Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'
Turning on Microsoft Defender for Open-source relational databases enables threat detection for Open-source relational databases, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.
Risk Level: High
Cloud Entity: Defender Plans
CloudGuard Rule ID: D9.AZU.MON.76
Covered by Spectral: No
Category: Security Center
GSL LOGIC
DefenderPlans where name='OpenSourceRelationalDatabases' should have properties.pricingTier='Standard'
REMEDIATION
From Portal
- Go to 'Microsoft Defender for Cloud'.
- Click on 'Environment Settings' blade.
- Click on the subscription name.
- Select the Defender plans blade.
- Click Select types > in the row for Databases.
- Set the radio button next to 'Open-source relational databases' to On.
- Select Continue.
- Click Save.
From TF
Set the 'tier' and 'resource_type' arguments under 'azurerm_security_center_subscription_pricing' as below:
resource "azurerm_security_center_subscription_pricing" "example" {
...
tier = "Standard"
resource_type = "OpenSourceRelationalDatabases"
...
}
From Command Line
Use the below command to enable Azure Defender for Open-source relational databases
Run
az security pricing create -n 'OpenSourceRelationalDatabases' --tier 'standard'
References
- https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-databases-introduction
- https://learn.microsoft.com/en-us/cli/azure/security/pricing?view=azure-cli-latest
- https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_subscription_pricing
Defender Plans
The Defender plans of Microsoft Defender for Cloud offer comprehensive defenses for the compute, data, and service layers of your environment
Compliance Frameworks
- Azure CIS Foundations v. 1.5.0
- Azure CIS Foundations v.2.0
- Azure CloudGuard Best Practices
- Azure NIST 800-53 Rev 5
- CloudGuard Azure All Rules Ruleset
Updated about 1 year ago