Control: Azure > CIS v4.0 > 09 - Security Services > 09.01 - Microsoft Defender for Cloud > 09.01.07 - Defender Plan: Databases > 09.01.07.03 - Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On'
Configures auditing against a CIS Benchmark item.
Level: 2
Turning on Microsoft Defender for Azure SQL Databases enables threat detection for Managed Instance Azure SQL databases, providing threat intelligence, anomaly detection, and behavior analytics in Microsoft Defender for Cloud.
Enabling Microsoft Defender for Azure SQL Databases allows for greater defense-in-depth, includes functionality for discovering and classifying sensitive data, surfacing and mitigating potential database vulnerabilities, and detecting anomalous activities that could indicate a threat to your database.
By default, Microsoft Defender plan is off.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- Azure > CIS v4.0 > 09 - Security Services > 09.01 - Microsoft Defender for Cloud > 09.01.07 - Defender Plan: Databases > 09.01.07.03 - Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On'
- Azure > CIS v4.0
- Azure > CIS v4.0 > 09 - Security Services
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv4-0#/control/types/r09010703
- tmod:@turbot/cis#/control/categories/v070301
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv4-0#/control/types/r09010703"
Get Controls
Control Type URI
Category URI
GraphQL
CLI