preloader

· devops aws azure cloud security digital-security multicloud kubernetes europe

AWS Security Hub Now Watches Your Azure Estate Too, Ending the Two-Console Problem for Multicloud Teams

Source: AWS Security Blog

Multicloud is the default architecture for a lot of mid-sized and large European organisations, whether by deliberate strategy or by accumulated history of acquisitions, regional requirements, and vendor negotiations. Security tooling has mostly not caught up. AWS just closed part of that gap.

What changed

AWS Security Hub can now natively discover and monitor Microsoft Azure resources, not just AWS ones, and this capability is now generally available to all AWS customers rather than limited to a preview group. Security Hub automatically finds Azure Virtual Machines, Azure Container Registry images, Azure Function Apps, and Azure identities, then evaluates them against posture checks aligned with the CIS Azure Foundations Benchmark, looking for misconfigurations, internet exposure, and known software vulnerabilities. Findings from both clouds land in the same prioritised view, using the same finding format and the same automation and response workflows, so a security team is no longer switching between an AWS console and an Azure console to get a full picture of exposure. AWS is offering a 30-day free trial per Azure integration, after which Azure resource monitoring is billed at the same rate as equivalent AWS resource monitoring.

Why this matters beyond convenience

Unified visibility is not just a quality-of-life improvement. Security incidents increasingly move across cloud boundaries, a compromised identity or credential in one environment gets used to pivot into workloads hosted somewhere else entirely, and a security team working from two disconnected consoles is structurally slower to see that pivot happen. Consolidating AWS and Azure findings into one prioritisation and response workflow closes a real gap, particularly for organisations that ended up running both clouds for reasons unrelated to security architecture, a regional data residency requirement, an acquired subsidiary’s existing Azure estate, or a specific service only available on one platform.

For European organisations already navigating NIS2 and DORA obligations to demonstrate continuous monitoring and incident detection capability across their full technology estate, a single tool that actually covers the full estate, rather than one that covers “our AWS side” and leaves Azure to a separate process, is a meaningful step toward being able to answer an auditor’s questions about multicloud coverage with one workflow instead of two.

What to consider before adopting it

This is an AWS-native tool extending outward, not a neutral third-party platform, which is worth weighing against existing multicloud security posture tools already in your stack. Evaluate whether the CIS Azure Foundations Benchmark checks it runs actually match your existing Azure governance baseline, and confirm the free trial window gives your team enough time to validate coverage before the paid tier applies.

If your organisation runs workloads across AWS and Azure and needs help evaluating whether consolidating security monitoring into one platform makes sense for your environment, or building the governance processes that make multicloud visibility actually actionable, contact Excello Digital. We help European teams design cloud security operations that keep pace with how their infrastructure actually looks, not just how one vendor’s console presents it.

These news items are automatically aggregated from industry sources and are not individually reviewed. Any inaccuracies are unintentional — let us know and we'll correct or remove it.

We’ll help you resolve your infrastructure challenges

Our team of experts is ready to help you with your infrastructure challenges. We’ll give you honest and personal treatment. Get in touch to learn more.

Get in touch!