Ensure that the Vulnerability Assessment setting "Also send email notification to admins and subscription owners" is enabled for your Microsoft SQL database servers. This security setting enables Microsoft Defender for SQL to contact your subscription owners and administrators if the Microsoft Security Response Center (MSRC) discovers that your cloud resources and/or data has been accessed by an unauthorized actor.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
optimisation
Once the "Also send email notification to admins and subscription owners" setting is enabled, Vulnerability Assessment (VA) scan reports and alerts will be sent to admins and subscription owners. This can help to reduce the time required for identifying risks and taking corrective measures.
Audit
To determine if the "Also send email notification to admins and subscription owners" security setting is enabled, perform the following actions:
Remediation / Resolution
To enable sending Vulnerability Assessment (VA) email notifications to admins and subscription owners, perform the following actions:
References
- Azure Official Documentation
- SQL vulnerability assessment helps you identify database vulnerabilities
- Server Vulnerability Assessments - List By Server
- PV-6: Perform software vulnerability assessments
- Azure PowerShell Documentation
- Az.Sql
- Get-AzSqlServer
- Get-AzSqlServerVulnerabilityAssessmentSetting
- Update-AzSqlServerVulnerabilityAssessmentSetting
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable Vulnerability Assessment Email Notifications for Admins and Subscription Owners
Risk Level: Medium