In Microsoft Defender for Cloud, the Free plan provides continuous security assessment and visibility into your posture via Secure Score and security recommendations. Microsoft explains that the free tier offers “foundational CSPM capabilities,” including recommendations and a security score (Secure score) to help you prioritize hardening tasks. Advanced features—such as vulnerability scanning for VMs (Qualys-based), Just-In-Time (JIT) VM access, and threat protection alerts—require the enhanced/paid Defender plans (for example, Defender for Servers). Consequently, among the listed options, only Secure score is available in the free mode. This score aggregates the effect of recommendations across subscriptions and resources so you can track and improve security posture without enabling any of the paid Defender plans.