Configure Microsoft Defender for SQL to the Standard tier

Security · Microsoft Defender for Cloud · Rule · 2022_09 · Critical

Enable Microsoft Defender for SQL servers.

Description

SQL databases are used to store critical and strategic assets for your company and should be carefully secured. Microsoft Defender for SQL represents a single go-to location to manage security capabilities.

Enabling Defender for SQL automatically enables the following advanced SQL security capabilities:

• Vulnerability Assessment: discover, track, and provide guidance to remediate potential database vulnerabilities.
• Advanced Threat Protection: continuous monitoring of your databases, detection of suspect activities and more.

When enable at subscription level, all databases in Azure SQL Database and Azure SQL Managed Instance are protected.

Recommendation

Consider using Microsoft Defender for SQL to protect your SQL databases.

Examples

Configure with Azure template

To enable Microsoft Defender for SQL:

• Set the Standard pricing tier for Microsoft Defender for SQL.

For example:

Azure Template snippet

{
  "type": "Microsoft.Security/pricings",
  "apiVersion": "2024-01-01",
  "name": "SqlServers",
  "properties": {
    "pricingTier": "Standard"
  }
}

Configure with Bicep

To enable Microsoft Defender for SQL:

• Set the Standard pricing tier for Microsoft Defender for SQL.

For example:

Azure Bicep snippet

resource defenderForSQL 'Microsoft.Security/pricings@2024-01-01' = {
  name: 'SqlServers'
  properties: {
    pricingTier: 'Standard'
  }
}

Configure with Azure Verified Modules

A pre-validated module supported by Microsoft is available from the Azure Bicep public registry. To reference the module, please use the following syntax:

br/public:avm/ptn/security/security-center:<version>

To use the latest version:

br/public:avm/ptn/security/security-center:0.1.1

---

• What is Azure Verified Modules?
• Usage and parameters for this module

Configure with Azure CLI

To enable Microsoft Defender for SQL:

• Set the Standard pricing tier for Microsoft Defender for SQL.

For example:

Azure CLI snippet

az security pricing create -n 'SqlServers' --tier 'standard'

Configure with Azure PowerShell

To enable Microsoft Defender for SQL:

• Set the Standard pricing tier for Microsoft Defender for SQL.

For example:

Azure PowerShell snippet

Set-AzSecurityPricing -Name 'SqlServers' -PricingTier 'Standard'

Links

• SE:10 Monitoring and threat detection
• Azure SQL Database and security
• Introduction to Microsoft Defender for SQL
• Azure security baseline for Azure SQL
• DP-2: Monitor anomalies and threats targeting sensitive data
• LT-1: Enable threat detection capabilities
• Azure Policy built-in policy definitions
• Azure deployment reference

Comments