跳到主要內容

Enable Defender for Database and CSPM Plan

Implementation Effort: Medium
Customer IT and Security Operations teams must enable multiple Defender plans across Azure and multicloud environments, which requires coordination and configuration.

User Impact: Low
All actions are performed by administrators; no user-facing changes or notifications are required.

Overview

Enabling Microsoft Defender for Databases and the Defender Cloud Security Posture Management (CSPM) plan ensures comprehensive protection for your database workloads and cloud environments. These plans are part of Microsoft Defender for Cloud and provide advanced threat detection, posture management, and compliance monitoring.

Defender for Databases

This plan includes four modules:

  • Defender for Azure SQL Databases
  • Defender for SQL Servers on Machines (including on-premises and multicloud via Azure Arc)
  • Defender for Open-Source Relational Databases (e.g., PostgreSQL, MySQL)
  • Defender for Azure Cosmos DB

To enable:

  1. Sign in to the Azure portal.
  2. Go to Microsoft Defender for Cloud.
  3. Select Environment settings.
  4. Choose the relevant Azure subscription, AWS account, or GCP project.
  5. On the Defender plans page, toggle the Databases plan to On 1.

Defender CSPM Plan

This plan enhances your cloud security posture with features like:

  • Governance and regulatory compliance
  • Cloud security explorer
  • Attack path analysis
  • Agentless scanning
  • Sensitive data discovery

To enable:

  1. In the same Defender plans page, toggle the Defender CSPM plan to On.
  2. Click Save to apply changes 2.

These capabilities align with the Zero Trust principle of "Assume Breach" by ensuring visibility, continuous monitoring, and proactive threat detection across all cloud and database environments. Without enabling these plans, organizations risk blind spots in their security posture and delayed response to threats.

Reference