From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection
Microsoft Defender for Cloud: Security posture management - Microsoft Security Copilot Tutorial
From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection
Microsoft Defender for Cloud: Security posture management
- [Instructor] Microsoft Defender for Cloud provides a Cloud Security Posture Management, CSPM capability. What is Cloud Security Posture Management. It refers to a set of policies, tools, and processes for assessing, monitoring, and improving the security state of cloud environments. First, you need to select your cloud environments. You can enable Microsoft Defender for Cloud in multiple cloud environments such as Azure, AWS, and GCP. Then you will create a security initiative that is a collection of policies or rules. Each policy defines a specific security condition you want to control. For example, all virtual machines need to use encrypted discs. You can create custom security initiatives or use a prebuilt compliance standards. For example, Microsoft Cloud Security Benchmark is a default initiative applied by Microsoft Defender for Cloud. Based on the deployed security initiatives and policies, Microsoft Defender for Cloud provides the visibility into the current security posture of your cloud environments. You can view the secure score, which measures the risk level by continuously assessing all findings. You can also get a list of recommendations for improvements. After you complete recommended actions, the results will be reflected in your secure score. You can enable variance of compliance standards in Microsoft Defender for Cloud. For example, Microsoft Cloud Security Benchmark, a set of cloud security best practices. ISO/IEC 27001, an international standard for managing information security. PCI DSS, a standard for securing payment card data. NIST SP 800-53, a framework for security and privacy controls in federal systems. NIST SP 800-171, a standard for protecting controlled unclassified information, or SOC Type 2, a standard for securely managing customer data. These standards are prebuilt security initiatives for assessing your security posture. Let's do a quick demo of Security Posture Management in Microsoft Defender for Cloud. Under Management, click Environment Settings. Here you can configure your multi-cloud environments, for example, at AWS, GCP, or GitHub environments. Select the environment, for example, Azure Tenant Route Management Group. You can enable a security standard in your environment or create a custom standard. In Microsoft Defender For Cloud, on the Cloud Security, click Regulatory Compliance. Here you can view the compliance dashboard. Select a standard, for example, Microsoft Cloud Security Benchmark. You can view all compliance controls and the resource compliance status. Click Security Posture. Here you can view the current secure score by cloud environment. For each environment, you can view its recommendations. Click a recommendation. You can view the detailed information and take action to mitigate the threat. If your organization has Microsoft Security Copilot enabled, you can use the AI assistant to summarize this recommendation.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.