Skip to content

Commit 82c408d

Browse files
Merge pull request #275835 from dcurwin/wi-255374-agentless-malware-may21-2024
Agentless malware detection GA
2 parents 238122d + 1be3e7c commit 82c408d

File tree

1 file changed

+14
-4
lines changed

1 file changed

+14
-4
lines changed

articles/defender-for-cloud/release-notes.md

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,13 +24,23 @@ If you're looking for items older than six months, you can find them in the [Arc
2424

2525
|Date | Update |
2626
|--|--|
27+
| May 30 | [General availability of agentless malware detection in Defender for Servers Plan 2](#general-availability-of-agentless-malware-detection-in-defender-for-servers-plan-2) |
2728
| May 30 | [General Availability of Unified Disk Encryption recommendations](#general-availability-of-unified-disk-encryption-recommendations) |
2829
| May 28 | [Remediate security baseline recommendation](#remediate-security-baseline-recommendation) |
2930
| May 22 | [Configure email notifications for attack paths](#configure-email-notifications-for-attack-paths) |
3031
| May 9 | [Checkov integration for IaC scanning in Defender for Cloud (Preview)](#checkov-integration-for-iac-scanning-in-defender-for-cloud-preview) |
3132
| May 2 | [Updated security policy management is now generally available](#updated-security-policy-management-is-now-generally-available) |
3233
| May 1 | [Defender for open-source databases is now available on AWS for Amazon instances (Preview)](#defender-for-open-source-databases-is-now-available-on-aws-for-amazon-instances-preview) |
3334

35+
### General availability of agentless malware detection in Defender for Servers Plan 2
36+
37+
May 30, 2024
38+
39+
We're announcing the release of Defender for Cloud's agentless malware detection for Azure virtual machines (VMs), AWS EC2 instances, and GCP VM instances, as a new feature included in [Defender for Servers Plan 2](plan-defender-for-servers-select-plan.md#plan-features).
40+
41+
Agentless malware detection for VMs is now included in our agentless scanning platform. Agentless malware detection utilizes [Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows) anti-malware engine to scan and detect malicious files. Any detected threats, trigger security alerts directly into Defender for Cloud and Defender XDR, where they can be investigated and remediated. The Agentless malware scanner complements the agent-based coverage with a second layer of threat detection with frictionless onboarding and has no effect on your machine's performance.
42+
43+
Learn more about [agentless malware scanning](agentless-malware-scanning.md) for servers and [agentless scanning for VMs](concept-agentless-data-collection.md).
3444

3545
### General Availability of Unified Disk Encryption recommendations
3646

@@ -43,9 +53,9 @@ The following Unified Disk Encryption recommendations are now generally availabl
4353
| [Linux virtual machines should enable Azure Disk Encryption or EncryptionAtHost](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/a40cc620-e72c-fdf4-c554-c6ca2cd705c0) | a40cc620-e72c-fdf4-c554-c6ca2cd705c0 |
4454
| [Windows virtual machines should enable Azure Disk Encryption or EncryptionAtHost](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/0cb5f317-a94b-6b80-7212-13a9cc8826af) | 0cb5f317-a94b-6b80-7212-13a9cc8826af |
4555

46-
Azure Disk Encryption (ADE) and EncryptionAtHost provide encryption at rest coverage, as described in [Overview of managed disk encryption options - Azure Virtual Machines](/azure/virtual-machines/disk-encryption-overview), and we recommend enabling either of these on virtual machines.
56+
Azure Disk Encryption (ADE) and EncryptionAtHost provide encryption at rest coverage, as described in [Overview of managed disk encryption options - Azure Virtual Machines](/azure/virtual-machines/disk-encryption-overview), and we recommend enabling either of these on virtual machines.
4757

48-
The recommendations depend on [Guest configuration](/azure/governance/machine-configuration/overview). The recommendations in this document are dependent on the configuration of the guest operating system. To ensure that the recommendations can be properly assessed for compliance, it is necessary to enable the required prerequisites on all virtual machines.
58+
The recommendations depend on [Guest configuration](/azure/governance/machine-configuration/overview). The recommendations in this document are dependent on the configuration of the guest operating system. To ensure that the recommendations can be properly assessed for compliance, it is necessary to enable the required prerequisites on all virtual machines.
4959

5060
These recommendations replace the recommendation [Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources](https://portal.azure.com/#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/d57a4221-a804-52ca-3dea-768284f06bb7).
5161

@@ -59,7 +69,7 @@ Microsoft Defender for Cloud enhances the Center for Internet Security (CIS) ben
5969

6070
May 22, 2024
6171

62-
You can now configure email notifications for attack paths in Defender for Cloud. This feature allows you to receive email notifications when an attack path is detected with a specified risk level or higher.
72+
You can now configure email notifications for attack paths in Defender for Cloud. This feature allows you to receive email notifications when an attack path is detected with a specified risk level or higher.
6373
Learn how to [configure email notifications](configure-email-notifications.md).
6474

6575
### Advanced hunting in Microsoft Defender XDR now includes Defender for Cloud alerts and incidents
@@ -78,7 +88,7 @@ We are announcing the public preview of the Checkov integration for DevOps secur
7888

7989
While in preview, Checkov must be explicitly invoked through the 'tools' input parameter for the MSDO CLI.
8090

81-
Learn more about [DevOps security in Defender for Cloud](defender-for-devops-introduction.md) and configuring the MSDO CLI for [Azure DevOps](azure-devops-extension.yml) and [GitHub](github-action.md).
91+
Learn more about [DevOps security in Defender for Cloud](defender-for-devops-introduction.md) and configuring the MSDO CLI for [Azure DevOps](azure-devops-extension.yml) and [GitHub](github-action.md).
8292

8393
### General availability of permissions management in Defender for Cloud
8494

0 commit comments

Comments
 (0)