The data security dashboard is now available in public preview as part of the Defender CSPM plan. The data security dashboard is an interactive, data-centric dashboard that illuminates significant risks to sensitive data, prioritizing alerts and potential attack paths for data across hybrid cloud workloads.
Data-aware security posture capabilities for frictionless sensitive data discovery for PaaS Databases (Azure SQL Databases and Amazon RDS Instances of any type) are now in public preview. This public preview allows you to create a map of your critical data wherever it resides, and the type of data that is found in those databases. Sensitive data discovery for Azure and AWS databases, adds to the shared taxonomy and configuration, which is already publicly available for cloud object storage resources (Azure Blob Storage, AWS S3 buckets and GCP storage buckets) and provides a single configuration and enablement experience.
Defender for Cloud plans are enabled per subscription, and it can become challenging to know which plan has been enabled on which scope, especially in larger environments. That is why we added the Coverage workbook to Defender for Cloud's Workbook Gallery a while back. While some plans simply need to be enabled, others will have additional dependencies. For example, in Defender CSPM, it is not enough to enable the plan on an Azure subscription, or multicloud connector, you will also want to enable agentless scanning for machines, agentless Kubernetes discovery, sensitive data discovery, and agentless vulnerability scanning for container registries. While all of these settings are enabled by default when enabling Defender CSPM today at no additional cost, or resource impact, that was not the case in the past. Also, someone might still accidentally disable one or all of these capabilities, while keeping Defender CSPM still enabled. With the updated Coverage workbook, it is easy to detect such misconfigurations.
Containers vulnerability assessment powered by Microsoft Defender Vulnerability Management (MDVM), now supports an additional trigger for scanning images pulled from an ACR. This newly added trigger provides additional coverage for active images in addition to the existing triggers scanning images pushed to an ACR in the last 90 days and images currently running in AKS.
Microsoft Monitoring Agent (MMA) is being deprecated in August 2024. Defender for Cloud updated it's strategy by replacing MMA with the release of a SQL Server-targeted Azure Monitoring Agent autoprovisioning process. During the preview, customers who are using the MMA autoprovisioning process with Azure Monitor Agent (Preview) option, are requested to migrate to the new Azure Monitoring Agent for SQL server on machines (Preview) autoprovisioning process. The migration process is seamless and provides continuous protection for all machines.
You can now view GitHub Advanced Security for Azure DevOps (GHAzDO) alerts related to CodeQL, secrets, and dependencies in Defender for Cloud. Results will be displayed in the DevOps blade and in Recommendations. To see these results, onboard your GHAzDO-enabled repositories to Defender for Cloud.