Microsoft Defender for Cloud
By Microsoft
Microsoft's CNAPP, native to Azure and extended to AWS and Google Cloud through connectors. Foundational posture recommendations are free for Azure customers; paid Defender plans add agentless workload scanning, attack path analysis, DevOps/IaC scanning, and runtime protection for servers, containers, and databases, priced per resource.
Verified Source: 1
- Product type
- Software
- Deployment
- SaaSAgent
- Organization size
- SMBMid-marketEnterprise
- Pricing tier
- Freemium
How Microsoft Defender for Cloud measures up against the full Cloud-Native Application Protection / Posture Management taxonomy.
- Misconfiguration detection (CSPM) — supported
- Flags cloud configuration drift against benchmarks like CIS and provider best practices.
- Agentless workload scanning — supported
- Scans workloads via cloud provider APIs or snapshots without deploying agents.
- Cloud entitlement management (CIEM) — not supported
- Identifies excessive or unused permissions across cloud identities.
- Attack path analysis — supported
- Correlates findings across identity, network, and data exposure to surface exploitable attack paths.
- Infrastructure-as-code scanning — supported
- Catches misconfigurations in Terraform and CloudFormation before they're deployed.
- Vulnerability prioritization — supported
- Finds and ranks OS and package CVEs across cloud workloads by real-world exploitability.
- Compliance benchmark mapping — supported
- Continuously maps posture to frameworks like CIS, SOC 2, and PCI.
Alternatives
Other Cloud-Native Application Protection / Posture Management tools with overlapping capabilities, sized for similar teams.
Appears in stacks
Real-world stacks that include Microsoft Defender for Cloud.