Configure Microsoft Defender for Storage to the Standard tier#

Security · Microsoft Defender for Cloud · 2022_09

Enable Microsoft Defender for Storage.

Description#

Storage Accounts can be subject to many security threats. Data corruption, malicious exposure of data, data exfiltration, unauthorized access are only a few.

Microsoft Defender for Storage provides protection against unusual and potential harmful access to your Storage Accounts. Based on Microsoft Threat Intelligence, it continuously monitor the telemetry stream to raise alerts when needed.

All those alerts come along with investigation steps, remediation actions, and security recommendations.

Defender for Storage doesn't access the Storage account data and has no impact on its performance.

Recommendation#

Consider using Microsoft Defender for Storage to protect your data hosted in Storage Accounts.

Examples#

Configure with Azure template#

To enable Defender for Storage:

Set the Standard pricing tier for Microsoft Defender for Storage.

For example:

Azure Template snippet

{
    "type": "Microsoft.Security/pricings",
    "apiVersion": "2022-03-01",
    "name": "StorageAccounts",
    "properties": {
        "pricingTier": "Standard"
    }
}

Configure with Bicep#

To enable Defender for Storage:

Set the Standard pricing tier for Microsoft Defender for Storage.

For example:

Azure Bicep snippet

resource defenderForStorage 'Microsoft.Security/pricings@2022-03-01' = {
  name: 'StorageAccounts'
  properties: {
    pricingTier: 'Standard'
  }
}

Configure with Azure CLI#

Azure CLI snippet

az security pricing create -n 'StorageAccounts' --tier 'standard'

Configure with Azure PowerShell#

Azure PowerShell snippet

Set-AzSecurityPricing -Name 'StorageAccounts' -PricingTier 'Standard'

Notes#

This rule applies when analyzing resources deployed (in-flight) to Azure.

Links#

Last update: 2022-09-23