Control: Azure > CIS v4.0 > 09 - Security Services > 09.01 - Microsoft Defender for Cloud > 09.01.08 - Defender Plan: Key Vault > 09.01.08.01 - Ensure That Microsoft Defender for Key Vault Is Set To 'On'
Configures auditing against a CIS Benchmark item.
Level: 2
Turning on Microsoft Defender for Key Vault enables threat detection for Key Vault, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.
Enabling Microsoft Defender for Key Vault allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center (MSRC).
By default, Microsoft Defender plan is off.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- Azure > CIS v4.0 > 09 - Security Services > 09.01 - Microsoft Defender for Cloud > 09.01.08 - Defender Plan: Key Vault > 09.01.08.01 - Ensure That Microsoft Defender for Key Vault Is Set To 'On'
- Azure > CIS v4.0
- Azure > CIS v4.0 > 09 - Security Services
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv4-0#/control/types/r09010801
- tmod:@turbot/cis#/control/categories/v070301
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv4-0#/control/types/r09010801"
Get Controls
Control Type URI
Category URI
GraphQL
CLI