Not a user yet?
Log in Register for free Suggest a product
Update

Updated Helm installation for Defender for Containers sensor

Defender for CloudDefender for Cloud
Microsoft

May 2026

Updated Helm installation for Defender for Containers sensor
May 6, 2026
Defender for Containers sensor installation using Helm now uses direct Helm chart deployment instead of installation scripts. The updated flow includes environment-specific Helm commands for AKS, EKS, and GKE clusters.

General availability of individual recommendations for Defender for Cloud in Azure portal and deprecation of legacy grouped recommendations
May 5, 2026

Individual recommendations for Defender for Cloud that were previously represented as grouped recommendations are now generally available (GA) in Azure portal.

Azure portal secure score behavior

The classic secure score in the Azure portal is also affected by these individual recommendations. However, you should not expect a material change in their overall score, as the individual recommendations replace their previously grouped equivalents and are designed to keep the score functionally stable.

Deprecation notice: Legacy grouped recommendations

Grouped recommendation types are deprecated from the Azure portal and will be removed on July 30, 2026. These recommendations are currently tagged as Set for deprecation.

Daily score calculation enhancement for risk-based Cloud secure score
May 5, 2026
We've improved how daily Cloud secure score values are calculated to more accurately reflect your posture and the impact of actions taken throughout the day.

Daily scores represent end-of-day snapshots instead of averaged values over the course of the day, providing a more consistent and precise view of the score at each point in time. This helps you better understand score changes and correlate them with changes introduced during the day.

Historical values have been recalculated to align with this definition, so you may notice slight differences when comparing trends across this period.

General availability of Defender for Cloud integration into the Defender portal
May 5, 2026
Microsoft Defender for Cloud is now integrated into the Microsoft Defender portal, unifying cloud security posture management and threat protection in a single experience. This integration provides a centralized view across hybrid and multicloud environments, including Azure, AWS, and GCP.

Key capabilities include:

  • A unified cloud security dashboard with posture insights, risk-based prioritization, and progress tracking
  • A centralized cloud asset inventory with enriched risk, health, and coverage data
  • Integrated posture management through Microsoft Security Exposure Management (MSEM), including secure score, recommendations, attack paths, and vulnerabilities
  • A risk-based Cloud secure score for more accurate assessment and prioritization including improved daily secure score calculations - available only in the Defender portal
  • A new recommendation model with individual findings for improved prioritization and governance (These individual recommendations might impact risk‑based Cloud secure score calculations, as they now contribute to the score based on their granular, context‑aware findings, rather than as part of a grouped recommendation.)

Note
Cloud scopes is still in preview.
This integration enables security teams to monitor, prioritize, and respond to risks across their entire environment from a single location.

General availability of Microsoft Defender for Cloud and GitHub Advanced Security integration
May 3, 2026
The native integration between Microsoft Defender for Cloud and GitHub Advanced Security (GHAS) is now generally available. This integration connects runtime security signals from Defender for Cloud with code-level vulnerability management in GHAS, enabling developers and security teams to prioritize and remediate vulnerabilities based on actual production risk.

Key capabilities:

  • Runtime context in GitHub - GHAS alerts are enriched with runtime risk factors from Defender for Cloud, including internet exposure, sensitive data access, and lateral movement potential.
  • AI-powered remediation - GitHub Copilot Autofix provides validated, ready-to-merge security fixes with multi-fix bundling for efficiency.
  • Security campaigns - Security teams can trigger targeted GitHub Security Campaigns from Defender for Cloud to mobilize developer teams on prioritized vulnerabilities.
  • Bidirectional sync - GitHub issue status and ownership changes sync to Defender for Cloud within minutes.
    Prerequisites:
  • Defender Cloud Security Posture Management (DCSPM) plan
  • GitHub account with connector configured in Defender for Cloud
  • GitHub Advanced Security license on connected repositories
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Banner Logitech