Note
We’ve renamed Microsoft Cloud App Security. It’s now called Microsoft Defender for Cloud Apps. In the coming weeks, we’ll update the screenshots and instructions here and in related pages. For more information about the change, see this announcement. To learn more about the recent renaming of Microsoft security services, see the Microsoft Ignite Security blog.
Microsoft Defender for Cloud Apps provides you with security configuration assessments for your Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). Recommendations cover all Azure subscriptions, AWS accounts including member accounts, and all GCP projects that are connected to your organization. This multi-cloud view of all cloud platform security configuration recommendations enables security admins to investigate all security configuration gaps in Defender for Cloud Apps.
Use the following links to get more details about the different assessment types.
- Azure recommendations: Azure best practices security recommendations consumed from Microsoft Defender for Cloud.
- AWS recommendations: Security recommendations based on the Center for Internet Security (CIS) benchmark for AWS, version 1.2.0, consumed from AWS Security Hub.
- GCP recommendations: Security recommendations based on the CIS benchmark for GCP, version 1.1.0, consumed from Google Security Command Center and Security Health Analytics.
Security recommendations report
Defender for Cloud Apps lets you export a details list of security recommendations to help you monitor, understand, and customize your cloud environments to better protect your organization.
To export a security recommendations list, perform the following steps:
- In Defender for Cloud Apps, browse to Investigate > Security configuration.
- Select the security recommendations tab for the relevant cloud.
- On the top-right of the recommendations table, click Export.