Sending emails when a new recommendation is triggered in Microsoft Defender for Cloud

Published Nov 25 2019 05:12 AM 4,237 Views
Microsoft

When you use Microsoft Defender for Cloud Secure Score to drive the enhancement of your cloud security posture, you will have to monitor the security recommendations in Microsoft Defender for Cloud and remediate them accordingly. One feedback that we received was: it would be great if once a new recommendation arrive, I could receive a notification (an email for example). This feature is here and does way more than just email.

 

In this video, I demonstrate how to use the Workflow Automation feature to send emails, open a ticket on Service Now and post a message on Slack channel when a specific recommendation is created.

 

 

For more information about Workflow Automation, read this article, and for more information on how to drive your Secure Score up in Microsoft Defender for Cloud, read the Secure Score Survival Guide.

4 Comments
%3CLINGO-SUB%20id%3D%22lingo-sub-1030240%22%20slang%3D%22en-US%22%3ESending%20emails%20when%20a%20new%20recommendation%20is%20triggered%20in%20Azure%20Security%20Center%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1030240%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20style%3D%22background-attachment%3A%20scroll%3B%20background-clip%3A%20border-box%3B%20background-color%3A%20transparent%3B%20background-image%3A%20none%3B%20background-origin%3A%20padding-box%3B%20background-position-x%3A%200%25%3B%20background-position-y%3A%200%25%3B%20background-repeat%3A%20repeat%3B%20background-size%3A%20auto%3B%20border-image-outset%3A%200%3B%20border-image-repeat%3A%20stretch%3B%20border-image-slice%3A%20100%25%3B%20border-image-source%3A%20none%3B%20border-image-width%3A%201%3B%20box-sizing%3A%20inherit%3B%20color%3A%20rgba(0%2C%200%2C%200%2C%200.9)%3B%20font-family%3A%20-apple-system%2Csystem-ui%2CBlinkMacSystemFont%2CSegoe%20UI%2CRoboto%2CHelvetica%20Neue%2CFira%20Sans%2CUbuntu%2COxygen%2COxygen%20Sans%2CCantarell%2CDroid%20Sans%2CApple%20Color%20Emoji%2CSegoe%20UI%20Emoji%2CSegoe%20UI%20Symbol%2CLucida%20Grande%2CHelvetica%2CArial%2Csans-serif%3B%20font-size%3A%20100%25%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20line-height%3A%20inherit%3B%20orphans%3A%202%3B%20outline-color%3A%20invert%3B%20outline-style%3A%20none%3B%20outline-width%3A%200px%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20vertical-align%3A%20baseline%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20pre-wrap%3B%20word-spacing%3A%200px%3B%20padding%3A%200px%3B%20margin%3A%200px%3B%20border%3A%200px%20none%20currentColor%3B%22%3EWhen%20you%20use%20Azure%20Security%20Center%20Secure%20%3C%2FSPAN%3E%3CSPAN%20style%3D%22background-attachment%3A%20scroll%3B%20background-clip%3A%20border-box%3B%20background-color%3A%20transparent%3B%20background-image%3A%20none%3B%20background-origin%3A%20padding-box%3B%20background-position-x%3A%200%25%3B%20background-position-y%3A%200%25%3B%20background-repeat%3A%20repeat%3B%20background-size%3A%20auto%3B%20border-image-outset%3A%200%3B%20border-image-repeat%3A%20stretch%3B%20border-image-slice%3A%20100%25%3B%20border-image-source%3A%20none%3B%20border-image-width%3A%201%3B%20box-sizing%3A%20inherit%3B%20color%3A%20rgba(0%2C%200%2C%200%2C%200.9)%3B%20font-family%3A%20-apple-system%2Csystem-ui%2CBlinkMacSystemFont%2CSegoe%20UI%2CRoboto%2CHelvetica%20Neue%2CFira%20Sans%2CUbuntu%2COxygen%2COxygen%20Sans%2CCantarell%2CDroid%20Sans%2CApple%20Color%20Emoji%2CSegoe%20UI%20Emoji%2CSegoe%20UI%20Symbol%2CLucida%20Grande%2CHelvetica%2CArial%2Csans-serif%3B%20font-size%3A%20100%25%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20line-height%3A%20inherit%3B%20orphans%3A%202%3B%20outline-color%3A%20invert%3B%20outline-style%3A%20none%3B%20outline-width%3A%200px%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20vertical-align%3A%20baseline%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20pre-wrap%3B%20word-spacing%3A%200px%3B%20padding%3A%200px%3B%20margin%3A%200px%3B%20border%3A%200px%20none%20currentColor%3B%22%3EScore%20to%20drive%20the%20enhancement%20of%20your%20cloud%20security%20posture%2C%20you%20will%20have%20to%20monitor%20the%20security%20recommendations%20in%20ASC%20and%20remediate%20them%20accordingly.%20One%20feedback%20that%20we%20received%20was%3A%20it%20would%20be%20great%20if%20once%20a%20new%20recommendation%20arrive%2C%20I%20could%20receive%20a%20notification%20(an%20email%20for%20example).%20This%20feature%20is%20here%20and%20does%20way%20more%20than%20just%20email.