Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
Attention: All Microsoft Defender for Cloud features will be officially retired in Azure in China region on August 18, 2026 per the announcement posted by 21Vianet.
Microsoft Defender for Cloud helps you assess and monitor compliance with security, regulatory, and organizational requirements across Azure.
Defender for Cloud represents all frameworks, regulations, and benchmarks as security standards. Each standard defines a set of rules and assessment logic that Defender for Cloud continuously evaluates across your connected environments. The results of these evaluations appear in the Regulatory compliance dashboard, where you can track compliance state and investigate noncompliant resources.
Compliance assessments
Each standard contains multiple controls that represent specific security requirements. Defender for Cloud automatically evaluates your resources against these controls and marks them as compliant, noncompliant, or unavailable for automated assessment.
Failed controls generate security recommendations that describe the issue and provide remediation steps.
If no relevant resources exist for a particular standard, it doesn’t appear in the dashboard, even if it’s assigned to the scope.
View standards in the Regulatory compliance dashboard
The Regulatory compliance dashboard provides an overview of compliance posture across all connected clouds.
From the dashboard, you can:
- View all standards assigned to a selected scope.
- Review the percentage of controls passed per standard.
- Identify frameworks with the lowest compliance rate.
- Drill down into failed controls and view affected resources.
- Generate summary and audit reports.
- Track compliance trends using Azure Workbooks.
To learn more about using the Regulatory compliance dashboard, see Improve regulatory compliance.
Security Benchmarks in Microsoft Defender for Cloud
Microsoft Cloud Security Benchmark (MCSB)
The Microsoft Cloud Security Benchmark (MCSB) is applied by default to all connected environments.
It defines cloud-agnostic security principles and provides implementation guidance for Azure.
The latest version, MCSB v2 (preview), introduces expanded guidance with risk-based controls and updated mappings for new workloads such as AI.
Learn more about the Microsoft Cloud Security Benchmark in Defender for Cloud.
Custom standards
You can create custom standards that include built-in or custom recommendations to meet organizational compliance needs. Custom standards appear alongside built-in ones in the Regulatory compliance dashboard.
Learn more about creating custom standards and recommendations.