주요 콘텐츠로 건너뛰기

Determine Multicloud Dependencies

Implementation Effort: Medium — Requires IT and Security teams to onboard AWS and GCP environments, configure connectors, and enable appropriate Defender plans.

User Impact: Low — Multicloud protection is implemented at the infrastructure level; no direct user interaction is required.

Overview

When planning multicloud protection using Microsoft Defender for Storage (as part of Defender for Cloud), it's essential to identify dependencies across cloud platforms like Azure, AWS, and GCP. Defender for Cloud provides Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) capabilities to secure storage and compute workloads across these environments.

To enable multicloud protection, organizations must:

  • Onboard AWS and GCP accounts using native connectors.
  • Enable relevant Defender plans (e.g., Defender for Servers, Defender for Containers, Defender for SQL).
  • Understand extension requirements such as Azure Arc, Microsoft Defender for Endpoint, and agentless scanning.

This setup ensures visibility into storage-related risks, misconfigurations, and threats across all cloud platforms. If these dependencies are not addressed, organizations risk blind spots in their security posture, especially in non-Azure environments.

This capability supports the Zero Trust principle of "Assume Breach" by ensuring consistent threat detection and posture management across all cloud environments.

Reference