Once again this month, I’m back with my recurring series focused on the evolution of Azure management and security services, with a special focus on hybrid and multicloud scenarios enabled by Azure Arc and enhanced by the use of Artificial Intelligence.
This monthly series aims to:
-
Provide an overview of the most relevant updates released by Microsoft;
-
Share operational tips and field-proven best practices to help architects and IT leaders manage complex and distributed environments more effectively;
-
Follow the evolution towards a centralized, proactive, and AI-driven management model, in line with Microsoft’s vision of AI-powered Management.
The main areas addressed in this series, together with the corresponding tools and services, are described in this article.
Hybrid and multicloud environment management
Microsoft Sovereign Cloud: more governance, productivity, and AI—even in fully disconnected environments
Microsoft has expanded the capabilities of Microsoft Sovereign Cloud to help organizations meet digital sovereignty requirements, while still maintaining governance, productivity, and innovation in artificial intelligence—even in fully disconnected scenarios.
The update introduces the “Sovereign Private Cloud” stack, which brings together Azure Local, Microsoft 365 Local, and Foundry Local across connected environments, intermittently connected environments, and air-gapped (isolated) environments. This enables consistent policy enforcement and operational continuity while remaining within strict sovereignty boundaries.
Key updates include:
Enhancements to Foundry Local: Add support for modern infrastructure and enable local execution of large and multimodal AI models on customer-owned hardware (including partner platforms such as NVIDIA), delivering “in-boundary” inference and APIs without requiring external connections or services.
Azure Local in disconnected mode: Enables running and governing mission-critical infrastructures without cloud connectivity, ensuring control and compliance even offline.
Microsoft 365 Local in disconnected mode: Allows organizations to keep essential productivity services—such as Exchange Server, SharePoint Server, and Skype for Business Server—entirely within the customer perimeter, with no external dependencies.
Security posture across hybrid and multicloud infrastructures
Microsoft Defender for Cloud
Updated logic for CIEM recommendations in Microsoft Defender for Cloud
Microsoft Defender for Cloud is updating the logic used to calculate Cloud Infrastructure Entitlement Management (CIEM) recommendations, now available as a native capability on Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). The goal of this update is to improve recommendation accuracy, with potential impacts on results already visible in the portal.
Specifically, the identification of inactive identities is no longer based on sign-in activity, but on the presence of unused role assignments. In addition, the observation window is extended to 90 days (previously 45), and identities created within the last 90 days are excluded from the inactivity assessment. The Permissions Creep Index (PCI) metric is also being retired and will no longer appear in recommendations. CIEM onboarding is simplified by removing the need for elevated permissions that are considered high risk. Overall, this change provides a more reliable view of access-related risk and makes CIEM adoption more practical in enterprise and multicloud environments.
Alert simulation for SQL servers on machines
The SQL simulated alerts capability in Microsoft Defender for Cloud is now generally available. This update enables security teams to safely validate SQL protections, detections, and automated response workflows without introducing real risk into production environments.
Simulations generate realistic alerts, complete with SQL context and machine context (both on Azure VMs and on machines connected via Azure Arc), enabling end-to-end testing of playbooks, SOC procedures, and operational readiness levels. Alerts are produced locally through a secure script extension, with no external payloads and no impact on production resources—an approach particularly useful for periodic exercises, audits, and ongoing hardening of incident response processes.
Scanning support for Minimus and Photon OS container images
The vulnerability scanner in Microsoft Defender for Cloud, based on Microsoft Defender Vulnerability Management, expands its coverage to include Minimus and Photon OS container images as well. The goal is to identify vulnerabilities in these distributions and help teams verify that released images meet appropriate security standards, especially in CI/CD pipelines and high-churn containerized environments.
As the number of analyzed image types increases, the volume of scanning may grow and, as a result, there may be an increase in costs associated with vulnerability assessment. From an operational standpoint, extending coverage is an important step toward reducing visibility gaps in the container supply chain, especially when adopting minimalist distributions to reduce the attack surface.
Threat protection for AI agents in Foundry with Microsoft Defender for Cloud (preview)
Microsoft Defender for Cloud introduces, in Preview, a new threat protection capability for AI agents developed with Foundry, included in the Defender for AI Services plan. The protection is designed to cover the entire lifecycle—from development to runtime—with the goal of identifying and mitigating high-impact, actionable threats, aligned with OWASP guidance for Large Language Model (LLM)-based systems and agentic architectures.
With this update, Microsoft further expands AI security coverage within Defender, helping organizations protect a growing number of AI platforms and implementations while maintaining a consistent approach across application controls, posture management, and in-operation detections.
Database-level recommendations experience for SQL Vulnerability Assessment (preview)
Microsoft Defender for SQL introduces, in Preview, a new way to consume SQL Vulnerability Assessment (SQL VA) recommendations, based on per-database evaluations. The update applies to SQL VA across all supported types (both PaaS and IaaS), including classic and express configurations, and is available in both the Azure portal and the Defender portal.
In the new model, each SQL VA rule generates a distinct assessment for each impacted database, and those assessments are surfaced and managed as actual recommendations on the Defender for Cloud Recommendations page. Previously, results were aggregated at the server or instance level and presented under “umbrella” recommendations (for example, those related to remediating findings for SQL databases or for SQL servers on machines).
