Merge pull request #2685 from MicrosoftDocs/main

Auto Publish – main to live - 2026-03-31 11:00 UTC

Author: learn-build-service-prod[bot]

articles/defender-for-cloud/defender-for-apis-prepare.md

@@ -5,7 +5,7 @@ author: dlanger
 ms.author: dlanger
 ms.service: defender-for-cloud
 ms.topic: checklist
-ms.date: 07/15/2025
+ms.date: 03/31/2026
 ms.custom: references_regions
 ---
 # Support and prerequisites for Defender for APIs deployment
@@ -21,8 +21,15 @@ Defender for APIs is available in the Azure commercial cloud, in these regions:
 - Brazil (Brazil South, Brazil Southeast)
 - Canada (Canada Central, Canada East)
 - Europe (West Europe, North Europe)
+- France (France Central, France South)
+- Germany (Germany West Central, Germany North)
 - India (Central India, South India, West India)
+- Italy (Italy North)
 - Japan (Japan East, Japan West)
+- Korea (Korea Central, Korea South)
+- Norway (Norway East, Norway West)
+- Sweden (Sweden Central, Sweden South)
+- Switzerland (Switzerland North, Switzerland West)
 - UK (UK South, UK West)
 - US (East US, East US 2, West US, West US 2, West US 3, Central US, North Central US, South Central US, West Central US, East US 2 EUAP, Central US EUAP)
 

articles/defender-for-cloud/enable-api-security-posture.md

@@ -4,7 +4,7 @@ description: Learn how to enable API security posture management in Microsoft De
 ms.author: elkrieger
 author: Elazark
 ms.topic: how-to
-ms.date: 01/04/2026
+ms.date: 03/31/2026
 ms.custom: sfi-image-nochange, references_regions
 #customer intent: As a cloud administrator, I want to learn how to enable API security posture management to protect my APIs in Azure API Management, Function Apps, and Logic Apps.
 ---
@@ -34,8 +34,15 @@ API Security Posture Management within Defender CSPM is available in the Azure c
 - Brazil (Brazil South, Brazil Southeast)
 - Canada (Canada Central, Canada East)
 - Europe (West Europe, North Europe)
+- France (France Central, France South)
+- Germany (Germany West Central, Germany North)
 - India (Central India, South India, West India)
+- Italy (Italy North)
 - Japan (Japan East, Japan West)
+- Korea (Korea Central, Korea South)
+- Norway (Norway East, Norway West)
+- Sweden (Sweden Central, Sweden South)
+- Switzerland (Switzerland North, Switzerland West)
 - UK (UK South, UK West)
 - US (East US, East US 2, West US, West US 2, West US 3, Central US, North Central US, South Central US, West Central US, East US 2 EUAP, Central US EUAP)
 

articles/defender-for-cloud/recommendations-reference-data.md

@@ -1925,6 +1925,28 @@ Even with key owner precautions, keys can be easily leaked by less than optimum
 
 **Severity**: High
 
+### Geo-redundant backups should be enabled for PostgreSQL Servers
+
+**Description**:   
+__What is geo-redundant backup?__ Geo-redundant backup replicates server backups to a paired Azure region, providing resilience against regional failures.
+
+__Why is it a security concern?__ If geo-redundant backups are disabled, a regional outage could result in data loss and extended downtime, impacting availability and compliance.
+
+__How could attackers exploit it or how could it lead to data breaches?__ While not directly exploitable, lack of geo-redundancy increases the impact of disasters or targeted attacks on a single region.
+
+**Severity**: Low
+
+### require_secure_transport should be set to “on” for Azure Database for PostgreSQL Servers
+
+**Description**:   
+__What is require_secure_transport?__ require_secure_transport is a server-level parameter that enforces the use of SSL/TLS for all client connections to PostgreSQL. When set to on, clients must connect using encrypted channels.
+
+__Why is it a security concern?__ If this setting is disabled (off), clients may connect over unencrypted channels, exposing sensitive data such as credentials, queries, and results to interception or manipulation.
+
+__How could attackers exploit it or how could it lead to data breaches?__ An attacker on the network could perform a man-in-the-middle attack, intercepting or altering data exchanged between the client and server if encryption is not enforced.
+
+**Severity**: High
+
 ## Related content
 
 - [Learn about security recommendations](security-policy-concept.md)

