You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/release-notes.md
+20-3Lines changed: 20 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
title: Release notes for Microsoft Defender for Cloud
3
3
description: A description of what's new and changed in Microsoft Defender for Cloud
4
4
ms.topic: reference
5
-
ms.date: 02/22/2022
5
+
ms.date: 02/28/2022
6
6
---
7
7
# What's new in Microsoft Defender for Cloud?
8
8
@@ -23,25 +23,42 @@ Updates in February include:
23
23
24
24
-[Kubernetes workload protection for Arc enabled K8s clusters](#kubernetes-workload-protection-for-arc-enabled-k8s-clusters)
25
25
-[Native CSPM for GCP and threat protection for GCP compute instances](#native-cspm-for-gcp-and-threat-protection-for-gcp-compute-instances)
26
+
-[Microsoft Defender for Cosmos DB plan released for preview](#microsoft-defender-for-cosmos-db-plan-released-for-preview)
26
27
27
28
### Kubernetes workload protection for Arc enabled K8s clusters
28
29
29
-
Defender for Containers for Kubernetes workloads previously only protected AKS. We have now extended the protective coverage to include Azure Arc enabled Kubernetes clusters.
30
+
Defender for Containers for Kubernetes workloads previously only protected AKS. We've now extended the protective coverage to include Azure Arc enabled Kubernetes clusters.
30
31
31
32
Learn how to [set up your Kubernetes workload protection](kubernetes-workload-protections.md#set-up-your-workload-protection) for AKS and Azure Arc enabled Kubernetes clusters.
32
33
33
34
### Native CSPM for GCP and threat protection for GCP compute instances
34
35
35
36
The new automated onboarding of GCP environments allows you to protect GCP workloads with Microsoft Defender for Cloud. Defender for Cloud protects your resources with the following plans:
36
37
37
-
-**Defender for Cloud's CSPM** features extend to your GCP resources. This agentless plan assesses your GCP resources according to the GCP-specific security recommendations which are provided with Defender for Cloud. GCP recommendations are included in your secure score, and the resources will be assessed for compliance with the built-in GCP CIS standard. Defender for Cloud's asset inventory page is a multi-cloud enabled feature helping you manage your resources across Azure, AWS, and GCP.
38
+
-**Defender for Cloud's CSPM** features extend to your GCP resources. This agentless plan assesses your GCP resources according to the GCP-specific security recommendations, which are provided with Defender for Cloud. GCP recommendations are included in your secure score, and the resources will be assessed for compliance with the built-in GCP CIS standard. Defender for Cloud's asset inventory page is a multi-cloud enabled feature helping you manage your resources across Azure, AWS, and GCP.
38
39
39
40
-**Microsoft Defender for servers** brings threat detection and advanced defenses to your GCP compute instances. This plan includes the integrated license for Microsoft Defender for Endpoint, vulnerability assessment scanning, and more.
40
41
41
42
For a full list of available features, see [Supported features for virtual machines and servers](supported-machines-endpoint-solutions-clouds.md). Automatic onboarding capabilities will allow you to easily connect any existing, and new compute instances discovered in your environment.
42
43
43
44
Learn how to protect, and [connect your GCP projects](quickstart-onboard-gcp.md) with Microsoft Defender for Cloud.
44
45
46
+
### Microsoft Defender for Cosmos DB plan released for preview
47
+
48
+
We have extended Microsoft Defender for Cloud’s database coverage. You can now enable protection for your Cosmos DB databases.
49
+
50
+
Microsoft Defender for Cosmos DB is an Azure-native layer of security that detects any attempt to exploit databases in your Azure Cosmos DB accounts. Microsoft Defender for Cosmos DB detects potential SQL injections, known bad actors based on Microsoft Threat Intelligence, suspicious access patterns, and potential exploitation of your database through compromised identities, or malicious insiders.
51
+
52
+
It continuously analyzes the customer data stream generated by the Azure Cosmos DB services.
53
+
54
+
When potentially malicious activities are detected, security alerts are generated. These alerts are displayed in Microsoft Defender for Cloud together with the details of the suspicious activity along with the relevant investigation steps, remediation actions, and security recommendations.
55
+
56
+
There's no impact on database performance when enabling the service, because Defender for Cosmos DB doesn't access the Azure Cosmos DB account data.
57
+
58
+
Learn more at [Introduction to Microsoft Defender for Cosmos DB](concept-defender-for-cosmos.md).
59
+
60
+
We're also introducing a new enablement experience for database security. You can now enable Microsoft Defender for Cloud protection on your subscription to protect all database types, such as, Cosmos DB, Azure SQL Database, Azure SQL servers on machines, and OSS RDBs through one enablement process. Specific resource types can be included, or excluded by configuring your plan.
0 commit comments