cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Microsoft Defender for SQL - No auto changes

eitan1000
Copper Contributor

‎Feb 08 2022 08:36 AM

‎Feb 08 2022 08:36 AM

Microsoft Defender for SQL - No auto changes

Hello,

 

I wish to convince relevant team members to use Microsoft Defender for SQL and I wish to let them know that Microsoft Defender for SQL will not do any change automatically, without a manual action by a human, so they won't be unaware of any change or that anything will be blocked without their consent.

Is there an official web page or document that states so explicitly?

716 Views
0 Likes
2 Replies
Reply
2 Replies
best response confirmed by eitan1000 (Copper Contributor)
mimakh

‎Feb 09 2022 02:48 PM

‎Feb 09 2022 02:48 PM

Solution

Re: Microsoft Defender for SQL - No auto changes

Hey @eitan1000,

 

Microsoft Defender for SQL does not do any auto-blocking based on alerts or recommendations. You can configure triggers for logic apps and we want to give better tools for auto-remediation in the future but that would be an opt-in experience when relevant. We understand that security always comes with continuity of business, which is the purpose for the resource to exist in the first place. 

 

When you enable Microsoft Defender for SQL on machines we add a lean XEvents session through which we monitor the relevant behavior, for Azure SQL it is done through a background stream. 

 

 

1 Like
Reply
eitan1000

‎Feb 10 2022 12:13 AM

‎Feb 10 2022 12:13 AM

Re: Microsoft Defender for SQL - No auto changes

Thank you very much! Please ask internally that MS will add this info, so it will be explicitly mentioned up front to current and potential customers, to save them asking like I did here.
0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by eitan1000 (Copper Contributor)
mimakh

‎Feb 09 2022 02:48 PM

‎Feb 09 2022 02:48 PM

Solution

Re: Microsoft Defender for SQL - No auto changes

Hey @eitan1000,

 

Microsoft Defender for SQL does not do any auto-blocking based on alerts or recommendations. You can configure triggers for logic apps and we want to give better tools for auto-remediation in the future but that would be an opt-in experience when relevant. We understand that security always comes with continuity of business, which is the purpose for the resource to exist in the first place. 

 

When you enable Microsoft Defender for SQL on machines we add a lean XEvents session through which we monitor the relevant behavior, for Azure SQL it is done through a background stream. 

 

 

View solution in original post

1 Like
Reply