Microsoft continues to extend cloud security posture management (CSPM) and other risk mitigation tools to from Azure to third-party clouds such as Amazon Web Services (AWS) and Google Cloud Platform.
The latest Microsoft multi-cloud security steps, announced today, include:
- Extending the native capabilities of Microsoft Defender for Cloud to the Google Cloud Platform (GCP); and
- offering a public preview of CloudKnox Permissions Management.
The CloudKnox preview surfaces roughly seven months after Microsoft acquired CloudKnox Security in July 2022 to bolster cloud-oriented identity and access management (IAM) capabilities.
We're double checking to see if the new offerings have multi-tenant capabilities for MSPs and MSSPs.
Cloud Infrastructure Entitlement Management (CIEM) and CSPM
CloudKnox is a cloud infrastructure entitlement management (CIEM) solution. The platform allows customers to track permissions assigned to identities (users and workloads), actions and resources across cloud infrastructures. The software detects and monitors unused and excessive permissions and enables Zero Trust security through least privilege access in Azure, AWS and GCP, Microsoft asserts.
CIEM is similar to Cloud Security Posture Management (CSPM) tools, which allow MSSPs and end-customers to monitor and properly configure public cloud workloads. Demand for CSPM solutions is surging. Among the reasons: 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.
With those risks in mind, annual CSPM spending will reach $9 billion by 2026, up from $4 billion in 2020, according to Markets and Markets. That’s a 14.4 percent compound annual growth rate.
Microsoft Multi-Cloud Security: MSSP partner Implications
Microsoft's multi-cloud security moves could potentially benefit MSPs and MSSPs -- perhaps thousands of which now monitor and manage Microsoft Azure, AWS and Google Cloud workloads on behalf of end-customers. MSSP partners seeking to protect Azure services for customers should check out the Microsoft Intelligent Security Association (MISA).
MISA is an independent ecosystem of software vendors, MSSPs and MDR (managed detection and response) service providers that have integrated their solutions to better defend partners and customers from cyberattacks, Microsoft says.