- Manages all the security features of Azure.
- Detect vulnerabilities, restrict your exposure to threats, and quickly detect and respond to attacks.
- Secure Score allows you to get continuous assessment and security recommendations.
- It helps you to detect unusual activities and prevent threats in your PaaS workloads.
- Protect your virtual machines with configuration and vulnerability management, workload hardening, and server EDR.
- It also supports advanced monitoring to track and manage compliance & governance.
- Allows you to protect your resources using free or standard tiers.
- Defender for Cloud displays the overall secure score of your account. The higher the score, the lower the identified risk level.
- Recommendations help you remediate potential security vulnerabilities in your Azure resources.
- Security controls help you implement a set of security recommendations. After you remediate all of the recommendations, it will reflect in your overall security score.
- To help in complying with the security requirement of your organization, you can define a security policy in your workloads.
- You can quickly investigate the problem and recommendations on how to remediate an attack using security alerts.
- Microsoft Defender for Cloud just-in-time (JIT) enables you to lock down inbound traffic to your Azure virtual machines.
- With Standard Tier, you are charged
- Per hour for VMs, app services, SQL database
- Per transactions for storage and IoT messages
- Per month for IoT devices
- Per image for ACR
- Per vCore/hour for AKS
Microsoft Defender for Cloud vs Microsoft Sentinel:
Azure Security Expert Series: