Ensure that your Microsoft Azure Cosmos DB accounts are using the Advanced Threat Protection feature to detect unusual and potentially harmful attempts to access or exploit the Cosmos DB account resources. Advanced Threat Protection for Azure Cosmos DB represents an additional layer of protection that allows you to address cybersecurity threats, without being a security expert, and integrates them with central security monitoring systems like Azure Security Center in order to send email alerts when suspicious activity occurs, and provide recommendations on how to remediate these threats.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
Enabling Advanced Threat Protection can help you safeguard your Azure Cosmos DB accounts against potentially harmful activities such as atypical client logins (e.g. access from unusual locations) and unusual data extraction.
To determine if Advanced Threat Protection is enabled for your Microsoft Azure Cosmos DB accounts, perform the following actions:
Remediation / Resolution
To enable Advanced Threat Protection for your Microsoft Azure Cosmos DB accounts, perform the following actions:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Enable Advanced Threat Protection
Risk level: High