- Microsoft Defender, Sentinel, and CloudKnox Permissions Management ensure enterprises maintain the highest security standards while simplifying the management of heterogeneous and hybrid environments.
- Microsoft becomes the only provider with native multicloud protection for the three main platforms in the sector: Microsoft Azure, Amazon Web Services and, now, Google Cloud Platform.
- The preview CloudKnox Permissions Management public release, with automated features powered by Artificial Intelligence, that helps organizations detect and remove vulnerable permissions to cloud resources and alert IT teams if unusual activity occurs.
- The SIEM/SOAR Microsoft Sentinel is updated to take the analysis of large volumes of data one step further and locate high severity and low visibility threats, improving its current storage policy from 2 years to 7 years.
Microsoft aims to help every person and organization in the world strengthen their protection against security threats, while reducing the complexity of doing so in an environment that is increasingly aggressive by cybercriminals. For this reason, the company has presented new features in several of its solutions -Microsoft Defender, Sentinel and CloudKnox Permissions Management-. These allow you to strengthen visibility and control in multicloud environments, workloads, devices and digital identities, all from centralized administration; in addition to advancing the evolution towards hybrid work and digital transformation.
Microsoft Defender for Cloud, the future of the hybrid cloud
For organizations to successfully adopt a multicloud strategy, it is essential to simplify their security solutions. In this sense, Microsoft Defender for Cloud, which allows reducing complexity in heterogeneous environments by identifying weak points in the configurations of different cloud services, is now compatible with Google Cloud Platform (GCP) with its native Cloud Security capabilities Posture Management (CSPM) and Cloud Workload Protection (CWP). All this, without dependence on native Google tools and with complete integration into unified management. In this way, organizations see their user experience simplified with more than 80 recommendations ready to apply and reinforce the security of any type of cloud environment.
According to him Flexera 2021 State of the Cloud Report , 92% of organizations adopt a multicloud strategy mainly due to the flexibility it gives them when selecting services and optimizing costs. However, using different providers can be challenging. In one of his Latest studies , Microsoft found that the complexity of managing multicloud environments continues to be the top concern for 73% of professionals. For companies to fully embrace these strategies, it is critical that their security solutions offer comprehensive protection and easy management.
With support for GCP, Microsoft becomes the only provider with native multicloud protection for the three major platforms in the industry: Microsoft Azure, Amazon Web Services (AWS) ( announced at Ignite last November ), and now Google Cloud Platform.
CloudKnox strengthens the security of Zero Trust models
In multicloud environments, the number of platforms, devices, users, services and locations multiplies exponentially, so protecting those identities and permissions - which change dynamically wherever they are - is another fundamental factor in maintaining their security. A key point for many organizations here is the lack of visibility and control over these.
With the aim of helping companies in this area, Microsoft last year acquired CloudKnox Security , an identity and access management platform designed to meet the current demands of organizations. Now, the company announces the version preview CloudKnox Permissions Management public. CloudKnox provides complete visibility into all identities, users and workloads across clouds, with automated AI-powered features that help organizations detect and remove vulnerable permissions to cloud resources and notify teams of unusual activity. cybersecurity.
New features in Microsoft Sentinel
To defend against the threats of today and tomorrow, SOC teams must have immediate access to all security data. But as their volume continues to grow exponentially, having a single model is no longer enough.
Microsoft continues to work on improving its security information event management (SIEM/SOAR) solution by collecting all types of data, wherever it exists, to optimize detection, visibility and response to threats. Therefore, the company has added new ways to access and analyze security data thanks to Microsoft Sentinel.
One of the new features consists of the introduction of basic registers, which allows Microsoft Sentinel analyze large volumes of data and locate high severity, low visibility threats. The storage policy has also been improved from 2 to 7 years, allowing customers around the world to have broader support to meet their compliance needs anywhere in the world.
In addition, Microsoft has also added a new search experience to allow cybersecurity analysts to quickly and easily locate massive volumes of security data from all logs, scans, and files, in order to locate threats in a simple and effective way.
Visibility and control improvements in identity, compliance and payments
In the current scenario, it is essential to offer comprehensive solutions that organize identity, security, compliance and device management. For this reason, Microsoft has announced some updates to its portfolio, which help its clients increase their level of protection:
- Protect workload identities with Azure Active Directory (AAD). The capabilities of Azure AD beyond user protection, now also allowing workload identities to be managed in a context in which customers move more workloads to the cloud and develop more native applications. The company announced conditional access for workload identities last November. Identity protection can now also be applied to workload identities.
- More secure payments with Azure. The new service Azure Payment HSM , currently in release preview public, allows you to process payments securely in the cloud. Ensures the highest levels of protection for customer cryptographic keys and PINs for robust payment transactions.