added CIEM

Author: ElazarK

articles/defender-for-cloud/TOC.yml

@@ -211,7 +211,7 @@
         href: concept-easm.md
       - name: Critical assets protection
         href: critical-assets-protection.md
-      - name: Permissions management
+      - name: Permissions management (CIEM)
         displayName: permissions, management, role-based access control, RBAC, azure, azure ad, active directory
         href: permissions-management.md
       - name: Agentless machine scanning
@@ -322,7 +322,7 @@
         - name: Integrate security solutions
           displayName: security, solutions, integrate, integrated, data sources
           href: partner-integration.md
-        - name: Enable permissions management
+        - name: Enable permissions management (CIEM)
           displayName: permissions, management, role-based access control, RBAC, azure, azure ad, active directory
           href: enable-permissions-management.md
     - name: AI security posture

articles/defender-for-cloud/concept-cloud-security-posture-management.md

@@ -2,7 +2,7 @@
 title: Cloud Security Posture Management (CSPM)
 description: Learn more about Cloud Security Posture Management (CSPM) in Microsoft Defender for Cloud and how it helps improve your security posture.
 ms.topic: concept-article
-ms.date: 04/15/2024
+ms.date: 05/07/2024
 #customer intent: As a reader, I want to understand the concept of Cloud Security Posture Management (CSPM) in Microsoft Defender for Cloud.
 ---
 
@@ -48,7 +48,7 @@ The following table summarizes each plan and their cloud availability.
 | [Container registries vulnerability assessment](concept-agentless-containers.md), including registry scanning | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
 | [Data aware security posture](concept-data-security-posture.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
 | EASM insights in network exposure | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
-| [Permissions management (Preview)](enable-permissions-management.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
+| [Permissions management (CIEM)](enable-permissions-management.md) | - | :::image type="icon" source="./media/icons/yes-icon.png"::: | Azure, AWS, GCP |
 
 > [!NOTE]
 > Starting March 7, 2024, Defender CSPM must be enabled to have premium DevOps security capabilities that include code-to-cloud contextualization powering security explorer and attack paths and pull request annotations for Infrastructure-as-Code security findings. See DevOps security [support and prerequisites](devops-support.md) to learn more.

articles/defender-for-cloud/enable-permissions-management.md

@@ -1,11 +1,11 @@
 ---
-title: Enable permissions management
+title: Enable permissions management (CIEM)
 author: Elazark
 ms.author: elkrieger
 description: Learn how to enable permissions management for better access control and security in your cloud infrastructure.
 ms.topic: how-to
-ms.date: 03/10/2024
-#customer intent: As a cloud administrator, I want to learn how to enable permissions management in order to effectively manage user access and entitlements in my cloud infrastructure.
+ms.date: 05/07/2024
+#customer intent: As a cloud administrator, I want to learn how to enable permissions (CIEM) in order to effectively manage user access and entitlements in my cloud infrastructure.
 ---
 
 # Enable permissions management (CIEM)
@@ -91,9 +91,7 @@ The applicable permissions management (CIEM) recommendations appear on your subs
 
 When you enabled the Defender CSPM plan on your GCP project, the **GCP CSPM** [standard is automatically assigned to your subscription](concept-regulatory-compliance-standards.md). The GCP CSPM standard provides Cloud Infrastructure Entitlement Management (CIEM) recommendations. 
 
-When Permission Management is disabled, the CIEM recommendations within the GCP CSPM standard won’t be calculated.
-
-**To enable permissions management** **(CIEM)** **for GCP**:
+When Permission Management (CIEM) is disabled, the CIEM recommendations within the GCP CSPM standard won’t be calculated.
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 

articles/defender-for-cloud/permissions-management.md

@@ -1,18 +1,18 @@
 ---
-title: Permissions management
-description: Learn about permissions management in Microsoft Defender for Cloud and enhance the security of your cloud infrastructure.
+title: Permissions management (CIEM)
+description: Learn about permissions (CIEM) in Microsoft Defender for Cloud and enhance the security of your cloud infrastructure.
 ms.topic: concept-article
 author: Elazark
 ms.author: elkrieger
 ms.date: 03/07/2024
 #customer intent: As a user, I want to understand how to manage permissions effectively so that I can enhance the security of my cloud infrastructure.
 ---
 
-# Permissions management
+# Permissions management (CIEM)
 
-Microsoft Defender for Cloud's integration with Microsoft [Microsoft Entra Permissions Management (CIEM)](/entra/permissions-management/overview) provides a Cloud Infrastructure Entitlement Management (CIEM) security model that helps organizations manage and control user access and entitlements in their cloud infrastructure. CIEM is a critical component of the Cloud Native Application Protection Platform (CNAPP) solution that provides visibility into who or what has access to specific resources. It ensures that access rights adhere to the principle of least privilege (PoLP), where users or workload identities, such as apps and services, receive only the minimum levels of access necessary to perform their tasks. CIEM also helps organizations to monitor and manage permissions across multiple cloud environments, including Azure, AWS, and GCP.
+Microsoft Defender for Cloud's integration with Microsoft [Microsoft Entra Permissions Management](/entra/permissions-management/overview) provides a Cloud Infrastructure Entitlement Management (CIEM) security model that helps organizations manage and control user access and entitlements in their cloud infrastructure. CIEM is a critical component of the Cloud Native Application Protection Platform (CNAPP) solution that provides visibility into who or what has access to specific resources. It ensures that access rights adhere to the principle of least privilege (PoLP), where users or workload identities, such as apps and services, receive only the minimum levels of access necessary to perform their tasks. CIEM also helps organizations to monitor and manage permissions across multiple cloud environments, including Azure, AWS, and GCP.
 
-Integrating Entra Permissions Management (CIEM) with Defender for Cloud (CNAPP) strengthens cloud security by preventing security breaches caused by excessive permissions or misconfigurations. Permissions management continuously monitors and manages cloud entitlements, helping to discover attack surfaces, detect threats, right-size access permissions, and maintain compliance. This integration enhances the capabilities of Defender for Cloud in securing cloud-native applications and protecting sensitive data.
+Integrating Entra Permissions Management with Defender for Cloud (CNAPP) strengthens cloud security by preventing security breaches caused by excessive permissions or misconfigurations. Permissions management continuously monitors and manages cloud entitlements, helping to discover attack surfaces, detect threats, right-size access permissions, and maintain compliance. This integration enhances the capabilities of Defender for Cloud in securing cloud-native applications and protecting sensitive data.
 
 This integration brings the following insights derived from the Microsoft Entra Permissions Management suite into the Microsoft Defender for Cloud portal. For more information, see the [feature matrix](#feature-matrix).