Microsoft Defender for Cloud now has two new features designed to improve DevOps platform management and insights into cloud security posture.
The first, Microsoft Defender for DevOps, is a centralized platform designed to manage the security of several DevOps environments at once, in a bid to help businesses prioritize critical code issues and secure applications as they’re built.
Another new feature, Microsoft Defender Cloud Security Posture Management (CSPM), will build on Defender’s “existing [security posture insight] capabilities” to help businesses identify the resources that are most vulnerable to attack.
Put simply, Microsoft Defender CSPM will inform IT admins of where their infrastructure is vulnerable to attack, while Microsoft Defender for DevOps will make it easier and faster for them to respond manually to untapped vulnerabilities or active threats.
The company claims that the “agentless scanning capabilities” of Defender CSPM will save IT teams time by allowing them to integrate insights from Defender for DevOps to only monitor the most critical risks to vital infrastructure.
This should make the lives of IT admins more straightforward; Microsoft believes the two services working in tandem can reduce recommendation noise “by up to 99%”.
These two new features follow the release of Microsoft Defender External Attack Surface Management (EASM) earlier this year, which aims to alert IT teams to unprotected endpoints across their organization. For automatic patch management, which can neutralize some of these vulnerabilities, IT teams can look to Azure.
The new features are available now from Microsoft Defender for Cloud’s dashboard.