Microsoft Defender for Cloud Expands Serverless Security Posture Management (December 2025 Update)

Microsoft announced in December 2025 that Defender for Cloud is extending its Cloud Security Posture Management (CSPM) capabilities to serverless workloads in Azure and AWS (public preview). This update helps security teams detect misconfigurations, vulnerabilities, and insecure dependencies in serverless environments like Azure Functions and AWS Lambda.

Details of the Update

The new features include automatic discovery and centralized inventory of serverless resources. Defender for Cloud now provides posture assessments across Azure and AWS, with varying capabilities in the Azure portal and Defender portal. This release focuses on identifying risks in modern application platforms without requiring agents.

Impact and Recommendations

• Improves visibility into serverless compute environments
• Detects misconfigurations and vulnerable dependencies early
• Integrates insights into attack path analysis for prioritized risks
• Review and enable Defender CSPM for serverless workloads
• Monitor the new inventory for high-risk findings

Security teams can view all serverless resources in a centralized inventory and identify misconfigurations, vulnerabilities, and insecure dependencies.

Microsoft Defender for Cloud Release Notes

Read the official release notes on Microsoft Learn here:

https://learn.microsoft.com/en-us/azure/defender-for-cloud/release-notes