Can we integrate custom SLAs into Cloud Defender?

Erika Salmon 0

Hi,

I want to integrate custom SLA metrics into Cloud Defender so we can keep track and keep on top of resolving all our issues. Is there a way we can do this? Ideally we want to integrate it with the Cloud Defender and DevOps integration with Github.

Thanks!

Navya 16,050 Reputation points Microsoft External Staff

2025-03-05T04:42:41.53+00:00

Hi @Erika Salmon

Thank you for posting this in Microsoft Q&A.

To better understand your request, could you share specific examples of the SLA metrics you want to track? Additionally, how do you plan to integrate these metrics with your DevOps processes and GitHub workflows? If you already have monitoring tools in place, please provide details on the ones you are using.

Looking forward your response.
Navya 16,050 Reputation points Microsoft External Staff

2025-03-06T03:40:08.1633333+00:00

Hi @Erika Salmon

We haven’t heard from you on the last response and was just checking back to see could you please provide more details on your requirement so that I can assist you further.
Rukmini 11 Reputation points Microsoft External Staff

2025-03-06T12:17:53.1233333+00:00

Hi @Erika Salmon

We haven’t heard from you on the last response and was just checking back to see could you please provide more details on your requirement so that I can assist you further.
Erika Salmon 0 Reputation points

2025-03-06T21:06:10.79+00:00

What we wanted to integrate was basically just SLA times. So for example address High severity recommendations within 30 days and get alerted if this was not done. And there's already existing integrations into Github, so for example when the dependabot was first raised and if the alert was resolved within the SLA timeframe. And an alert if it breached the timeframe.
SrideviM 665 Reputation points Microsoft External Staff

2025-03-07T01:47:18.4266667+00:00
Hello Erika Salmon,

I understand you’re looking to track SLA times for high-severity recommendations in Defender for Cloud and integrate them with GitHub to ensure timely resolution. Since Defender for Cloud already connects with GitHub, here are the few ways to achieve this:

You can use Azure Policy to flag security recommendations that haven’t been fixed within 30 days, helping enforce SLA timelines and maintain compliance. Check this MS Article to know more about Azure Policy .

Log Analytics can monitor when an issue (like a Dependabot alert) was first raised and whether it was resolved within the SLA timeframe, making it easier to monitor overdue issues: Log Analytics Agent.

Since Defender for Cloud already integrates with GitHub, you can automate tracking using GitHub Actions. This allows you to log when a security alert was raised and track whether it was fixed within the required time. If an issue isn’t resolved on time, GitHub Actions can be used to create or escalate a GitHub issue. More details on Defender for DevOps GitHub integration can be found here: Defender for DevOps GitHub Integration.

If you require alerts when an issue exceeds the SLA, Azure Monitor can send notifications via email, Microsoft Teams, or GitHub issues. For setting up alerts, check Azure Monitor Alerts.

This setup ensures that security issues are addressed within the SLA and properly tracked within your DevOps workflow. Let me know if you need further details.

Hope it helps!

Kindly consider upvoting the comment if the information provided is helpful. This can assist other community members in resolving similar issues.

1 answer

SrideviM 665 Reputation points Microsoft External Staff

2025-03-07T04:35:46.3633333+00:00
Hello Erika Salmon,

I understand you're looking for a way to track SLA times for high-severity recommendations in Defender for Cloud and link it to GitHub so issues can be resolved in a timely manner. Since Defender for Cloud already connects with GitHub, here are a few ways you can achieve this:

Security recommendations that have not been remediated after 30 days can be flagged using Azure Policy which should help with SLA timelines. Learn more using this Microsoft Article on Azure Policy .

With Log Analytics, it is possible to monitor whether a security issue, such as a Dependabot alert, was opened and resolved within the SLA timeframe. This is useful for tracking downtime and allows for remediation of overdue issues. More information is available here.

GitHub Actions can automate tracking so security alerts are logged, monitored, and escalated if they aren’t resolved on time. This keeps everything aligned with your DevOps workflow. You can find more about integrating Defender for Cloud with GitHub here.

Azure Monitor can send notifications through email, Microsoft Teams, or GitHub when an issue goes past the SLA. This ensures the right teams are informed before security risks escalate. Details on setting this up can be found here.

By leveraging these tools, you can track, enforce, and automate SLA compliance for security recommendations, ensuring issues are addressed on time and properly integrated into your DevOps workflow. Let me know if you need further details.

Hope this helps!

If this answers your query, do click Accept Answer and Yes for "Was this answer helpful?". This can assist other community members in resolving similar issues. If you have any further questions, feel free to ask.
Please sign in to rate this answer.

1 person found this answer helpful.
SrideviM 665 Reputation points Microsoft External Staff

2025-03-09T01:56:33.2366667+00:00

Hello Erika Salmon,

Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes, if you have any further query do let us know.
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

Can we integrate custom SLAs into Cloud Defender?

1 answer

Your answer