![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 28.999999999999996%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,241 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 27%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
There is no native email service for recommendations but you do have the option of setting governances rules. https://learn.microsoft.com/en-us/azure/defender-for-cloud/governance-rules
If you look at the Secure Score Over Time workbook it also has instructions for exporting recommendations to Log Analytics. From there you could create custom emails or alerts using Logic Apps. https://learn.microsoft.com/en-us/azure/defender-for-cloud/custom-dashboards-azure-workbooks#secure-score-over-time-workbook
Consider that these are security posture recommendations for your Azure cloud infrastructure. You will find similar recommendations in the Defender XDR portal for other security solutions like MDE and MDI. Security Operation teams tend to focus on reactive security incidents vs. proactive posture improvements. Mixing reactive and proactive in the same incident queue could be confusing if they are not separated in some way like a naming standard or tag. That is why you often see security posture recommendations as a dashboard or email. They are more subjective, lower priority, and take much longer to resolve.