Microsoft Defender for Cloud (the community repository) is a centralized collection of programmatic automations, policy definitions, remediation scripts, and visualization workbooks designed to help organizations manage and operationalize Microsoft Defender for Cloud at scale. It packages ready-to-use Azure Policy definitions, Logic App templates, PowerShell automation, remediation actions, and custom workbooks so teams can deploy detections, enforce security posture, and automate responses across subscriptions and tenants. The repo includes playbooks and examples for translating recommendations into automated remediation, along with onboarding and deployment artifacts (including Terraform helpers) to simplify large-scale rollout. Content is explicitly presented as community-driven: contributors can submit Logic Apps, policies, and scripts, and the project documents contribution guidelines and CLA requirements for submissions.
Features
- Collection of Azure Policy definitions and at-scale policy assignments for Defender for Cloud
- Logic App templates for automated remediation and alert-driven workflows
- Prebuilt PowerShell scripts and remediation scripts to run programmatic fixes across subscriptions
- Custom workbooks and PowerBI/Log Analytics dashboards for visualization and reporting
- Terraform and ARM helpers to deploy Defender for Cloud artifacts reproducibly at scale
- Contribution guidelines and a CLA workflow to accept community-supplied automations
Project Samples
