Skip to main content

๐Ÿ’ผ 4.2 SQL Server - Microsoft Defender for SQL

  • Contextual name: ๐Ÿ’ผ 4.2 SQL Server - Microsoft Defender for SQL
  • ID: /frameworks/cis-azure-v1.5.0/04/02
  • Located in: ๐Ÿ’ผ 4 Database Services

Descriptionโ€‹

Microsoft Defender for SQL provides a layer of security which enables customers to detect and respond to potential threats as they occur through security alerts on anomalous activities. Users will receive an alert upon suspicious database activities, potential vulnerabilities, and SQL injection attacks, as well as anomalous database access patterns. SQL Server Threat Detection alerts provide details of suspicious activity and recommend action on how to investigate and mitigate the threat.

Microsoft Defender for SQL may incur additional cost per SQL server.

Similarโ€‹

  • Internal
    • ID: dec-b-9abb1dea

Sub Sectionsโ€‹

SectionSub SectionsInternal RulesPoliciesFlags
๐Ÿ’ผ 4.2.1 Ensure that Microsoft Defender for SQL is set to 'On' for critical SQL Servers - Level 2 (Automated)
๐Ÿ’ผ 4.2.2 Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account - Level 2 (Automated)
๐Ÿ’ผ 4.2.3 Ensure that Vulnerability Assessment (VA) setting 'Periodic recurring scans' is set to 'on' for each SQL server - Level 2 (Automated)
๐Ÿ’ผ 4.2.4 Ensure that Vulnerability Assessment (VA) setting 'Send scan reports to' is configured for a SQL server - Level 2 (Automated)
๐Ÿ’ผ 4.2.5 Ensure that Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners' is set for each SQL Server - Level 1 (Automated)