Microsoft Security has unveiled new multicloud capabilities, including extending Microsoft Defender for Cloud to the Google Cloud Platform (GCP).

Vasu Jakkal is Microsoft’s corporate vice president of security, compliance, identity and management. She announced the new capabilities in a blog.

Microsoft’s Vasu Jakkal

“Cloud, mobile and edge platforms have driven unprecedented business innovation, adaptation and resilience during this time,” she said. “But this broad mix of technologies also introduces incredible complexity for security and compliance teams. The security operations center (SOC) must keep pace with safeguarding identities, devices, data, apps, infrastructure and more. Further, they must take stock of evolving cyber risks in this multicloud, multi-platform world, and identify where blind spots may exist across a broad new set of users, devices, and destinations.”

Microsoft‘s mission is anticipating these needs, “slashing security complexity, and protecting organizations across their entire digital estate,” Jakkal said. It’s doing this by making multicloud support central to its security strategy.

“We’re announcing new advances to help customers strengthen visibility and control across multiple cloud providers, workloads, devices and digital identities, all from a centralized management view,” she said. “These new features and offerings are designed to secure the foundations of hybrid work and digital transformation.”

Multicloud Protection for Top Platforms

Microsoft offers native multicloud protection for Microsoft Azure, Amazon Web Services (AWS) and now GCP. Microsoft Defender for Cloud provides cloud security management and cloud workload protection.

“Support for GCP comes with out-of-box recommendations that allow you to configure GCP environments in line with key security standards like the Center for Internet Security (CIS) benchmark, protection for critical workloads running on GCP, including servers, containers and more, Jakkal said.

In addition, Microsoft announced the public preview of CloudKnox Permissions Management. CloudKnox provides complete visibility into user and workload identities across clouds. Its automated features enforce least privilege access and use machine learning (ML)-powered monitoring to detect and remediate suspicious activities.

Microsoft also unveiled updates across its portfolio for better protection. The updates include secure workload identities with Azure Active Directory (Azure AD), and secure payment processing in the cloud with Azure Payment HSM.

“We’re extending Azure AD beyond its core capabilities of protecting user identities to now also safeguarding workload identities for apps and services, as customers move more workloads into the cloud, and develop more cloud-native applications,” Jakkal said. “We announced conditional access for workload identities last November, and now identity protection can also be applied to workload identities.”

Microsoft recently launched Azure Payment HSM in public preview to securely process payments in the cloud.

“It provides the highest levels of protection for cryptographic keys and customer PINs for secure payment transactions,” Jakkal said.