Control: Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.05 - Defender Plan: Storage > 8.01.05.02 - Ensure Advanced Threat Protection Alerts for Storage Accounts Are Monitored
Configures auditing against a CIS Benchmark item.
Level: 2
After enabling Microsoft Defender for Storage, configure an alert monitoring and response process to ensure that alerts are actioned in a timely manner. Integrate with SIEM solutions like Microsoft Sentinel, or configure email/webhook notifications to security teams.
Enabling Microsoft Defender for Storage without a monitoring process limits its value. Continuous monitoring and alert triage ensure that detected threats are acted upon quickly, reducing risk exposure.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- Azure > CIS v5.0 > Maximum Attestation Duration
- Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.05 - Defender Plan: Storage > 8.01.05.02 - Ensure Advanced Threat Protection Alerts for Storage Accounts Are Monitored > Attestation
- Azure > CIS v5.0
- Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.05 - Defender Plan: Storage > 8.01.05.02 - Ensure Advanced Threat Protection Alerts for Storage Accounts Are Monitored
- Azure > CIS v5.0 > 8 - Security Services
- Azure > CIS v5.0 > 8 - Security Services > Maximum Attestation Duration
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv5-0#/control/types/r08010502
- tmod:@turbot/cis#/control/categories/v070603
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r08010502"
Get Controls
Control Type URI
Category URI
GraphQL
CLI