Microsoft has announced the addition of agentless malware scanning for virtual machines to its Defender for Cloud service. The feature is now available to organizations with Microsoft Defender for Servers Plan 2 subscriptions. With the latest update, Microsoft leverages the cloud providers' APIs for operating system disks and data disks associated with virtual machines, enabling strong security measures without the need for traditional agents.
Flexible and Lightweight Security Coverage
Agentless malware scanning stands out as a flexible and lightweight alternative, particularly effective for rapidly deploying in new environments, temporary workloads, or gaining initial security coverage prior to full Endpoint Detection & Response (EDR) security agent deployment. The new scanning functionality can play a crucial role in managing legacy systems and a diverse array of cloud assets, where installing traditional agents might not be feasible.
Microsoft highlights the advantages of this approach, especially for older or misconfigured virtual machine setups, as well as temporary hosted workloads that might present vulnerabilities. The introduction of agentless scanning aims to fill these potential security gaps while complementing the deep protection offered by agent-based EDR tools.
Scanning Across Cloud Platforms
The agentless scanning feature is designed to work uniformly across multiple cloud platforms, including Azure, AWS, and GCP. Microsoft Defender Antivirus service powers the detection process, utilizing a combination of signature-based scanning and heuristic methods. This enables the system to conduct daily inspections of onboarded virtual machines and promptly assess files for malicious content.
For new subscribers to Microsoft Defender for Servers Plan 2, the agentless malware scanning is automatically enabled. Existing subscribers will need to take action to activate the feature following guidance from Microsoft.
Organizations leveraging Microsoft Defender for Cloud will benefit from robust protection and receive comprehensive alerts with crucial context. These alerts are integrated with Microsoft Defender XDR, enhancing the overall security response capabilities for users.
Microsoft's move to include agentless malware scanning is part of a broad effort to improve cloud security and adapt to the growing diversity of virtual environments. As cyber threats continue to evolve, such innovations are critical in providing businesses with the tools they need to defend against a wide array of digital threats. With this latest addition to Microsoft Defender for Cloud, Microsoft strengthens its commitment to providing customers with advanced, integrated security solutions.