ASC Powered by ARG (Azure Resource Graph)
• Accessing Microsoft Defender for Cloud Alerts in Splunk using Graph Security API Integration
• Microsoft Defender for Cloud Monitoring Agent Deployment Options
• Survival Guide to Drive your Secure Score Up in Microsoft Defender for Cloud
• Identify Azure VMs which are not monitored by Security Center
• Email Notification for alerts triggered by ATP for Azure Storage, SQL ATP and Azure Security Center
• How to Effectively Perform a Microsoft Defender for Cloud PoC
• Investigating a Fileless Attack using Microsoft Defender for Cloud
• Using Azure Security Center Secure Score to Strength your Security Posture
• Configure Security Center bundle pricing with Azure Policy
• Tracking Changes in the Pricing Tier for Microsoft Defender for Cloud
• Configure Security Center pricings per resource type - using an ARM Template
• Managing Security Center at scale using ARM templates and Azure Policy
• Azure Security Center & automatic creation of an incident in ServiceNow
• Automate Azure Security Center actions with Playbooks and ServiceNow
• Notable Events in Azure Security Center
• Using Azure Security Center search capability during your security investigation
• Testing Azure Security Center Detections Capabilities

Community Blogs

• Microsoft Defender for Storage in pills
• AWS Posture Management with Microsoft Defender for Cloud CSPM

Videos & Podcasts

• Defender for Cloud in the Field
• Microsoft Defender for Cloud with Yuri Diogenes

Books & Whitepapers

• Implementing a cloud-native application protection platform (CNAPP) strategy

Social Media

• Yuri Diogenes