🛡️ Azure Subscription Security Alert Notifications for attack path with Critical severity are not configured🟢⚪
- Contextual name: 🛡️ Security Alert Notifications for attack path with Critical severity is not configured🟢⚪
- ID:
/ce/ca/azure/subscription/security-alert-notifications-for-attack-paths-with-critical-severity
- Tags:
- Policy Type:
COMPLIANCE_POLICY
- Policy Categories:
SECURITY
Description
Description
Enables emailing attack paths to the subscription owner or other designated security contact.
Rationale
Enabling attack path emails ensures that attack path emails are sent by Microsoft. This ensures that the right people are aware of any potential security issues and can mitigate the risk.
Impact
Enabling attack path emails can cause alert fatigue, increasing the risk of missing important alerts. Select an appropriate risk level to manage notifications. Azure aims to reduce alert fatigue by limiting the daily email volume per risk level. Learn more: https://learn.microsoft.com/en-us/azure/defender-for-cloud/configure-email-notifications#email-frequency.
Audit
From Azure Portal
- From Azure Home select the Portal Menu.
- Select
Microsoft Defender for Cloud
.- Under
Management
, selectEnvironment settings
.- Click on the appropriate Subscription.
- Click on
Email notifications
.- Under Notification types, ensure that the box next to
Notify about attack paths with the following risk level (or higher)
is checked, and an appropriate risk level is selected.... see more
Remediation
Remediation
From Azure Portal
- From Azure Home select the Portal Menu.
- Select
Microsoft Defender for Cloud
.- Under
Management
, selectEnvironment settings
.- Click on the appropriate Subscription.
- Click on
Email notifications
.- Under Notification types, check the box next to
Notify about attack paths with the following risk level (or higher)
, and select an appropriate risk level from the drop-down menu.- Repeat steps 1-6 for each Subscription.
policy.yaml
Linked Framework Sections
Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
---|---|---|---|---|---|
💼 CIS Azure v4.0.0 → 💼 9.1.15 Ensure that 'Notify about attack paths with the following risk level (or higher)' is enabled (Automated) | 1 | no data | |||
💼 Cloudaware Framework → 💼 Microsoft Defender Configuration | 26 | no data |