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20style%3D%22background-attachment%3A%20scroll%3B%20background-clip%3A%20border-box%3B%20background-color%3A%20transparent%3B%20background-image%3A%20none%3B%20background-origin%3A%20padding-box%3B%20background-position-x%3A%200%25%3B%20background-position-y%3A%200%25%3B%20background-repeat%3A%20repeat%3B%20background-size%3A%20auto%3B%20border-image-outset%3A%200%3B%20border-image-repeat%3A%20stretch%3B%20border-image-slice%3A%20100%25%3B%20border-image-source%3A%20none%3B%20border-image-width%3A%201%3B%20box-sizing%3A%20inherit%3B%20color%3A%20rgba(0%2C%200%2C%200%2C%200.9)%3B%20font-family%3A%20-apple-system%2Csystem-ui%2CBlinkMacSystemFont%2CSegoe%20UI%2CRoboto%2CHelvetica%20Neue%2CFira%20Sans%2CUbuntu%2COxygen%2COxygen%20Sans%2CCantarell%2CDroid%20Sans%2CApple%20Color%20Emoji%2CSegoe%20UI%20Emoji%2CSegoe%20UI%20Symbol%2CLucida%20Grande%2CHelvetica%2CArial%2Csans-serif%3B%20font-size%3A%20100%25%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20line-height%3A%20inherit%3B%20orphans%3A%202%3B%20outline-color%3A%20invert%3B%20outline-style%3A%20none%3B%20outline-width%3A%200px%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20vertical-align%3A%20baseline%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20pre-wrap%3B%20word-spacing%3A%200px%3B%20padding%3A%200px%3B%20margin%3A%200px%3B%20border%3A%200px%20none%20currentColor%3B%22%3EIn%20this%20video%2C%20I%20demonstrate%20how%20to%20use%20the%20Workflow%20Automation%20feature%20to%20send%20emails%2C%20open%20a%20ticket%20on%20Service%20Now%20and%20post%20a%20message%20on%20Slack%20channel%20when%20a%20specific%20recommendation%20is%20created.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3C%2FP%3E%3CDIV%20class%3D%22video-embed-center%20video-embed%22%3E%3CIFRAME%20class%3D%22embedly-embed%22%20src%3D%22https%3A%2F%2Fcdn.embedly.com%2Fwidgets%2Fmedia.html%3Fsrc%3Dhttps%253A%252F%252Fwww.youtube.com%252Fembed%252FRLjfOxvS_7Y%253Ffeature%253Doembed%26amp%3Burl%3Dhttps%253A%252F%252Fwww.youtube.com%252Fwatch%253Fv%253DRLjfOxvS_7Y%26amp%3Bimage%3Dhttps%253A%252F%252Fi.ytimg.com%252Fvi%252FRLjfOxvS_7Y%252Fhqdefault.jpg%26amp%3Bkey%3Db0d40caa4f094c68be7c29880b16f56e%26amp%3Btype%3Dtext%252Fhtml%26amp%3Bschema%3Dyoutube%22%20width%3D%22499%22%20height%3D%22281%22%20scrolling%3D%22no%22%20frameborder%3D%220%22%20allow%3D%22autoplay%3B%20fullscreen%22%20allowfullscreen%3D%22true%22%20title%3D%22Video%22%3E%3C%2FIFRAME%3E%3C%2FDIV%3E%3CP%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFor%20more%20information%20about%20Workflow%20Automation%2C%20read%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity-center%2Fworkflow-automation%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ethis%20article%3C%2FA%3E%2C%20and%20for%20more%20information%20on%20how%20to%20drive%20your%20Secure%20Score%20up%20in%20Azure%20Security%20Center%2C%20read%20the%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FAzure-Security-Center%2FSurvival-Guide-to-Drive-your-Secure-Score-Up-in-Azure-Security%2Fba-p%2F752649%22%20target%3D%22_self%22%3ESecure%20Score%20Survival%20Guide%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1034873%22%20slang%3D%22en-US%22%3ERe%3A%20Sending%20emails%20when%20a%20new%20recommendation%20is%20triggered%20in%20Azure%20Security%20Center%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1034873%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F124214%22%20target%3D%22_blank%22%3E%40Yuri%20Diogenes%3C%2FA%3E%2C%26nbsp%3Binterested%20in%20watching%20this%20video%20and%20so%20bookmarking%20the%20post%2C%20but%20curious%20as%20to%20which%20Slack%20was%20used%20instead%20of%20Teams%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1034897%22%20slang%3D%22en-US%22%3ERe%3A%20Sending%20emails%20when%20a%20new%20recommendation%20is%20triggered%20in%20Azure%20Security%20Center%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1034897%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F17756%22%20target%3D%22_blank%22%3E%40Jeffrey%20Allen%3C%2FA%3E%26nbsp%3B-%20it%20was%20only%20to%20show%20that%20we%20have%20built-in%20connector%20for%20this%20platform%2C%20that's%20all.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2412621%22%20slang%3D%22en-US%22%3ERe%3A%20Sending%20emails%20when%20a%20new%20recommendation%20is%20triggered%20in%20Azure%20Security%20Center%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2412621%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F124214%22%20target%3D%22_blank%22%3E%40Yuri%20Diogenes%3C%2FA%3E%26nbsp%3B%20If%20i%20want%20the%20reported%20Resource%20name%20(VM%2C%20App%20Service)%20in%20the%20email%20subject%20which%20dynamic%20content%20to%20use.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2460474%22%20slang%3D%22en-US%22%3ERe%3A%20Sending%20emails%20when%20a%20new%20recommendation%20is%20triggered%20in%20Azure%20Security%20Center%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2460474%22%20slang%3D%22en-US%22%3E%3CP%3EWonderful!!!%20Thanks%20a%20lot%20for%20the%20video!%20Regards%3C%2FP%3E%3C%2FLINGO-BODY%3E
Co-Authors
Version history
Last update:
‎Oct 24 2021 05:09 AM
Updated by: