Subscription has active security alerts#
Security · Microsoft Defender for Cloud · Rule · 2025_06 · Important
Alerts that have not received a response may indicate a security issue that requires attention.
Description#
Monitoring and responding to security alerts is a critical part of maintaining the security posture of an Azure subscription. Security alerts are generated by Microsoft Defender for Cloud when they detect potential threats or vulnerabilities. Active security alerts indicate that there are potential security attempts or vulnerabilities that have not been addressed.
You can connect Microsoft Defender for Cloud to SIEM solutions including Microsoft Sentinel and consume the alerts from your tool of choice.
Recommendation#
Consider reviewing active security alerts in the subscription and taking appropriate action to address any identified issues.
Notes#
This rule checks for active security alerts in-flight in a subscription that are medium or higher severity.
Links#
- SE:10 Monitoring and threat detection
- Manage and respond to security alerts
- What is Microsoft Sentinel?