You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/tutorial-enable-cspm-plan.md
+5-3Lines changed: 5 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,6 @@
1
1
---
2
2
title: Protect your resources with Defender CSPM plan on your subscription
3
-
description: Learn how to enable Defender CSPM on your Azure subscription for Microsoft Defender for Cloud.
3
+
description: Learn how to enable Defender CSPM on your Azure subscription for Microsoft Defender for Cloud and enhance your security posture.
4
4
ms.topic: install-set-up-deploy
5
5
ms.date: 09/05/2023
6
6
---
@@ -11,7 +11,7 @@ Defender Cloud Security Posture Management (CSPM) in Microsoft Defender for Clou
11
11
12
12
Defender for Cloud continually assesses your resources, subscriptions, and organization for security issues. Defender for Cloud shows you your security posture with the secure score. The secure score is an aggregated score of the security findings that tells you your current security situation. The higher the score, the lower the identified risk level.
13
13
14
-
When you enable Defender for Cloud, you automatically enable the **Foundational CSPM capabilities**. these capabilities are part of the free services offered by Defender for Cloud.
14
+
When you enable Defender for Cloud, you automatically enable the **Foundational CSPM capabilities**. These capabilities are part of the free services offered by Defender for Cloud.
15
15
16
16
You have the ability to enable the **Defender CSPM** plan, which offers extra protections for your environments such as governance, regulatory compliance, cloud security explorer, attack path analysis and agentless scanning for machines.
17
17
@@ -58,10 +58,12 @@ Once the Defender CSPM plan is enabled on your subscription, you have the abilit
58
58
59
59
-**Agentless discovery for Kubernetes**: API-based discovery of information about Kubernetes cluster architecture, workload objects, and setup. Required for Kubernetes inventory, identity and network exposure detection, risk hunting as part of the cloud security explorer. This extension is required for attack path analysis (Defender CSPM only).
60
60
61
-
-**Container registries vulnerability assessments**: Provides vulnerability management for images stored in your container registries.
61
+
-**Agentless container vulnerability assessments**: Provides vulnerability management for images stored in your container registries.
62
62
63
63
-**Sensitive data discovery**: Sensitive data discovery automatically discovers managed cloud data resources containing sensitive data at scale. This feature accesses your data, it is agentless, uses smart sampling scanning, and integrates with Microsoft Purview sensitive information types and labels.
64
64
65
+
-**Permissions Management (Preview)** - Insights into Cloud Infrastructure Entitlement Management (CIEM). CIEM ensures appropriate and secure identities and access rights in cloud environments. It helps understand access permissions to cloud resources and associated risks. Setup and data collection may take up to 24 hours.
66
+
65
67
**To enable the components of the Defender CSPM plan**:
66
68
67
69
1. On the Defender plans page, select **Settings**.
0 commit comments