Monthly news – October 2023

Microsoft Defender for Cloud

Monthly news

October 2023 Edition


This is our monthly “What's new” blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from September 2023.

 Microsoft Defender for Cloud
Public Preview sign-up.png The data security dashboard is now available in public preview as part of the Defender CSPM plan. The data security dashboard is an interactive, data-centric dashboard that illuminates significant risks to sensitive data, prioritizing alerts and potential attack paths for data across hybrid cloud workloads.

Learn more about the data security dashboard.

Public Preview sign-up.png Data-aware security posture capabilities for frictionless sensitive data discovery for PaaS Databases (Azure SQL Databases and Amazon Instances of any type) are now in public preview. This public preview allows you to create a map of your critical data wherever it resides, and the type of data that is found in those databases. Sensitive data discovery for Azure and AWS databases, adds to the shared taxonomy and configuration, which is already publicly available for cloud object resources (Azure Blob , AWS S3 buckets and GCP buckets) and provides a single configuration and enablement experience.

Learn more about data-aware security posture.

Blogs on MS.png Defender for Cloud plans are enabled per subscription, and it can become challenging to know which plan has been enabled on which scope, especially in larger environments. That is why we added the Coverage workbook to Defender for Cloud's Workbook Gallery a while back. While some plans simply need to be enabled, others will have additional dependencies. For example, in Defender CSPM, it is not enough to enable the plan on an Azure subscription, or multicloud connector, you will also want to enable agentless scanning for machines, agentless Kubernetes discovery, sensitive data discovery, and agentless vulnerability scanning for container registries. While all of these settings are enabled by default when enabling Defender CSPM today at no additional cost, or resource impact, that was not the case in the past. Also, someone might still accidentally disable one or all of these capabilities, while keeping Defender CSPM still enabled. With the updated Coverage workbook, it is easy to detect such misconfigurations.

Product improvements.png

Containers vulnerability assessment powered by Microsoft Defender Vulnerability Management (MDVM), now supports an additional trigger for scanning images pulled from an ACR. This newly added trigger provides additional coverage for active images in addition to the existing triggers scanning images pushed to an ACR in the last 90 days and images currently running in AKS.

For more information, see Container Vulnerability Assessment powered by MDVM.

Product improvements.png Microsoft Monitoring Agent (MMA) is being deprecated in August 2024. Defender for Cloud updated it's strategy by replacing MMA with the release of a SQL Server-targeted Azure Monitoring Agent autoprovisioning process. During the preview, customers who are using the MMA autoprovisioning process with Agent (Preview) option, are requested to migrate to the new Azure Monitoring Agent for SQL server on machines (Preview) autoprovisioning process. The migration process is seamless and provides continuous protection for all machines.

For more information, see Migrate to SQL server-targeted Azure Monitoring Agent autoprovisioning process.

Product improvements.png You can now view GitHub Advanced Security for Azure (GHAzDO) alerts related to CodeQL, secrets, and dependencies in Defender for Cloud. Results will be displayed in the blade and in Recommendations. To see these results, onboard your GHAzDO-enabled repositories to Defender for Cloud.

Learn more about GitHub Advanced Security for Azure DevOps.

GitHub.png Microsoft Defender for Cloud Labs have been updated and now include very detailed guidance on enable, configure and test the new Defender for Storage plan capabilities.
webcast recordings.png Join our experts in the upcoming webinars to learn what we are doing to secure your workloads running in Azure and other clouds.

Note: If you want to stay current with Defender for Cloud and receive updates in your inbox, please consider subscribing to our monthly newsletter:


This article was originally published by Microsoft's Defender for Cloud Blog. You can find the original article here.