At its Ignite 2021 conference, Microsoft made tons of announcements regarding its cloud and security solutions. A major aspect of this was improvements to its Defender for Cloud suite which now natively protects multicloud environments spread across Azure and Amazon Web Services (AWS). This has been done by enhancing Cloud Security Posture Management (CSPM) and Cloud Workload Protection.
Microsoft has boasted that after removing dependencies on AWS Security Hub, it is the only cloud provider to offer a centralized hub to monitor and manage multicloud setups. AWS configurations can now be assessed, recommendations are offered, and a holistic view of your security status is now provided. It also supports Amazon’s Elastic Kubernetes Service (EKS) and integrates with Azure Purview.
Additionally, Microsoft has also announced a new Microsoft Defender for Endpoint Plan 1 which offers endpoint security management capabilities at a lower price and can be purchased standalone. It covers Windows, macOS, Android, and iOS, and is available right now for Microsoft 365 E3 customers. Meanwhile, customers who want a more end-to-end and robust endpoint detection and response experience should consider Microsoft Defender for Endpoint Plan 2. In the same vein, Microsoft Defender for IoT can now be used to secure enterprise IoT devices. It offers integration with Sentinel, Defender, and other third-party tools. Finally, Microsoft Defender for Endpoint now offers vulnerability management coverage for Android and iOS devices as well.
Meanwhile, Azure Confidential Computing customers should look forward to confidential virtual machines (VMs) built on AMD EPYC 3 hitting preview this month. Confidential VMs built on Intel SGX are now in preview, while Trusted launch for all Azure Generation 2 VMs with Secure boot and vTPMs is now generally available. Azure Active Directory (AAD) Identity Governance has another capability in preview through which it can reach business-critical apps on on-premises infrastructure or private clouds.
Another major announcement is that Microsoft is releasing another endpoint security solution under the name of Microsoft Defender for Business. This is aimed at small- to medium-sized companies with up to 300 employees and offers simplified deployment and management, antivirus protections, endpoint detection and response, automated remediation, threat and vulnerability management, and integration with Microsoft Lighthouse. Microsoft Defender for Business will hit preview soon, will be included in Microsoft 365 Business Premium, and can be purchased standalone too.
On the other hand, organizations which utilize cloud apps can leverage app governance policy management capabilities to provide more insights about app behavior context in Microsoft Defender for Cloud Apps. The suite also integrates with mission-critical cloud apps like Slack, Smartsheet, Zendesk, and OneLogin.
Endpoint Manager has received some updates in preview to enhance its cross-platform breadth too. This includes Linux desktop management, the ability to deploy and manage non-PKG macOS apps with Intune, enhancements to Office security baselines for Windows and Windows Update security baselines, and Connected Cache to dynamically cache Microsoft updates, drivers, and apps on Configuration Manager servers.
Zero Trust is another important area for Microsoft and the Redmond tech giant is making it easier to deploy solutions based on this technology model. This is being done via Conditional Access app (preview) and device (generally available) filters, dashboards and templates (preview), Continuous Access Evaluation (GA by end of this year), Anomalous token and token issuer detections (GA), One-click enablement for risk data extensibility (GA), Conditional Access for workload identities (preview), and more authentication method policies for apps and workload identities (preview).
Microsoft is also making it easier for IT admins to modernize identity and access management for more application types via AAD, and the process to migrate apps from Active Directory Federation Services (ADFS) to AAD. Finally, Sentinel has the following features in preview: over 100 data collection solutions, User Behavior Analytics (UEBA) detection models, and near real-time analytics rules.