Now generally available: Serverless posture coverage in Microsoft Defender CSPM
Serverless workloads are vital for modern applications, enabling rapid development and scalable operations. These include functions, app services, containers, and event-driven systems, becoming increasingly crucial for AI applications. However, serverless architectures introduce new challenges in visibility and security posture management. While cloud providers handle infrastructure, organizations remain responsible for securing their applications, code, and configurations. Microsoft Defender Cloud Security Posture Management (Defender CSPM) now offers enhanced serverless container posture capabilities. This expands agentless posture coverage to supported serverless containers, applications, and functions across Azure and AWS. Security teams can now discover serverless workloads as distinct assets in a unified inventory. They can assess vulnerabilities, dependencies, and risky configurations specific to these workloads. The system surfaces exposure, identity, and permission contexts to prioritize attack paths. Risk is prioritized using security graph context and attack path analysis. Findings are presented as severity-ranked recommendations within Defender for Cloud. This holistic approach helps organizations manage risk effectively across their dynamic, event-driven cloud environments.