Azure-SQLServer-Advanced-Data-Security-Enabled

Severity : High

Description: This control ensures that Advanced Data Security feature is enabled within Azure SQL server configuration to provide advanced SQL security capabilities useful for discovering and classifying sensitive data, Vulnerability Assessment services used for detecting abnormal activities that could indicate a threat to SQL databases. The Advanced Data Security enables to receive notification alert to detect suspicious database activity, potential vulnerabilities, SQL injection attacks, and anomalous database access.

Remediation Steps:

Perform following to configure Advance data security :

1. Login to Azure Portal using https://portal.azure.com.

2. Navigate to Azure SQL database.

3. Select the server from the list and open the configuration page for the server.

4. In Security settings, Select Microsoft Defender for Cloud.

5. On Microsoft Defender for Cloud page , select Enable Microsoft Defender for SQL.

6. Select Configure.

7. Under ADVANCED THREAT PROTECTION SETTINGS, select Add your contact details to the subscription's email settings in Defender for Cloud and add the contact emails to receive notifications.

8. Customize the severity of alerts that will trigger notifications to be sent under Notification types.

9. Select Save.

Important:

Reference:

• https://docs.microsoft.com/en-us/azure/azure-sql/database/threat-detection-overview

• https://docs.microsoft.com/en-us/azure/azure-sql/database/threat-detection-configure