π Azure Subscription Microsoft Defender For Open-Source Relational Databases is not set to On π’
- Contextual name: π Microsoft Defender For Open-Source Relational Databases is not set to On π’
- ID:
/ce/ca/azure/subscription/microsoft-defender-for-open-source-relational-databases - Located in: π Azure Subscription
Flagsβ
- π’ Policy with categories
- π’ Policy with type
- π’ Production policy
Our Metadataβ
- Policy Type:
COMPLIANCE_POLICY - Policy Category:
SECURITY
Logicβ
- π§ prod.logic.yaml π’
Descriptionβ
Descriptionβ
Turning on Microsoft Defender for Open-source relational databases enables threat detection for Open-source relational databases, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.
Rationaleβ
Enabling Microsoft Defender for Open-source relational databases allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center (MSRC).
Impactβ
Turning on Microsoft Defender for Open-source relational databases incurs an additional cost per resource.
Auditβ
This policy flags an Azure Subscription as
INCOMPLIANTif the relatedAzure Defender Planfor Open Source Relational Databases has itsPricing Tierset to Free.A Subscription is also marked as
INCOMPLIANTif theDefender Planfor Open Source Relational Databases does not exist in the CMDB.Default Valueβ
By default, Microsoft Defender plan is
off.Referencesβ
... see more
Remediationβ
Remediationβ
From Azure Portalβ
- Go to
Microsoft Defender for Cloud.- Under
Management, selectEnvironment Settings.- Click on the subscription name.
- Select the
Defender plansblade.- Click
Select types >in the row forDatabases.- Set the toggle switch next to
Open-source relational databasestoOn.- Select
Continue.- Select
Save.From Azure CLIβ
Run the following command:
az security pricing create -n 'OpenSourceRelationalDatabases' --tier 'standard'From PowerShellβ
Use the below command to enable Standard pricing tier for Open-source relational databases:
set-azsecuritypricing -name "OpenSourceRelationalDatabases" -pricingtier "Standard"
policy.yamlβ
Linked Framework Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CIS Azure v2.1.0 β πΌ 2.1.5 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' - Level 2 (Automated) | 1 | |||
| πΌ CIS Azure v3.0.0 β πΌ 3.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' (Automated) | 1 | |||
| πΌ CIS Azure v4.0.0 β πΌ 9.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On' (Automated) | 1 | |||
| πΌ Cloudaware Framework β πΌ Microsoft Defender Configuration | 26 |