{"id":104727,"date":"2022-02-23T06:00:00","date_gmt":"2022-02-23T14:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=104727"},"modified":"2023-05-15T23:05:59","modified_gmt":"2023-05-16T06:05:59","slug":"microsoft-security-delivers-new-multicloud-capabilities","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/02\/23\/microsoft-security-delivers-new-multicloud-capabilities\/","title":{"rendered":"Microsoft Security delivers new multicloud capabilities"},"content":{"rendered":"\n

In times of great change, challenges and opportunities can be found in many directions. This is certainly true in IT and cybersecurity.<\/p>\n\n\n\n

Today, while navigating a pandemic, frequent supply chain shocks, and global talent shortages, organizations around the world are forced to confront sophisticated ransomware and nation-state attacks. They\u2019re continually staying ahead of stricter compliance requirements, and they\u2019re doing all of this while focusing on the strategic edge they obtain using technology as a transformational advantage.<\/p>\n\n\n\n

Cloud, mobile, and edge platforms have driven unprecedented business innovation, adaptation, and resilience during this time, but this broad mix of technologies also introduces incredible complexity for security and compliance teams. The security operations center (SOC) must keep pace with safeguarding identities, devices, data, apps, infrastructure, and more. Further, they must take stock of evolving cyber risks in this multicloud, multi-platform world, and identify where blind spots may exist across a broad new set of users, devices, and destinations. <\/p>\n\n\n\n

When you combine these business needs and rising concerns, it\u2019s clear that security is the defining opportunity and challenge of our time. At Microsoft, our mission of empowering every person and organization on the planet to achieve more means anticipating these needs, slashing security complexity, and protecting organizations across their entire digital estate. We do this by making multicloud support central to our security strategy.<\/p>\n\n\n\n

Today, we\u2019re announcing new advances to help customers strengthen visibility and control across multiple cloud providers, workloads, devices, and digital identities\u2014all from a centralized management view. These new features and offerings are designed to secure the foundations of hybrid work and digital transformation.\u202f <\/p>\n\n\n\n

Delivering the future of multicloud security<\/h2>\n\n\n\n

According to the Flexera 2021 State of the Cloud Report, 92 percent of respondents are using a multicloud model, meaning they rely on apps and infrastructure from multiple cloud providers.1<\/sup> Another recent survey sponsored by Microsoft shows that 73 percent of respondents say it’s challenging to manage multicloud environments.2<\/sup> For organizations to fully embrace these multicloud strategies, it\u2019s critical that their security solutions reduce complexity and deliver comprehensive protection.<\/p>\n\n\n\n

Today, we\u2019re taking another step in Microsoft\u2019s journey to protect our customers across diverse cloud systems by extending the native capabilities of Microsoft Defender for Cloud<\/a> to the Google Cloud Platform (GCP).<\/strong><\/p>\n\n\n\n

With GCP support, Microsoft is now the only cloud provider with native multicloud protection for the industry\u2019s top three platforms: Microsoft Azure, Amazon Web Services (AWS) (announced at Ignite last November<\/a>), and now Google Cloud Platform (GCP). Microsoft Defender for Cloud provides Cloud Security Posture Management and Cloud Workload Protection. It identifies configuration weak spots across these top providers to help strengthen the overall security posture in the cloud and provides threat protection across workloads\u2014all from a single place.<\/p>\n\n\n\n

Support for GCP comes with out-of-box recommendations that allow you to configure GCP environments in line with key security standards like the Center for Internet Security (CIS) benchmark\u2014protection for critical workloads running on GCP, including servers, containers, and more. Find out more in today\u2019s announcement blog<\/a>. <\/p>\n\n\n\n

\"Microsoft<\/figure><\/div>\n\n\n\n

Strengthening Zero Trust with identity security from CloudKnox<\/h2>\n\n\n\n

Despite all this innovation and change, security and compliance fundamentals begin with conclusively managing identity. Identities are the foundational piece that makes it possible to deliver apps, data, and services where they\u2019re needed.<\/p>\n\n\n\n

In a multicloud world, the number of platforms, devices, users, services, and locations multiplies exponentially, so securing those dynamically changing identities and permissions, wherever they are, is another core pillar of multicloud protection. <\/p>\n\n\n\n

A key pain point for many organizations here is the lack of visibility and control over their ever-evolving identities and permissions. To help address this, last year we acquired CloudKnox Security<\/a>, a leader in Cloud Infrastructure Entitlement Management (CIEM), to accelerate our ability to help customers manage permissions in their multicloud environments and strengthen their Zero Trust<\/a> security posture.<\/p>\n\n\n\n

Today, we’re announcing the public preview of CloudKnox Permissions Management<\/strong>. CloudKnox provides complete visibility into user and workload identities across clouds, with automated features that consistently enforce least privilege access and use machine learning-powered continuous monitoring to detect and remediate suspicious activities. Learn more in today\u2019s blog post<\/a>. <\/p>\n\n\n\n

\"CloudKnox<\/figure><\/div>\n\n\n\n

Reinventing the economics of security data with Microsoft Sentinel<\/h2>\n\n\n\n

To defend against today\u2019s threats as well as tomorrow\u2019s, security teams must have ready access to all security data. But as the volume of security data continues to grow exponentially, a one-size-fits-all model is no longer sufficient.<\/p>\n\n\n\n

We\u2019re working to reinvent the economics of working with security information and event management (SIEM) data and delivering new ways to access and analyze security data by embracing all data types, wherever they live, to provide the most comprehensive threat hunting solution. Today, we\u2019re announcing new capabilities as the first step on this journey. We\u2019re introducing basic logs, a new type of log that allows Microsoft Sentinel<\/a> to sift through high volumes of data and find high-severity, low-visibility threats, and a new data archiving capability to extend data retention to seven years\u2014beyond our current policy of two years\u2014to enable our customers\u2019 global data compliance needs. We\u2019re also adding a new search experience to empower security analysts to hunt for threats more effectively. They can now search massive volumes of security data quickly and easily from all logs, analytics, and archives. Learn more about Microsoft Sentinel\u2019s vision and new capabilities<\/a>.<\/p>\n\n\n\n

Delivering comprehensive protection<\/h2>\n\n\n\n

In today\u2019s threat landscape, attacks are coming from anywhere and everywhere, including both inside and outside organizations. That\u2019s why it\u2019s critical to deliver comprehensive solutions that organize security, compliance, identity, endpoint management, and privacy as an interdependent whole while extending protection across platforms and clouds.<\/p>\n\n\n\n

To that end, we\u2019re announcing some updates across our portfolio that will help you better protect what\u2019s most important to your business:<\/p>\n\n\n\n