Azure Defender should be enabled for Virtual Machines


Azure Defender for VM utilizes just-in-time access to lock down inbound traffic, which reduces exposure to attacks. Attackers use compromised VMs as an entry point to attack further resources.

Remediation Steps

Azure Portal

  • Navigate to Security Center.

  • In the left navigation, select Pricing & Settings.

  • Select the Subscription Name.

  • In the left navigation, select Azure Defender plans.

  • Verify that Azure Defender is on.

  • In the table under Servers, select On.

  • Click Save.

Azure CLI

Remediation is not possible via the CLI.