Merge pull request #274492 from ElazarK/wi252753-permission-management-ciem

added CIEM

Author: v-ccolin

articles/defender-for-cloud/TOC.yml

@@ -211,7 +211,7 @@
         href: concept-easm.md
       - name: Critical assets protection
         href: critical-assets-protection.md
-      - name: Permissions management
+      - name: Permissions management (CIEM)
         displayName: permissions, management, role-based access control, RBAC, azure, azure ad, active directory
         href: permissions-management.md
       - name: Agentless machine scanning
@@ -322,7 +322,7 @@
         - name: Integrate security solutions
           displayName: security, solutions, integrate, integrated, data sources
           href: partner-integration.md
-        - name: Enable permissions management
+        - name: Enable permissions management (CIEM)
           displayName: permissions, management, role-based access control, RBAC, azure, azure ad, active directory
           href: enable-permissions-management.md
     - name: AI security posture

articles/defender-for-cloud/concept-cloud-security-posture-management.md

@@ -2,7 +2,7 @@
 title: Cloud Security Posture Management (CSPM)
 description: Learn more about Cloud Security Posture Management (CSPM) in Microsoft Defender for Cloud and how it helps improve your security posture.
 ms.topic: concept-article
-ms.date: 05/06/2024
+ms.date: 05/07/2024
 #customer intent: As a reader, I want to understand the concept of Cloud Security Posture Management (CSPM) in Microsoft Defender for Cloud.
 ---
 

articles/defender-for-cloud/enable-permissions-management.md

@@ -1,11 +1,11 @@
 ---
-title: Enable permissions management
+title: Enable permissions management (CIEM)
 author: Elazark
 ms.author: elkrieger
 description: Learn how to enable permissions management for better access control and security in your cloud infrastructure.
 ms.topic: how-to
-ms.date: 03/10/2024
-#customer intent: As a cloud administrator, I want to learn how to enable permissions management in order to effectively manage user access and entitlements in my cloud infrastructure.
+ms.date: 05/07/2024
+#customer intent: As a cloud administrator, I want to learn how to enable permissions (CIEM) in order to effectively manage user access and entitlements in my cloud infrastructure.
 ---
 
 # Enable permissions management (CIEM)
@@ -50,6 +50,14 @@ When Permission Management (CIEM) is disabled, the CIEM recommendations within t
 
 The applicable permissions management (CIEM) recommendations appear on your subscription within a few hours.
 
+List of Azure recommendations:
+
+- Azure overprovisioned identities should have only the necessary permissions
+
+- Unused identities in your Azure environment should be revoked/removed
+
+- Super identities in your Azure environment should be revoked/removed
+
 ## Enable permissions management (CIEM) for AWS
 
 When you enabled the Defender CSPM plan on your AWS account, the **AWS CSPM** [standard is automatically assigned to your subscription](concept-regulatory-compliance-standards.md). The AWS CSPM standard provides Cloud Infrastructure Entitlement Management (CIEM) recommendations. 
@@ -87,13 +95,17 @@ When Permission Management is disabled, the CIEM recommendations within the AWS
 
 The applicable permissions management (CIEM) recommendations appear on your subscription within a few hours.
 
+List of AWS recommendations:
+
+- AWS overprovisioned identities should have only the necessary permissions
+
+- Unused identities in your Azure environment should be revoked/removed
+
 ## Enable permissions management (CIEM) for GCP
 
 When you enabled the Defender CSPM plan on your GCP project, the **GCP CSPM** [standard is automatically assigned to your subscription](concept-regulatory-compliance-standards.md). The GCP CSPM standard provides Cloud Infrastructure Entitlement Management (CIEM) recommendations. 
 
-When Permission Management is disabled, the CIEM recommendations within the GCP CSPM standard won’t be calculated.
-
-**To enable permissions management** **(CIEM)** **for GCP**:
+When Permission Management (CIEM) is disabled, the CIEM recommendations within the GCP CSPM standard won’t be calculated.
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 
@@ -129,6 +141,14 @@ When Permission Management is disabled, the CIEM recommendations within the GCP
 
 The applicable permissions management **(CIEM)** recommendations appear on your subscription within a few hours.
 
+List of GCP recommendations:
+
+- GCP overprovisioned identities should have only necessary permissions
+
+- Unused identities in your GCP environment should be revoked/removed
+
+- Super identities in your GCP environment should be revoked/removed
+
 ## Next step
 
 > [!div class="nextstepaction"]

articles/defender-for-cloud/permissions-management.md

@@ -1,6 +1,6 @@
 ---
-title: Permissions management
-description: Learn about permissions management in Microsoft Defender for Cloud and enhance the security of your cloud infrastructure.
+title: Permissions management (CIEM)
+description: Learn about permissions (CIEM) in Microsoft Defender for Cloud and enhance the security of your cloud infrastructure.
 ms.topic: concept-article
 author: Elazark
 ms.author: elkrieger
@@ -10,9 +10,9 @@ ms.date: 03/07/2024
 
 # Permissions management (CIEM)
 
-Microsoft Defender for Cloud's integration with Microsoft [Microsoft Entra Permissions Management (CIEM)](/entra/permissions-management/overview) provides a Cloud Infrastructure Entitlement Management (CIEM) security model that helps organizations manage and control user access and entitlements in their cloud infrastructure. CIEM is a critical component of the Cloud Native Application Protection Platform (CNAPP) solution that provides visibility into who or what has access to specific resources. It ensures that access rights adhere to the principle of least privilege (PoLP), where users or workload identities, such as apps and services, receive only the minimum levels of access necessary to perform their tasks. CIEM also helps organizations to monitor and manage permissions across multiple cloud environments, including Azure, AWS, and GCP.
+Microsoft Defender for Cloud's integration with Microsoft [Microsoft Entra Permissions Management](/entra/permissions-management/overview) provides a Cloud Infrastructure Entitlement Management (CIEM) security model that helps organizations manage and control user access and entitlements in their cloud infrastructure. CIEM is a critical component of the Cloud Native Application Protection Platform (CNAPP) solution that provides visibility into who or what has access to specific resources. It ensures that access rights adhere to the principle of least privilege (PoLP), where users or workload identities, such as apps and services, receive only the minimum levels of access necessary to perform their tasks. CIEM also helps organizations to monitor and manage permissions across multiple cloud environments, including Azure, AWS, and GCP.
 
-Integrating Entra Permissions Management (CIEM) with Defender for Cloud (CNAPP) strengthens cloud security by preventing security breaches caused by excessive permissions or misconfigurations. Permissions management (CIEM) continuously monitors and manages cloud entitlements, helping to discover attack surfaces, detect threats, right-size access permissions, and maintain compliance. This integration enhances the capabilities of Defender for Cloud in securing cloud-native applications and protecting sensitive data.
+Integrating Entra Permissions Management with Defender for Cloud (CNAPP) strengthens cloud security by preventing security breaches caused by excessive permissions or misconfigurations. Permissions management continuously monitors and manages cloud entitlements, helping to discover attack surfaces, detect threats, right-size access permissions, and maintain compliance. This integration enhances the capabilities of Defender for Cloud in securing cloud-native applications and protecting sensitive data.
 
 This integration brings the following insights derived from the Microsoft Entra Permissions Management suite into the Microsoft Defender for Cloud portal. For more information, see the [feature matrix](#feature-matrix).