Blog Post

Core Infrastructure and Security Blog
4 MIN READ

From Healthy to Unhealthy: Alerting on Defender for Cloud Recommendations with Logic Apps

absharan's avatar
absharan
Icon for Microsoft rankMicrosoft
Aug 06, 2025

This blog guides you through building an automated solution using Azure Logic Apps and KQL to monitor Microsoft Defender for Cloud recommendations. You'll learn how to detect when resources shift from a healthy to unhealthy security state, send customized email alerts, and proactively manage regressions—without manual effort. Ideal for security teams aiming to enhance visibility, reduce response time, and maintain strong cloud security posture.

In today's cloud-first environments, maintaining strong security posture requires not just visibility but real-time awareness of changes. This blog walks you through a practical solution to monitor a...
Updated Aug 06, 2025
Version 1.0
AbhishekSharan
cloud security posture management
microsoft defender for cloud
security posture
manjusullad's avatar
manjusullad
Copper Contributor
Aug 11, 2025

Hello absharan​,

Really useful information. Thank you.

I would like to understand is there possibilities to extend this architecture to Management group scope, instead of configuring to the individual subscription.

Thank you.

Manjunath Sullad