Cloud Security, Channel partners, Content

Microsoft Azure Joins Multi-Cloud Security Posture Management (CSPM) Market

Credit: Pixelbay

Microsoft is the latest software company to introduce cloud security posture management (CSPM) software tools. The interesting twist? From within the Azure Security Center service, MSSPs and customers can address CSPM across Azure, Google Cloud Platform and Amazon Web Services (AWS) environments.

Numerous software companies offer multi-cloud CSPM capabilities. But Microsoft commitment to supporting GCP and AWS shows just how far the software and cloud company has come since the "Windows-only" mindset ended a few years ago.

Finding and Fixing Azure, AWS and Google Cloud Misconfigurations

Fast forward to current day, and the big issue facing cloud security typically involves customers and service providers misconfiguring Azure, Google Cloud and/or AWS. Indeed, 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.

Armed with CSPM tools, MSSPs and customers can discover the cloud misconfigurations and then take corrective action. Amid that simple value proposition, demand for CSPM tools appears to be strong. Indeed, 41 percent of our Top 250 MSSP survey participants in 2021 said they now offer cloud security posture management (CSPM) to their end customers, MSSP Alert research found. We consider that to be a strong figure, considering that the CSPM market is fairly new.

In Microsoft's case, the CSPM feature provides Azure Security Center users with a unified multi-cloud view that includes Google Cloud and AWS security alerts, Microsoft noted. That way, Azure Security Center users can gain insights into security vulnerabilities across their cloud environments.

Microsoft Announces Azure Security Updates

Beyond the CSPM capabilities, Microsoft also announced several Azure security updates, such as:

  • Rebranding of Azure Security Center for Internet of Things (IoT) as Azure Defender for IoT
  • Integration of CyberX's agentless capabilities into Azure Defender for IoT
  • Preview of user and entity behavior analytics (UEBA) for Azure Sentinel security information and event management (SIEM) and security orchestration, automation and response (SOAR) solution
  • Addition of a single-tenant hardware security module to Azure Key Vault storage service
  • Introduction of the Azure Security Benchmark v2, which includes National Institute of Standards and Technology SP 800-53 controls and ongoing support for Center for Internet Security control framework v7.1
  • Addition of Customer Lockbox feature for more than 20 Azure services
  • Preview of Customer Lockbox for Azure Government Cloud
  • Use of two layers of encryption Azure data at rest or in transit

Microsoft also continues to explore ways to provide Azure tools to help users remain secure and work remotely, the company said.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.