Cloud Security Explorer Introduction
Using the cloud security explorer, you may proactively detect security vulnerabilities in your cloud environment by conducting graph-based queries against the cloud security graph, which serves as the context engine for Defender for Cloud.
Cloud Security Graph :
The cloud security graph is a graph-based context engine included in Defender for Cloud. The cloud security graph gathers information from your multi cloud environment as well as other sources. For example, the inventory of cloud assets, links and lateral movement possibilities between resources, internet exposure, permissions, network connections, vulnerabilities, and more. The gathered data is then utilized to create a graph that represents your multi cloud setup.
Benefits of Cloud Security Explorer
With the help of the cloud security explorer, you can
- Search through all of your security concerns and environment context, including asset inventory, internet exposure, permissions, lateral resource movement, and more.
- Perform proactive exploration features.
- Find security risks within your organization by running graph-based path-finding queries on top of the contextual security data that Defender for Cloud already provides, such as cloud misconfigurations, vulnerabilities, resource context, lateral movement possibilities between resources, and more.
You can leverage the default available queries or can use Cloud Security Explorer query builder to easily run graph-based queries and proactively hunt for security risks in your cloud environment
Default Query Templates
Custom Query Builder
Hope this will be informative for you. Please do share and subscribe if you found worth sharing it.