Microsoft has brought its Defender for Cloud security system for weeding out configuration weaknesses in workloads to Google Cloud Platform (GCP).
The extension of Defender for Cloud brings the security offering in line with the same Defender for Cloud security services Microsoft currently offers for workloads on Amazon Web Services (AWS).
The two key Defender for Cloud services are Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWP) — two categories of security products that address cloud misconfigurations.
Eric Doerr, corporate vice president of Cloud Security at Microsoft, noted there are no dependencies on Google’s own tools, easy onboarding from GCP workloads, and more than 80 recommendations to harden an environment in GCP or AWS. Microsoft’s own Azure of course is already integrated into Defender for Cloud.
There is a dashboard that offers a quick overview across multiple clouds and a Secure Score for environments in those clouds. The recommendations include alerts about cloud storage buckets that are publicly accessible, alerts when multi-factor authentication (MFA) isn’t enabled for all non-service accounts, and where cloud SQL database instances don’t enforce incoming connections to use SSL encryption.
There’s also extensive support for containers and servers as well as container protection for Google Kubernetes Engine (GKE) Standard clusters.
Additionally, there is server protection to support Google Compute virtual machines, which relies on Defender for Endpoint and covers vulnerability assessments to behavioral alerts for VMs, anti-malware, and OS updates that need to be applied.
As for multi-cloud, Microsoft