Microsoft Defender for Cloud is a relatively new product name – created through a combination of “Azure Defender” and “Azure Security Center” – and is Microsoft’s solution for “cloud security posture management” (CSPM) and “cloud workload protection” (CWP).
It works not only in Azure but also Amazon AWS and Google GCP and hybrid scenarios via Azure Arc.
Licensing & Pricing
The main thing to understand is that Microsoft Defender for Cloud isn’t one thing, it is an umbrella for several separate products that all have their own costs.
|Microsoft Defender for Servers Plan 1||£0.006/Server/hour|
|Microsoft Defender for Servers Plan 2||£0.016/Server/hour|
Included data – 500 MB/day
|Microsoft Defender for Containers||£0.0072/vCore/hour|
|Microsoft Defender for SQL on Azure||£0.016/Instance/hour|
|Microsoft Defender for SQL outside Azure||£0.012/vCore/hour|
|Microsoft Defender for MySQL||£11.420/Instance/month|
|Microsoft Defender for PostgreSQL||£11.420/Instance/month|
|Microsoft Defender for MariaDB||£0.016/Instance/hour|
|Microsoft Defender for Storage||£0.016/10K transactions|
|Microsoft Defender for App Service||£0.016/App Service/hour|
|Microsoft Defender for Key Vault||£0.02/10K transactions|
|Microsoft Defender for ARM||£3.046/1M API calls|
|Microsoft Defender for DNS||£0.533/1M Queries|
|Microsoft Defender for IoT agentless monitoring||£107 per month per 100 monitored devices|
Microsoft Defender for IoT agentless monitoring covers existing environments and is deployed on-premises. It can be connected to Microsoft Sentinel with no additional Sentinel charges – but it will require an IoT Hub which costs between £7.61 – £1903.17 per month.
For new IoT devices deployed via Azure IoT Hub, Defender pricing is:
|Defender for IoT for devices managed by IoT Hub – by device||£0.0008/month|
|Defender for IoT for devices managed by IoT Hub – by messages||£0.153/25K transactions|
Both of these offer free usage for the first 30 days and then the pricing kicks in, so be aware of what things people are turning on within your organisation.
Microsoft Defender for Cloud Free Tier
This is enabled on all Azure subscriptions when you visit the Defender for Cloud section of the Azure portal and includes:
- Continuous assessment
- Security recommendations
- Secure Score for Azure
- Secure Score for AWS
The Microsoft Defender for Cloud page is here.