Securing Azure with Microsoft Defender

When to Use

• When deploying cloud workload protection across Azure subscriptions and resource groups
• When establishing a Secure Score baseline and prioritizing security recommendations
• When extending threat protection to multi-cloud environments including AWS and GCP
• When enabling container security for AKS clusters and Azure Container Registry
• When integrating AI workload security with the Data and AI security dashboard

Do not use for AWS-only environments (see implementing-aws-security-hub), for identity provider configuration (see managing-cloud-identity-with-okta), or for network-level firewall rule management (see implementing-cloud-waf-rules).

Prerequisites

• Azure subscription with Security Admin or Contributor role
• Azure Policy initiative for Defender for Cloud enabled at the management group level
• Log Analytics workspace provisioned for security data collection
• Microsoft Defender for Cloud plans licensed (P1 or P2 for server protection)