Policy: Azure > CIS v2.0 > 04 - Database Services > 4.02 SQL Server - Microsoft Defender for SQL
Microsoft Defender for SQL provides a layer of security which enables customers to detect and respond to potential threats as they occur through security alerts on anomalous activities. Users will receive an alert upon suspicious database activities, potential vulnerabilities, and SQL injection attacks, as well as anomalous database access patterns. SQL Server Threat Detection alerts provide details of suspicious activity and recommend action on how to investigate and mitigate the threat. Microsoft Defender for SQL may incur additional cost per SQL server.
Primary Policy
This policy is used with the following primary policy:
Related Policies
- 4.02.01 - Ensure that Microsoft Defender for SQL is set to 'On' for critical SQL Servers
- 4.02.02 - Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account
- 4.02.03 - Ensure that Vulnerability Assessment (VA) setting 'Periodic recurring scans' is set to 'on' for each SQL server
- 4.02.04 - Ensure that Vulnerability Assessment (VA) setting 'Send scan reports to' is configured for a SQL server
- 4.02.05 - Ensure that Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners' is set for each SQL Server
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/cis
- tmod:@turbot/azure-cisv2-0#/policy/types/s0402
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv2-0#/policy/types/s0402"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv2-0#/policy/types/s0402"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI