Azure Defender should be enabled for Key Vaults¶
Azure Defender for Key Vault detects unusual and harmful attempts to access or exploit secrets/key data. For example, if an attacker gained unauthorized access to a secret on a production workload, they would have access to sensitive and business-critical data.
Navigate to Security Center.
In the left navigation, select Pricing & Settings.
Select the Subscription Name.
In the left navigation, select Azure Defender plans.
Verify that Azure Defender is on.
In the table under Key Vaults, select On.
Remediation is not possible via the CLI.