Microsoft Defender for Cloud Adds Support for Google Cloud Platform

Microsoft has announced this morning some improvements for its Defender for Cloud suite. The company says that the Microsoft Defender for Cloud service will now provide native support for Google Cloud Platform (GCP) environments, and this capability is currently available in public preview for all enterprise customers.

Microsoft Defender for Cloud (formerly known as Azure Security Center and Azure Defender) is a tool that provides advanced threat protection across hybrid cloud environments. This new Google Cloud Platform (GCP) support builds on top of the existing Amazon Web Services (AWS) integration in the Microsoft Defender for Cloud portal that launched last year.

“Organizations can now easily understand and manage their security posture across clouds and protect their workloads from a central place – no matter if they’re running in Azure, Amazon Web Services (AWS), GCP, or on-premises. It also makes Microsoft the only cloud provider who enables you to manage security centrally and natively across clouds,” Eric Doerr, CVP of Cloud Security at Microsoft.

Microsoft Defender for Cloud protects the most critical workloads running in GCP, including containers and servers. Protection for server and container workloads is provided by Microsoft Defender for Endpoint and it includes endpoint detection and response (EDR), which is an expanded set of services based on traditional antimalware, and attack surface reduction (ASR). Microsoft Defender for Cloud also provides the following features:

• Server-focused vulnerability assessment
• Behavioral alerts for virtual machines (VM)
• OS recommendations across security baselines
• Missing OS updates
• Adaptive application controls (AAC)
• File integrity monitoring (FIM)

With GCP support, Microsoft Defender for Cloud will now provide organizations with a centralized hub to monitor and secure their Google Cloud Platform (GCP) environments. Microsoft has implemented more than 80 out-of-the-box recommendations that support key industry and regulatory standards (such as CIS benchmarks) as well as security best practices. Some examples of critical recommendations include the multi-factor authentication feature is enabled for all non-service accounts, Cloud Storage Buckets cannot be accessed anonymously or publicly, and more.

Moreover, there is also an option for the security teams to create custom recommendations in the Microsoft Defender for Cloud portal. This should help organizations to meet internal security or compliance requirements.

Microsoft Defender for Cloud portal now supports Google Compute Engine VMs

Additionally, Microsoft Defender for Cloud will now provide extended container protection for Google GKE Standard clusters. Microsoft has also announced that its Defender for Cloud portal now supports Google Compute Engine virtual machines.

Last but not least, Microsoft has released a simplified onboarding experience that should make it easier to onboard Google Cloud environments. Meanwhile, the Microsoft Defender for Cloud portal can now automatically apply container and server protections capabilities to all newly added resources.

In addition to the new GCP support for Microsoft Defender for Cloud, Microsoft has launched CloudKnox Permissions Management in public preview. Microsoft Sentinel is also getting some new security features, and you can find more details in our separate post.