Ensure that the Advanced Threat Protection service is configured to have at least one email address where notification alerts will be sent when abnormal activities are detected on your Microsoft Azure SQL database servers. Advanced Threat Protection security service is managed by Advanced Data Security (ADS) – a unified security package that provides Data Discovery and Classification, Vulnerability Assessment and Advanced Threat Protection for Azure SQL servers.
By default, the "Send alerts to" setting is not enabled and configured. By providing at least one email address to receive notification alerts ensure that any detection of anomalous activity is reported as soon as possible to the right person or service, making it more likely to mitigate any potential risk faster and more efficiently.
To determine if "Send alerts to" setting is enabled and configured, perform the following actions:
Remediation / Resolution
To enable threat detection email notification alerts for your Microsoft Azure SQL servers, perform the following actions:
- Azure Official Documentation
- Advanced data security for Azure SQL Database
- Azure SQL Database Advanced Threat Protection for single or pooled databases
- CIS Microsoft Azure Foundations
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Enable Email Alerts for SQL Threat Detection Service
Risk level: High