Azure Defender should be enabled for Storage Accounts

Description

Azure Defender for Storage Accounts detects unusual and potentially harmful attempts to access Storage Account data. For example, an attacker accesses your Storage Account and uploads a file that contains malware, such as ransomware.

Remediation Steps

Azure Portal

  • Navigate to Security Center.

  • In the left navigation, select Pricing & Settings.

  • Select the Subscription Name.

  • In the left navigation, select Azure Defender plans.

  • Verify that Azure Defender is on.

  • In the table under Storage, select On.

  • Click Save.

Azure CLI

Remediation is not possible via the CLI.