Microsoft Enhances Cloud Security Posture Management Capability with Google Cloud Platform Support
Introduction
Microsoft is expanding its cloud security posture management (CSPM) capability by adding support for Google Cloud Platform (GCP) to its existing Microsoft Defender for Cloud. CSPM has become a crucial component of cloud-native application protection platforms (CNAPPs), offering automated monitoring to ensure that hybrid and multicloud environments comply with risk and compliance requirements. The updated release of Microsoft Defender for Cloud, scheduled for August 15th, will enable administrators to view misconfigurations and other risks across their AWS, Azure, GCP, and on-premises compute resources.
Microsoft‘s Entrance into a Crowded Market
Microsoft‘s decision to introduce CSPM support for GCP has been met with mixed reactions from industry experts. While Microsoft emphasizes its multicloud approach to CSPM, some question why GCP users would turn to Microsoft for cloud security. Mike DeNapoli, director and cybersecurity architect at Cymulate, argues that CSPM alone does not provide a comprehensive view of resiliency. Nevertheless, Microsoft acknowledges that 90% of enterprises now operate multicloud environments, highlighting the need for a common approach to monitoring workloads across different cloud platforms.
Benefits and Challenges of Microsoft‘s Multicloud CSPM Approach
By introducing CSPM capabilities that support multiple cloud environments, Microsoft aims to reduce organizations’ dependency on third-party security providers. Melinda Marks, a senior analyst at Enterprise Strategy Group, explains that CSPM allows organizations to collect and compare data from different cloud service providers. This capability challenges CSPM providers, as Microsoft Defender for Cloud could be seen as a competitor. However, Chen Burshan, CEO of Skyhawk Security, believes that CSPM has become a standardized feature and emphasizes that Skyhawk offers it for free.
Microsoft‘s Cloud Security Graph
Microsoft leverages its cloud security graph to enable advanced posture management capabilities within Microsoft Defender for Cloud. Vasu Jakkal, corporate VP for security, compliance, identity, and management at Microsoft, asserts that this graph provides a comprehensive view of cloud and hybrid resources. By utilizing agentless scanning and contextual insights, Microsoft Defender CSPM allows security professionals to prioritize potential risks. Raviv Tamir, Microsoft‘s chief of security product strategy, explains that the graph database understands relationships between assets and supports risk-related queries. Microsoft plans to enhance the graph database by integrating data from its Vulnerability Management offering, allowing CSPM to mark external assets.
Expanding Capabilities and Policies
In addition to supporting GCP, Microsoft is expanding Defender CSPM’s data discovery capabilities by including GCP Cloud Storage. This enhancement enables security administrators to identify over 100 types of sensitive information and analyze attack paths. Moreover, Microsoft offers multicloud policy monitoring for free through its Microsoft Cloud Security Benchmark (MCSP), which is mapped to compliance standards such as CIS, PCI, and NIST. MCSP support is available in AWS and Azure, with GCP support currently in the preview stage.
Conclusion and Recommendations
Microsoft‘s addition of GCP support to its cloud security posture management capability reflects the increasing demand for a standardized approach to monitoring multicloud environments. While some question why GCP users would turn to Microsoft for cloud security, the multicloud capability of Microsoft Defender for Cloud aims to reduce dependency on third-party providers. However, organizations should carefully evaluate their specific security needs and consider the strengths and weaknesses of available CSPM solutions.
As organizations continue to adopt multicloud environments, it is crucial to prioritize a holistic approach to cloud security that includes CSPM as well as other security tools and best practices. By leveraging CSPM capabilities, organizations can gain real-time visibility into their cloud resources, ensuring configurations are aligned with risk and compliance requirements. However, CSPM alone is not sufficient to guarantee complete resiliency, and organizations should complement it with other security measures such as secure coding practices, strong identity and access management, and ongoing vulnerability assessments.
In conclusion, while Microsoft‘s extension of CSPM support to GCP is a welcome move, organizations should approach cloud security holistically and consider the full range of tools and practices available to safeguard their cloud-native applications and infrastructure.
<< photo by Mathias Reding >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- The Surge of Rhysida Ransomware: A Growing Threat to Healthcare Operations
- The Troubling Consequences of CISA: A Backdoor Threatens Barracuda ESG Security
- Freezing Out Risk: Expert Advice to Safeguard Against Thermal Attacks
- Exploring the Growing Importance of SASE Security: Check Point’s Acquisition of Perimeter 81
- Check Point Secures the Future: Acquires Perimeter 81, a SASE Security Firm for $490 Million
- Is Cloud Security the Next Frontier? Kivera Raises $3.5 Million in Seed Funding
- Exploring the Importance of Data Security Posture Management (DSPM)
- Securing the Cloud: Enhancing SaaS Security Posture Management Through Webinars
- “Strengthen Your Defense: Unveiling the Power of SaaS Security Posture Management in Tackling Insider Threats”
- Google Cloud and Brillio Join Forces to Revolutionize Financial Services and Healthcare Industries with Generative AI Solutions
- The Impact of HyperSense Fraud Management on Google Cloud: Exploring the Future of Fraud Detection
- Privilege Escalation Concerns: Uncovering the Flaw in Google Cloud Build
