In an effort to update its security applications for CSOs that are increasingly responsible for securing multicloud environments, Microsoft is releasing new visibility and control features for software, workloads, devices, and digital identities accessing or running on hybrid computing infrastructure.\u00a0\u00a0\u00a0The updates, announced Wednesday, include the extension of Microsoft Defender for Cloud to support the Google Cloud Platform (GCP); a new version of the permissions management platform acquired from CloudKnox \u00a0in July 2021; enhanced data analysis and archiving features for Microsoft's Sentinel SIEM (system information and event management) \u00a0application; as well as new identity management, compliance and payment capabilities for Azure and Azure Active Directory (AAD).All these features will be accessible to customers within a centralized management view, Microsoft says.\u201cOrganizations around the world are forced to confront sophisticated ransomware and nation state attacks even as they\u2019re continually evolving with stricter compliance requirements,\u201d said Vasu Jakkal, corporate vice president for security, compliance, and identity at Microsoft, in a blog post. \u201cThese new features and offerings are designed to secure the foundations of hybrid work and digital transformation.\u201dNinety-two percent of enterprises surveyed in a recent Flexera report on enterprise cloud usage said they have a multicloud strategy, but only 42% of respondents said they use multicloud management tools."For organizations to fully embrace these multicloud strategies, it\u2019s critical that their security solutions reduce complexity," Jakkal said.Microsoft Defender for Cloud extended to GCP\u00a0\u00a0Microsoft\u2019s security management and threat protection tool, Defender for Cloud, has been extended to work on Google Cloud Platform (GCP), \u00a0to allow CSOs to configure GCP environments in line with key security standards such as Center for Internet Security (CIS) benchmarks, and protect workloads running on GCP by identifying weak spots.\u00a0With the GCP support, Microsoft claims to be the first cloud provider with native multicloud protection for three leading cloud platforms \u2014 Microsoft Azure, Amazon Web Services (AWS), and GCP.\u00a0\u201cMicrosoft continues to focus on delivering strong cybersecurity solutions, which comes during a time when the global cyber risk environment has never been greater," says Gary McAlum, senior analyst at research and advisory firm TAG Cyber. "Extending MS Defender to Google Cloud provides more options for another segment of the cloud market and takes the 'GCP not supported' excuse off the table."CloudKnox aims to support zero trust security\u00a0Microsoft is also making CloudKnox Permissions Management available for public preview. The CIEM (cloud infrastructure entitlement management) software package is designed to help customers manage identities and permissions in multicloud environments and contribute to their zero trust posture. Zero trust is based on the concept that anything inside or outside an enteprise perimeter should be automatically trusted, and that anything and everything trying to connect to company systems must be verified before granting access.\u00a0CloudKnox is designed to provide visibility into identities, users, and workloads running on cloud platforms, and detects and remediates suspicious activity. It constantly monitors least-privileged account access using machine learning algorithms.\u00a0\u00a0\u00a0Sentinel adds high-volume data analysis featuresFor SIEM customers running software in cloud environments, Microsoft announced new features for Sentinel, including a logging capability that allows the application to sift through large volumes of data to identify high-severity, low-visibility events.Search capabilities are designed to allow security analysts to search through a high volume of security data from logs, analytics and archives to zero in on threats.\u00a0 An add-on to this feature is a data archiving capability that is expected to allow data to be retained beyond the current capacity of two to seven years.\u00a0\u00a0Streamlining control over identity, compliance and payments\u00a0\u00a0\u00a0As part of its raft of security announcements, Microsoft revealed identity, compliance and payment updates to several applications:Azure Active Directory\u2019s core capabilities, which center around protecting user identity, have been extended to \u00a0include handling workload identities. Workload identity protection, coupled with the conditional access announced by the company last year, is designed to allow workload identities to be managed efficiently across cloud native applications.\u00a0\u00a0Microsoft Endpoint Manager has three new features that allow for setting up tailored device compliance policies and monitoring non-compliance in macOS devices; \u00a0applying conditional launch requirements through Active Ditrectory on Android 11 devices; and runing biometric authentications to verify identities on Android 11 devices.\u00a0\u00a0Microsoft has also launched a new payment protection service, Azure Payment HSM (hardware security modue), currently in public preview, to help secure payments processed in the cloud. HSM \u00a0is an infrastructure-as-a-service (IaaS) offering that lets customers plug in the device directly into their virtual network to deliver improved protection for cryptographic keys and customer PINs."Enhancements spanning active directory, access management, data analytics, policy compliance enforcement, and secure payment processing are a staggering set of important capabilities," McAlum says. "These offerings demonstrate a significant commitment by Microsoft to build comprehensive, cloud-powered defenses to enable business innovation and digital transformation."