This new experience does not change scanning logic, rules, queries, schedules, APIs, or pricing; instead, it changes how results are consumed and managed, aligning them with Defender’s uniform recommendations model. During the preview, these new assessments do not affect the Secure Score in the Azure portal, but they do contribute to the Secure Score in the Defender portal, while the aggregated server-level experience remains available in parallel.
Binary drift with blocking support (preview)
The binary drift capability evolves and, in Preview, enables not only detection of unauthorized changes, but also blocking them. In practice, you can configure policies that prevent binaries from executing inside containers when they appear tampered with or show unexpected modifications compared to the expected image.
This type of enforcement adds a particularly effective layer of protection against runtime and post-deployment compromise techniques, helping contain incidents that stem from filesystem alterations inside the container or the insertion of unauthorized components. For teams managing container workloads at scale, the shift from “detect” to “detect + prevent” represents a tangible move toward more proactive controls.
Runtime anti-malware for containers: detection and blocking (preview)
Microsoft Defender for Cloud introduces, in Preview, runtime anti-malware detection and prevention for containerized workloads, supporting Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), and Google Kubernetes Engine (GKE).
The capability operates in real time and allows defining anti-malware rules that set conditions for generating alerts and, when appropriate, blocking malware—strengthening cluster protection without relying exclusively on upstream controls (such as image scanning). Rule-based configuration also helps reduce false positives, balancing security and operations, especially in multicloud scenarios where policy consistency and response actions are often key requirements for security and platform engineering teams.
Backup & Resilience
Azure Backup
Vault-based backup for Azure Disks (preview)
With Azure Disk Backup, data is currently protected through regular crash-consistent snapshots of Azure disks, stored within the subscription and tenant in a resource group known as the Operational Tier of Azure Backup. This approach enables fast “operational” restores for common scenarios such as accidental deletions or data corruption, and it is often paired with Azure VM Backup, which provides application-aware protection for virtual machines.
In line with backup best practices (the 3-2-1 strategy), Microsoft introduces Vault Tier backups in Private Preview, extending disk-level protection with vault isolation (offsite), independent access controls, and immutability—key elements for improving resilience against ransomware and tenant-level compromises, and for aligning disk backup security with a cyber-recovery posture comparable to what is already adopted for VM backups.
The preview enables two core capabilities: Vault Tier Backup, to retain isolated copies in the vault to meet compliance and resilience requirements; and Regional Disaster Recovery, which allows restoring disk backups to an Azure paired region, opening up new disaster recovery scenarios in combination with Azure VM Backup and Azure Site Recovery.
Monitoring
Azure Monitor
Data transformations in the Azure Monitor pipeline (preview)
Azure Monitor pipeline data transformations are available in Public Preview and allow shaping telemetry before ingestion into Azure Monitor, with the goal of improving data quality, simplifying analysis, and controlling volumes (and therefore the impact) of large-scale ingestion.
Integrated into the Azure Monitor pipeline for edge and multi-cloud scenarios, transformations enable filtering, aggregating, standardizing, and remapping data such as Syslog and Common Event Format (CEF), reducing noise and redundancy “upstream.” Automated schema standardization mechanisms and validation guardrails help maintain compatibility with standard tables, preventing data flow disruptions when transformations are applied.
In addition, the preview includes built-in templates in Kusto Query Language (KQL) for common use cases and advanced filtering and aggregation functions that, for example, allow compressing high-frequency events into meaningful time windows. In short, by bringing data optimization closer to the source, this capability aims to produce cleaner datasets and faster insights even in complex, high-volume environments.
Secure ingestion and pod placement for Azure Monitor pipeline (preview)
Microsoft announced in Public Preview new capabilities for Azure Monitor pipeline that aim to improve both ingestion security and operational management of Kubernetes components.
On the secure ingress side, the pipeline can now receive traffic from external endpoints using TLS and mutual TLS (mTLS) for TCP-based receivers, introducing support for the Bring Your Own Certificates (BYOC) model. This allows organizations to retain full control over certificate lifecycle management, meet regulatory requirements, and integrate configuration with their existing Public Key Infrastructure (PKI). In practice, you can configure mTLS with your own certificates for mutual client/server authentication, or adopt TLS with a custom server certificate and a dedicated client Certificate Authority (CA).
In parallel, the new pod placement capability provides native controls to determine how pipeline instances are scheduled onto cluster nodes. Through execution placement configuration, you can direct pods to nodes with specific capabilities (for example, high-resource nodes or nodes in particular zones), control instance distribution to reduce resource contention, and apply isolation criteria that are useful in large-scale deployments.
Conclusions
This month’s updates confirm a very clear direction: Microsoft is pushing toward an increasingly uniform, proactive, and “AI-ready” model for management and protection—one that works consistently not only in Azure, but also across hybrid, multicloud, and even disconnected environments.
The evolution of Microsoft Sovereign Cloud and the “Sovereign Private Cloud” stack shows how governance and productivity can extend into air-gapped contexts, while on the security front Defender for Cloud continues to increase both coverage and depth: more reliable and adoptable CIEM, alert simulations to validate SOC processes, more decisive runtime protections for containers, and growing focus on protecting AI workloads and agents. In parallel, Azure Backup strengthens resilience with the “vault tier” approach for disks, aligning protection with more modern cyber-recovery requirements, and Azure Monitor brings optimization closer to the source with data transformations and secure ingestion options (TLS/mTLS) designed for distributed environments.
