Configure Microsoft Defender for Azure SQL Database

Completed

Defender for Databases in Microsoft Defender for Cloud allows you to protect your entire database estate with attack detection and threat response for the most popular database types in Azure. Defender for Cloud provides protection for the database engines and for data types, according to their attack surface and security risks.

Database protection includes:

  • Microsoft Defender for Azure SQL databases
  • Microsoft Defender for SQL servers on machines
  • Microsoft Defender for open-source relational databases
  • Microsoft Defender for Azure Cosmos DB

Enable the Databases plan

When you enable database protection, you enable all four of the Defender plans and protect all of the supported databases on your subscription.

To enable Defender for Databases on your subscription:

  1. Sign in to the Azure portal.
  2. Search for and select Microsoft Defender for Cloud.
  3. In the Defender for Cloud menu, select Environment settings.
  4. Select the relevant Azure subscription, AWS account or GCP project.
  5. On the Defender plans page, toggle the Databases plan to On.

Enable specific plans database protections

When you enable database protection, you enable the following four Defender plans:

  • Defender for Azure SQL databases
  • Defender for SQL server on machines
  • Defender for open-source relational databases
  • Defender for Azure Cosmos DB

These plans protect all of the supported databases in your subscription.

To enable specific database protections on your subscription:

  1. Sign in to the Azure portal.
  2. Search for and select Microsoft Defender for Cloud.
  3. In the Defender for Cloud menu, select Environment settings.
  4. Select the relevant subscription.
  5. On the Defender plans page, locate the Databases plan and select Select types.
  6. In the Resource types selection window, toggle the desired plans to On or Off.
  7. (Optional) Exclude specific database resource types by toggling them to Off.
  8. Select Continue.
  9. Select Save.