articles/defender-for-cloud/release-notes-recommendations-alerts.md

@@ -49,6 +49,7 @@ New and updated recommendations, alerts, and incidents are added to the table in
 | **Date announced**     | **Type**       | **State**            | **Name**                                                     |
 | ------------ | -------------- | -------------------- | ------------------------------------------------------------ |
 | March 30, 2026 | Alert | Preview | The following alert is now in Preview: <br> * Malicious content detected in uploaded AI model | 
+| March 29, 2026 | Recommendation | Preview | The following recommendations are now available in preview for Azure Database for PostgreSQL Flexible Servers as part of Defender CSPM:<br/>* Geo-redundant backups should be enabled for PostgreSQL Servers <br/>* require_secure_transport should be set to "on" for Azure Database for PostgreSQL Servers |
 | March 29, 2026 | Recommendation | Deprecation | Following the announcement from December 3, 2025, The recommendation `Microsoft Defender for SQL status should be protected for Arc-enabled SQL Servers` for Defender for SQL Servers on Machines plan, is now deprecated. |
 | March 04, 2026 | Recommendation | Upcoming deprecation | The following grouped container vulnerability recommendations are set for deprecation on April 13, 2026:<br/>**Container recommendations:**<br/>\* [Preview] Containers running in Azure should have vulnerability findings resolved<br/>\* [Preview] Containers running in AWS should have vulnerability findings resolved<br/>\* [Preview] Containers running in GCP should have vulnerability findings resolved<br/>**Container image recommendations:**<br/>\* [Preview] Container images in Azure registry should have vulnerability findings resolved<br/>\* [Preview] Container images in AWS registry should have vulnerability findings resolved<br/>\* [Preview] Container images in GCP registry should have vulnerability findings resolved<br/><br/>These grouped recommendations are being replaced by individual recommendations that provide more granular visibility, better prioritization, and improved governance. Learn more in [Deprecation of preview of container and container images vulnerability recommendations](release-notes.md#deprecation-of-preview-of-container-and-container-images-vulnerability-recommendations). |
 | February 24, 2026 | Recommendation | GA | The following data recommendations are GA: <br><br> - [Storage accounts should restrict network access using virtual network rules](recommendations-reference-data.md#storage-accounts-should-restrict-network-access-using-virtual-network-rules). <br><br> - [Storage account should use a private link connection](recommendations-reference-data.md#storage-account-should-use-a-private-link-connection). <br><br> - [Storage accounts should prevent shared key access](recommendations-reference-data.md#storage-accounts-should-prevent-shared-key-access). |

articles/defender-for-cloud/release-notes.md

@@ -2,7 +2,8 @@
 title: What's new in Microsoft Defender for Cloud features
 description: What's new and updated in Microsoft Defender for Cloud features
 ms.topic: overview
-ms.date: 03/30/2026
+ms.custom: references_regions
+ms.date: 03/31/2026
 ---
 
 # What's new in Defender for Cloud features
@@ -31,6 +32,7 @@ This article summarizes what's new in Microsoft Defender for Cloud. It includes
 
 | Date | Category | Update |
 | -------- | -------- | -------- |
+| March 31, 2026| Update | [Support for additional Azure regions for Defender for APIs and API security posture management with Defender CSPM](#support-for-additional-azure-regions-for-defender-for-apis-and-api-security-posture-management-with-defender-cspm) |
 | March 30, 2026 | Preview | [AI model security for Azure Machine Learning (Preview)](#ai-model-security-for-azure-machine-learning-preview) |
 | March 29, 2026 | Preview | [Expanded multicloud coverage for AWS and GCP (Preview)](#expanded-multicloud-coverage-for-aws-and-gcp-preview) |
 | March 22, 2026| Update | [File Integrity Monitoring requires MDE agent version 10.8799+ for legacy Windows machines](#file-integrity-monitoring-requires-mde-agent-version-108799-for-legacy-windows-machines) |
@@ -41,9 +43,31 @@ This article summarizes what's new in Microsoft Defender for Cloud. It includes
 | March 04, 2026 | Deprecation | [Deprecation of preview of container and container images vulnerability recommendations](#deprecation-of-preview-of-container-and-container-images-vulnerability-recommendations) |
 | March 04, 2026 | Preview |[New individual recommendations format in Azure portal (Preview)](#new-individual-recommendations-format-in-azure-portal-preview)|
 
+### Support for additional Azure regions for Defender for APIs and API security posture management with Defender CSPM
+
+
+Microsoft Defender for APIs and API security posture management with Defender CSPM has expanded to provide its capabilities in the following Azure regions:
+- Sweden Central
+- Sweden South
+- Germany West Central
+- Germany North
+- Italy North
+- France Central
+- France South
+- Norway East
+- Norway West
+- Switzerland North
+- Switzerland West
+- Korea Central
+- Korea South
+
+Customers who have Azure API Management services in these regions can now use the capabilities offered by Microsoft Defender for APIs and API security posture management with Defender CSPM.
+API discovery and security posture capabilities in Defender CSPM for Azure Function Apps and Azure Logic Apps have also been expanded to these regions. This feature is still in Preview.
+
+Learn more about [Microsoft Defender for APIs](defender-for-apis-introduction.md) and [API security posture management with Defender CSPM](api-security-posture-overview.md).
+
 ### AI model security for Azure Machine Learning (Preview)
 
-March 30, 2026
 
 Microsoft Defender for Cloud now offers AI model security in preview for Azure Machine Learning registries and workspaces. AI model security helps security teams discover and scan custom AI models for risks before deployment, and review findings in Defender for Cloud.
 
@@ -78,7 +102,6 @@ Learn more about [security recommendations](review-security-recommendations.md).
 
 ### File Integrity Monitoring requires MDE agent version 10.8799+ for legacy Windows machines
 
-March 22, 2026
 
 Due to a pipeline change in Microsoft Defender for Endpoint (MDE), File Integrity Monitoring now requires the **Defender for Servers Windows client (Microsoft Defender for Endpoint agent) version 10.8799 or above** for proper functionality on legacy Windows machines (downlevel clients).