The solution collects data for the systems:

• Windows: by monitoring servers with Windows operating system, Microsoft Defender for Cloud presents alerts and suggestions to deal with any anomalies found;
• Linux: Microsoft Defender for Cloud collects audit records from Linux machines, using auditd, one of the most common Linux auditing frameworks.
• For hybrid and multi-cloud scenarios, Microsoft Defender for Cloud integrates with Azure Arc, so that “non-Azure” machines are seen as Azure resources.

These are some of the benefits that can be obtained thanks to Microsoft Defender for Server:

• Integrated license for Microsoft Defender for Endpoints: Microsoft Defender for Server includes Microsoft Defender for Endpoints.
• Tools for identifying and managing vulnerabilities and configuration errors in real time;
• JIT (Just-in-Time) access to Virtual Machines (VMs) allows you to provide controlled access to the VMs themselves;
• File Integrity Monitoring (FIM) – Analyzes, for example, operating system files and logs, to check for changes that could indicate an attack.