Defender for Cloud

Microsoft Defender for Cloud is Microsoft's Cloud-Native Application Protection Platform (CNAPP) — covering security posture management and workload protection across Azure, AWS, and GCP. It bundles Cloud Security Posture Management (CSPM) for configuration assessment against regulatory benchmarks, Cloud Workload Protection for runtime defence of VMs, containers, databases, storage, AI services, and DevSecOps for code-to-cloud security. Signals flow into Microsoft Defender XDR alongside endpoint, identity, and email signals. Different from Defender for Cloud Apps (CASB for SaaS) — same brand, different scope. Licensed per resource per hour by workload type.