If you have been following me or generally topics around Azure SQL Database and security you would know that it is important to leverage Advanced Data Security (ADS) for Azure SQL Database, if you remember this meant having tools such as advanced threat protection, vulnerability scans at your finger tips.
Well, it seems that this has been re-badged as Azure Defender for SQL. A powerful name, what is it? Well, its the same thing. Have a look below, its basically the features I have just mentioned.
Its seems tightly coupled with Security Centre, if you go to the main server settings you can actually activate it that way.
I always say that this is always best experienced with Auditing enabled. This has to be enabled in a different location. If you look at the above screen shot it shows you the auditing option, this has slightly changed which I will show below.
Notice anything new? Yes the auditing of Microsoft operations is now supported. This is auditing of Microsoft support engineers’ operations when they need to access your server during a support request – that’s quite handy, nice to have that level of transparency. If you like the sound of this and want to use a storage account to store the data well you cant. To enable the capability, a Log Analytics workspace or an Event Hub destination has to be configured.
You maybe wondering where is data discovery classification feature? Well you have to drill down to the relevant database to see that.