Ensure that the Vulnerability Assessment setting "Also send email notification to admins and subscription owners" is enabled for your Microsoft SQL database servers. This security setting enables Microsoft Defender for SQL to contact your subscription owners and administrators if the Microsoft Security Response Center (MSRC) discovers that your cloud resources and/or data has been accessed by an unauthorized actor. The setting is only available for SQL servers using the classic SQL Vulnerability Assessment configuration. For new, express configuration, email notifications are enabled by default and cannot be customized.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
optimisation
Once the "Also send email notification to admins and subscription owners" setting is enabled, Vulnerability Assessment (VA) scan reports and alerts will be sent to admins and subscription owners. This can help to reduce the time required for identifying risks and taking corrective measures.
Audit
To determine if the "Also send email notification to admins and subscription owners" setting is enabled, perform the following operations:
Remediation / Resolution
To enable sending Vulnerability Assessment (VA) email notifications to admins and subscription owners using the classic configuration, perform the following operations:
References
- Azure Official Documentation
- SQL vulnerability assessment helps you identify database vulnerabilities
- Manage vulnerability findings in your Azure SQL databases
- Azure PowerShell Documentation
- Get-AzSqlServer
- Get-AzSqlServerVulnerabilityAssessmentSetting
- Update-AzSqlServerVulnerabilityAssessmentSetting