Benchmark: 4.2 SQL Server - Azure Defender for SQL
Azure Defender for SQL provides a layer of security, which enables customers to detect and respond to potential threats as they occur by providing security alerts on anomalous activities. Users will receive an alert upon suspicious database activities, potential vulnerabilities, and SQL injection attacks, as well as anomalous database access patterns. SQL Server Threat Detection alerts provide details of suspicious activity and recommend action on how to investigate and mitigate the threat.
Azure Defender for SQL may incur additional cost per SQL server.
steampipe check azure_compliance.benchmark.cis_v130_4_2
- 4.2.1 Ensure that Advanced Threat Protection (ATP) on a SQL server is set to 'Enabled'
- 4.2.2 Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account
- 4.2.3 Ensure that VA setting Periodic Recurring Scans is enabled on a SQL server
- 4.2.4 Ensure that VA setting Send scan reports to is configured for a SQL server
- 4.2.5 Ensure that VA setting 'Also send email notifications to admins and subscription owners' is set for a SQL server