Microsoft Defender for SQL Is Not Enabled

Overview

Microsoft Defender for SQL is a unified package for advanced SQL security capabilities. Microsoft Defender is available for Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics. It includes functionality for discovering and classifying sensitive data, surfacing and mitigating potential database vulnerabilities, and detecting anomalous activities that could indicate a threat to your database. It provides a single go-to location for enabling and managing these capabilities.

Microsoft Defender for SQL is a paid feature and will incur additional cost for each SQL server.

Vendor

Azure

Cloud Service

MsSqlDatabase

CIS Azure v2.0.0 4.2.1

References

https://docs.microsoft.com/en-us/azure/azure-sql/database/azure-defender-for-sql?view=azuresql, https://docs.microsoft.com/en-us/powershell/module/azurerm.sql/get-azurermsqlserverthreatdetectionpolicy?view=azurermps-6.13.0&viewFallbackFrom=azurermps-5.2.0, https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-data-protection#dp-2-monitor-anomalies-and-threats-targeting-sensitive-data

Severity

Item Types

Microsoft.Sql.servers

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​