Vulnerability Assessment Reports Are Not Sent to Admins

Overview

Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'.

VA scan reports and alerts will be sent to admins and subscription owners by enabling setting 'Also send email notifications to admins and subscription owners'. This may help in reducing time required for identifying risks and taking corrective measures.

Enabling the Azure Defender for SQL feature will incur additional costs for each SQL server.

Vendor

Azure

Cloud Service

MsSqlDatabase

CIS Azure v2.0.0 4.2.5

References

https://docs.microsoft.com/en-us/azure/sql-database/sql-vulnerability-assessment, https://docs.microsoft.com/en-us/rest/api/sql/servervulnerabilityassessments/listbyserver, https://docs.microsoft.com/en-in/powershell/module/Az.Sql/Update-AzSqlServerVulnerabilityAssessmentSetting?view=azps-2.6.0, https://docs.microsoft.com/en-in/powershell/module/Az.Sql/Get-AzSqlServerVulnerabilityAssessmentSetting?view=azps-2.6.0, https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-posture-vulnerability-management#pv-6-perform-software-vulnerability-assessments

Severity

Item Types

Microsoft.Sql.servers

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​