🛡️ Azure Subscription Microsoft Defender For Open-Source Relational Databases is not set to On🟢

• Contextual name: 🛡️ Microsoft Defender For Open-Source Relational Databases is not set to On🟢
• ID: /ce/ca/azure/subscription/microsoft-defender-for-open-source-relational-databases
• Tags:
  • 🟢 Policy with categories
  • 🟢 Policy with type
  • 🟢 Production policy
• Policy Type: COMPLIANCE_POLICY
• Policy Categories: SECURITY

Logic

• 🧠 prod.logic.yaml🟢
  • 📗 Azure Subscription
  • 🔌 Azure Defender Plan - object.extracts.yaml
  • 🧪 test-data.json

Description

Open File

Description

Turning on Microsoft Defender for Open-source relational databases enables threat detection for Open-source relational databases, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.

Rationale

Enabling Microsoft Defender for Open-source relational databases allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center (MSRC).

Impact

Turning on Microsoft Defender for Open-source relational databases incurs an additional cost per resource.

Audit

This policy flags an Azure Subscription as INCOMPLIANT if the related Azure Defender Plan for Open Source Relational Databases has its Pricing Tier set to Free.

A Subscription is also marked as INCOMPLIANT if the Defender Plan for Open Source Relational Databases does not exist in the CMDB.

Default Value

By default, Microsoft Defender plan is off.

References

1. https://docs.microsoft.com/en-us/azure/security-center/security-center-detection-capabilities

... see more

Remediation

Open File

Remediation

From Azure Portal

1. Go to Microsoft Defender for Cloud.
2. Under Management, select Environment Settings.
3. Click on the subscription name.
4. Select the Defender plans blade.
5. Click Select types > in the row for Databases.
6. Set the toggle switch next to Open-source relational databases to On.
7. Select Continue.
8. Select Save.

From Azure CLI

Run the following command:

az security pricing create -n 'OpenSourceRelationalDatabases' --tier 'standard'

From PowerShell

Use the below command to enable Standard pricing tier for Open-source relational databases:

set-azsecuritypricing -name "OpenSourceRelationalDatabases" -pricingtier "Standard"

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS Azure v2.1.0 → 💼 2.1.5 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' - Level 2 (Automated)			1		no data
💼 CIS Azure v3.0.0 → 💼 3.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' (Automated)			1		no data
💼 CIS Azure v4.0.0 → 💼 9.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' (Automated)			1		no data
💼 Cloudaware Framework → 💼 Microsoft Defender Configuration			26		no data