Security Center is natively integrated with App Service, eliminating the need for deployment and onboarding — the integration is transparent.
To protect your Azure App Service plan with Azure Defender for App Service, you’ll need:
Tip: You can optionally enable plans in Azure Defender (like Azure Defender for App Service).
Azure Defender for Storage is an Azure-native layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit your storage accounts. It utilizes the advanced capabilities of security AI and Microsoft Threat Intelligence to provide contextual security alerts and recommendations.
Security alerts are triggered when anomalies in activity occur. These alerts are integrated with Azure Security Center, and are also sent via email to subscription administrators, with details of suspicious activity and recommendations on how to investigate and remediate threats.
Azure Defender for Storage provides:
To enable all Security Center features including threat protection capabilities, you must enable Azure Defender on the subscription containing the applicable workloads. Enabling it at the workspace level doesn’t enable just-in-time VM access, adaptive application controls, and network detections for Azure resources. In addition, the only Azure Defender plans available at the workspace level are Azure Defender for servers and Azure Defender for SQL servers on machines.
To enable a data connector in Azure Sentinel:
2. On the connector page, make sure you’ve fulfilled all the prerequisites, and follow the instructions to connect the data to Azure Sentinel. It may take some time for the logs to start syncing with Azure Sentinel. …