Update to Attack Path Analysis logic

Update to Attack Path Analysis logic
November 24, 2025

Attack paths that involve lateral movement with plain text keys are generated when both the source and target resources are protected by Defender CSPM. Because of this change, you might see a reduction in the number of attack paths displayed.

To maintain comprehensive attack path analysis, ensure that all of your cloud environments have the Defender CSPM plan enabled.

Update to CSPM multicloud network requirements
November 24, 2025 Estimated date for change: December 2025

In December 2025, Defender for Cloud is adding IP addresses to its multicloud discovery services to accommodate improvements and ensure a more efficient experience for all users.

To ensure uninterrupted access from our services, your IP allowlist should be updated with the new ranges.

You should make the necessary adjustments in your firewall settings, security groups, or any other configurations that might be applicable to your environment. The list is sufficient for full capability of the CSPM foundational (free) offering.