Quickstart: Set up Microsoft Defender for Cloud

Note

Azure Security Center and Azure Defender are now called Microsoft Defender for Cloud. We've also renamed Azure Defender plans to Microsoft Defender plans. For example, Azure Defender for Storage is now Microsoft Defender for Storage.

Learn more about the recent renaming of Microsoft security services.

Defender for Cloud provides unified security management and threat protection across your hybrid and multi-cloud workloads. While the free features offer limited security for your Azure resources only, enabling enhanced security features extends these capabilities to on-premises and other clouds. Defender for Cloud helps you find and fix security vulnerabilities, apply access and application controls to block malicious activity, detect threats using analytics and intelligence, and respond quickly when under attack. You can try the enhanced security features at no cost. To learn more, see the pricing page.

This quickstart section will walk you through all the recommended steps to enable Microsoft Defender for Cloud and the enhanced security features. When you've completed all the quickstart steps, you'll have:

Prerequisites

To get started with Defender for Cloud, you must have a subscription to Microsoft Azure. If you don't have a subscription, you can sign up for a free account.

To enable enhanced security features on a subscription, you must be assigned the role of Subscription Owner, Subscription Contributor, or Security Admin.

Enable Defender for Cloud on your Azure subscription

Tip

To enable Defender for Cloud on all subscriptions within a management group, see Enable Defender for Cloud on multiple Azure subscriptions.

  1. Sign into the Azure portal.

  2. From the portal's menu, select Defender for Cloud.

    Defender for Cloud's overview page opens.

    Defender for Cloud's overview dashboard

    Defender for Cloud – Overview provides a unified view into the security posture of your hybrid cloud workloads, helping you discover and assess the security of your workloads and to identify and mitigate risks. Learn more in Microsoft Defender for Cloud's overview page.

    Defender for Cloud automatically, at no cost, enables any of your Azure subscriptions not previously onboarded by you or another subscription user.

You can view and filter the list of subscriptions by selecting the Subscriptions menu item. Defender for Cloud will adjust the display to reflect the security posture of the selected subscriptions.

Within minutes of launching Defender for Cloud the first time, you might see:

  • Recommendations for ways to improve the security of your connected resources.
  • An inventory of your resources that are now being assessed by Defender for Cloud, along with the security posture of each.

To take full advantage of Defender for Cloud, continue with the next steps of the quickstart section.

Next steps

In this quickstart you enabled Defender for Cloud. The next step is to enable enhanced security features for unified security management and threat protection across your hybrid cloud workloads.