This course helps you understand what Microsoft Defender for Cloud is, what it offers, and how it can be used to protect resources.
Learning Objectives
- Learn what Microsoft Defender for Cloud is and what it does
- Look at how Defender for Cloud is used to protect Azure resources, hybrid resources, and resources in other clouds
- Look at how Defender for Cloud can be used to assess vulnerabilities and optimize security
- Learn to use Defender for Cloud
Intended Audience
This course is intended for those who wish to learn about Microsoft Defender for Cloud.
Prerequisites
To get the most from this course, you should have some basic experience using Azure.
Welcome back. Defender for Cloud comes with features that you can use to assess vulnerabilities in VMs, container registries, and even SQL servers. It’s important to point out that some of these features are actually powered by Qualys, which is a third-party security suite. However, you don’t need a Qualys license nor a Qualys account to use them, because they are built into Defender for Cloud.
Microsoft Defender for Servers integrates natively with Microsoft Defender for Endpoint. This integration allows you to view its vulnerability findings in Microsoft threat and vulnerability management. You can then respond to these vulnerability findings from within Defender for Cloud. The best way to secure your workloads is to build out tailored security policies that meet the needs of your organization. Defender for Cloud streamlines this process because it’s built on top of Azure Policy controls. In other words, you can configure policies to run against management groups, subscriptions, and even entire tenants.
Because Defender for Cloud is constantly discovering newly deployed resources, and constantly assessing their adherence to security best practices, it flags potential issues and creates a prioritized list of recommendations that highlights what issues need to be addressed. So, that being the case, Defender for Cloud not only helps you configure security policies, but it also allows you to apply secure configuration standards across all of the resources in your environment. In other words, instead of just being able to tell you what you NEED to do, Defender for Cloud also allows you to DO the things you need to do to ensure your resources remain secure.
When Defender for Cloud makes recommendations, it groups them into what are called security controls. It then assigns a secure score value to each control. You can use the secure score values to prioritize the work you need to do to harden your environment. In addition to the alerts that Defender for Cloud can send out, it also offers you the ability to secure the management ports of virtual machines with just-in-time access. It also offers adaptive application controls that can be used to create what are called allowlists. These allowlists provide the ability to control what apps can and can’t run on your machines.
So, to tie it all together. Defender for Cloud continuously assesses your environment so that you know your security posture and so that you can identify and track vulnerabilities. It secures your environment by helping you harden your resources and services, and it helps defend your environment by detecting and resolving threats to your resources.
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.