Ensure that Microsoft Defender for Cloud is enabled for your Microsoft Azure storage accounts. Defender for storage accounts is an Azure-native layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit your Azure cloud storage accounts.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
By default, Microsoft Defender for Cloud is disabled for your storage accounts. Enabling the Defender security service for Azure storage accounts allows for advanced security defense using threat detection capabilities provided by the Microsoft Security Response Center (MSRC). MSRC investigates all reports of security vulnerabilities affecting Microsoft products and services, including Azure cloud services.
Audit
To determine if the Microsoft Defender for Cloud security service is enabled for your Azure storage accounts, perform the following operations:
Remediation / Resolution
To enable Microsoft Defender for Cloud for your Azure storage accounts, perform the following operations:
Note: Turning on Defender for Cloud for the specified resource type (i.e. storage accounts) incurs an additional cost per resource.References
- Azure Official Documentation
- Microsoft Defender for Cloud documentation
- What is Microsoft Defender for Cloud?
- Microsoft Defender for Cloud pricing
- Microsoft Defender for Cloud's enhanced security features
- Introduction to Microsoft Defender for Storage
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token