Describe the security management capabilities in Azure Flashcards
Describe Microsoft Defender for Cloud
Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) with a set of security measures and practices designed to protect cloud-based applications from various cyber threats and vulnerabilities.
Defender for Cloud combines the capabilities of:
-A development security operations (DevSecOps) solution that unifies security management at the code level across multi-cloud and multiple-pipeline environments.
-A cloud security posture management (CSPM) solution that surfaces actions that you can take to prevent breaches.
-A cloud workload protection platform (CWPP) with specific protections for servers, containers, storage, databases, and other workloads.
Describe how security policies and initiatives improve cloud security posture
Microsoft Defender for Cloud enables orgs to manage the security of their resources and workloads in the cloud and on-premises and improve their overall security posture. It does this by using policy definitions and security initiatives.
These are their terms:
-An Azure Policy definition, created in Azure policy, is a rule about specific security conditions that you want controlled.
-A security initiative is a collection of Azure Policy definitions, or rules, grouped together towards a specific goal or purpose.
-To implement policy definitions or initiatives, you assign them to any scope of resources that are supported, such as management groups, subscriptions, resource groups, or individual resources.
Define Microsoft cloud security benchmark
The Microsoft cloud security benchmark (MCSB) is a Microsoft-authored set of guidelines for security and compliance that provides best practices and recommendations to help improve the security of workloads, data, and services on Azure and your multicloud environment.
Describe Cloud security posture management (CSPM)
One of Microsoft Defender for Cloud’s main pillars for cloud security is Cloud Security Posture Management (CSPM). it provides you with hardening guidance that helps you efficiently and effectively improve your security.
Secure score is the central feature in Microsoft Defender for Cloud that provides visibility to your current security posture.
Describe the enhanced security of Microsoft Defender for Cloud - Workload protection
A pillar of cloud security is cloud workload protection. Through cloud workload protection capabilities, Microsoft Defender for Cloud can detect and resolve threats to resources, workloads, and services. Cloud workload protections are delivered through integrated Microsoft Defender plans, specific to the types of resources in your subscriptions, and provide enhanced security features for your workloads.
Defender plans:
-for servers, app service, storage, SQL, Kubernetes, containers, key vault, resource manager, etc.
Describe DevOps security management
DevOps combines development and operations to unite people, processes, and technology in application planning development, delivery, and operations. Modern enterprises rely on DevOps platforms for deployment, including the pipelines and production environments that developers require to be productive.
