implementing-azure-defender-for-cloud

Featured

Implementing Microsoft Defender for Cloud to enable cloud security posture management, workload protection across VMs, containers, databases, and storage, configure security recommendations, and set up adaptive security controls with automated remediation.

DevOps & Infrastructure 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Azure Defender for Cloud ## When to Use - When enabling comprehensive security monitoring across Azure subscriptions - When implementing cloud workload protection for VMs, containers, SQL, storage, and Key Vault - When compliance requirements demand continuous assessment against regulatory frameworks - When building adaptive security controls that respond to detected threats - When centralizing security findings from Azure-native and hybrid workloads **Do not use** for non-Azure workload protection exclusively (use AWS Security Hub or GCP SCC), for application-level security testing (use Azure DevOps DAST/SAST), or for identity-specific protection (use Microsoft Defender for Identity). ## Prerequisites - Azure subscription with Contributor or Security Admin role - Azure Policy enabled for compliance assessment - Log Analytics workspace for diagnostic data collection - Azure Arc connected machines for hybrid server protection - Pricing tier set to Standard for Defender plans (free tier provides CSPM only) ## Workflow ### Step 1: Enable Defender for Cloud Plans Enable the appropriate Defender plans for each workload type requiring protection. ```bash # Enable Defender for Cloud CSPM (foundational posture management) az security pricing create --name CloudPosture --tier standard # Enable Defender for Servers az security pricing create --name VirtualMachines --tier standard \ --subplan P2 # Enable Defender for Containers az security pricing create --na...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Google Cloud · Cloud Azure · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Featured

securing-azure-with-microsoft-defender

This skill instructs security practitioners on deploying Microsoft Defender for Cloud as a cloud-native application protection platform for Azure, multi-cloud, and hybrid environments. It covers enabling Defender plans for servers, containers, storage, and databases, configuring security recommendations, managing Secure Score, and integrating with the unified Defender portal for centralized threat management.

12,642 Updated today
mukul975
DevOps & Infrastructure Solid

azure-defender-for-cloud

Expert knowledge for Azure Defender For Cloud development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when securing VMs/servers, AKS/containers, SQL/Storage, CI/CD/DevOps, or multi‑cloud (AWS/GCP) with Defender for Cloud, and other Azure Defender For Cloud related development tasks. Not for Azure Defender For Iot (use azure-defender-for-iot), Azure DDos Protection (use azure-ddos-protection), Azure Firewall (use azure-firewall), Azure Security (use azure-security).

562 Updated today
MicrosoftDocs
DevOps & Infrastructure Featured

detecting-cloud-threats-with-guardduty

This skill teaches security teams how to deploy and operationalize Amazon GuardDuty for continuous threat detection across AWS accounts and workloads. It covers enabling protection plans for S3, EKS, EC2 runtime monitoring, and Lambda, interpreting finding severity levels, and building automated response workflows using EventBridge and Lambda.

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

implementing-security-monitoring-with-datadog

Implements security monitoring using Datadog Cloud SIEM, Cloud Security Management (CSM), and Workload Protection to detect threats, enforce compliance, and respond to security events across cloud and hybrid infrastructure. Covers Agent deployment, log source ingestion, detection rule creation, security dashboards, and automated notification workflows. Activates for requests involving Datadog security setup, Cloud SIEM configuration, CSM threat detection, or security monitoring dashboards.

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

implementing-aws-security-hub

This skill covers deploying AWS Security Hub as a centralized cloud security posture management platform that aggregates findings from GuardDuty, Inspector, Macie, and third-party tools. It details enabling security standards like CIS AWS Foundations Benchmark, configuring automated remediation, and building executive dashboards for compliance tracking across multi-account AWS organizations.

12,642 Updated today
mukul975