implementing-azure-defender-for-cloud
Installation
SKILL.md
Implementing Azure Defender for Cloud
When to Use
- When enabling comprehensive security monitoring across Azure subscriptions
- When implementing cloud workload protection for VMs, containers, SQL, storage, and Key Vault
- When compliance requirements demand continuous assessment against regulatory frameworks
- When building adaptive security controls that respond to detected threats
- When centralizing security findings from Azure-native and hybrid workloads
Do not use for non-Azure workload protection exclusively (use AWS Security Hub or GCP SCC), for application-level security testing (use Azure DevOps DAST/SAST), or for identity-specific protection (use Microsoft Defender for Identity).
Prerequisites
- Azure subscription with Contributor or Security Admin role
- Azure Policy enabled for compliance assessment
- Log Analytics workspace for diagnostic data collection
- Azure Arc connected machines for hybrid server protection
- Pricing tier set to Standard for Defender plans (free tier provides CSPM only)