Merge pull request #276035 from dcurwin/gi-122631-easm-may22-2024

prmerger-automator[bot] · web-flow · commit 786ac431ff9a · 2024-05-22T16:09:32.000Z
EASM in CSPM
diff --git a/articles/defender-for-cloud/concept-cloud-security-posture-management.md b/articles/defender-for-cloud/concept-cloud-security-posture-management.md
@@ -48,7 +48,7 @@ The following table summarizes each plan and their cloud availability.
 | [Code-to-cloud mapping for IaC](iac-template-mapping.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure DevOps |
 | [PR annotations](review-pull-request-annotations.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | GitHub, Azure DevOps |
 | Internet exposure analysis | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
-| [External attack surface management (EASM)](concept-easm.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
+| [External attack surface management (EASM)](concept-easm.md) (for details see [Defender CSPM integration](concept-easm.md#defender-cspm-integration)) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
 | [Permissions Management (CIEM)](enable-permissions-management.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
 | [Regulatory compliance assessments](concept-regulatory-compliance-standards.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
 | [ServiceNow Integration](integration-servicenow.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
diff --git a/articles/defender-for-cloud/concept-easm.md b/articles/defender-for-cloud/concept-easm.md
@@ -1,5 +1,5 @@
 ---
-title: Microsoft Defender for Cloud integration with Defender External attack surface management (EASM)
+title: Microsoft Defender for Cloud integration with Defender External Attack Surface Management (EASM)
 description: Learn about Defender for Cloud integration with Defender External attack surface management (EASM)
 ms.topic: conceptual
 ms.date: 03/05/2023
@@ -22,6 +22,10 @@ Defender EASM applies Microsoft’s crawling technology to discover assets that
 
 EASM collects data for publicly exposed assets (“outside-in”). Defender for Cloud CSPM (“inside-out”) can use that data to assist with internet-exposure validation and discovery capabilities, to provide better visibility to customers.
 
+## Defender CSPM integration
+
+While [Defender CSPM](concept-cloud-security-posture-management.md) includes some external attack surface management capabilities, it doesn't include the full EASM solution. Instead, it provides detection of internet accessible assets via Defender for Cloud recommendations and attack paths.
+
 ## Next steps
 
 - Learn about [cloud security explorer and attack paths](concept-attack-path.md) in Defender for Cloud.
