Summary
Enable Microsoft Defender for Cloud for App Services and SQL Servers to detect vulnerabilities, provide security recommendations, and enable advanced threat protection.
Threats Addressed
- T-005: Data Exfiltration (High Risk)
- T-007: Unpatched Vulnerabilities (High Risk)
Current State
- No Defender for Cloud enabled for workload protection
- Relying on manual vulnerability assessments
Acceptance Criteria
Implementation Reference
See security-plan-sample-web-app.md for Bicep code samples.
\\�icep
resource defenderForAppService 'Microsoft.Security/pricings@2024-01-01' = {
name: 'AppServices'
properties: {
pricingTier: 'Standard'
}
}
resource defenderForSql 'Microsoft.Security/pricings@2024-01-01' = {
name: 'SqlServers'
properties: {
pricingTier: 'Standard'
}
}
resource sqlServerSecurityAlertPolicy 'Microsoft.Sql/servers/securityAlertPolicies@2023-08-01-preview' = {
parent: sqlServer
name: 'Default'
properties: {
state: 'Enabled'
emailAccountAdmins: true
}
}
\\
Priority
P2 - High - Implement within 30 days
Summary
Enable Microsoft Defender for Cloud for App Services and SQL Servers to detect vulnerabilities, provide security recommendations, and enable advanced threat protection.
Threats Addressed
Current State
Acceptance Criteria
Implementation Reference
See security-plan-sample-web-app.md for Bicep code samples.
\\�icep
resource defenderForAppService 'Microsoft.Security/pricings@2024-01-01' = {
name: 'AppServices'
properties: {
pricingTier: 'Standard'
}
}
resource defenderForSql 'Microsoft.Security/pricings@2024-01-01' = {
name: 'SqlServers'
properties: {
pricingTier: 'Standard'
}
}
resource sqlServerSecurityAlertPolicy 'Microsoft.Sql/servers/securityAlertPolicies@2023-08-01-preview' = {
parent: sqlServer
name: 'Default'
properties: {
state: 'Enabled'
emailAccountAdmins: true
}
}
\\
Priority
P2 - High - Implement within 30 days