Microsoft Defender Cloud Security Posture Management (CSPM)

Photo by Henry & Co. on

Microsoft have introduced another member of the Defender family – Cloud Security Posture Management (CSPM).

Certain features are available free of charge in any environment where Defender for Cloud is enabled, these include:

  • Asset discovery
  • Security recommendations & compliance with Microsoft benchmarks
  • Secure score for posture

Paid features include:

  • Attack path analysis
  • Cloud security explorer
  • Advanced threat hunting

and more.


Defender CSPM protects all workloads across multi-cloud environments but is only chargeable for Server, Database, and Storage resources including:

  • VMs
  • Storage accounts
  • OSS DBs
  • SQL PaaS
  • SQL Servers

Pricing starts from May 1, 2023 and is $15 per resource per month but there are discounts available for Defender for Cloud customers:

Current Defender for Cloud CustomerAutomatic DiscountDefender CSPM Price
Defender for Servers P225%$11.25/ Compute or Data workload / month
Defender for Containers10%$13.50/ Compute or Data workload / month
Defender for DBs / Defender for Storage5%$14.25/ Compute or Data workload / month

For more info and to see a complete list of free/paid features, head to the Microsoft site here –

New Microsoft products – Defender Threat Intelligence, External Attack Defender, & Sentinel for SAP

Photo by Susanne Jutzeler, suju-foto on

Microsoft have added more new products to the Defender family – “Microsoft Defender Threat Intelligence” and “Microsoft Defender External Attack Surface Management” – and have brought out an SAP add-on for Microsoft Sentinel.

Microsoft Defender Threat Intelligence

This new offering, incorporating what was RiskIQ, effectively “maps the internet” and gives customers direct access to Microsoft’s real-time data and security signals; this enables organisations to “proactively hunt” for threats within their environment.

Microsoft Defender External Attack Surface Management

This helps organisations identify all their internet facing resources – including those you’re not aware of and/or have forgotten about. It’s so easy to lose track of your external facing devices with COVID changes, mergers, good old shadow IT, and the potential for mis-configured assets around the business.

Being able to see a continuously updated map of potentially vulnerable assets will be key for organisations looking to protect themselves, their assets, and their users.

Microsoft Sentinel for SAP

They have announced an SAP specific add-on for Microsoft Sentinel that will:

  • Monitor all system layers
  • Detect & respond to threats
  • Enable customisation to extend protection

According to Microsoft it will integrate with “virtually any” NetWeaver system. It launched in August 2022 and is free for the first 6 months. After that it will be an add-on charge to the regular Sentinel pricing.

Further Reading

Threat Intelligence

External Attack Surface Management

Sentinel for SAP

Microsoft security name changes – November 2021

Photo by Nothing Ahead on

During their Ignite 2021 conference, Microsoft announced a range of name changes across their security portfolio – these are:

Old nameNew name
Microsoft Cloud App Security (MCAS)Microsoft Defender for Cloud Apps
Azure Security Center + Azure Defender Microsoft Defender for Cloud
Azure Defender for IoTMicrosoft Defender for IoT
Azure Defender for StorageMicrosoft Defender for Storage
Azure Sentinel Microsoft Sentinel

These are, I believe, all the changes but there may be some other “Azure –> Microsoft” changes that have taken place!

Whenever products change names, there’s the potential for confusion among partners and customers. While many of these are fairly straightforward, I can definitely see people getting confused between “Microsoft Defender for Cloud” and “Microsoft Defender for Cloud Apps” 😂

%d bloggers like this: