Introduction to Microsoft Defender for Storage

Azure Security Center and Azure Defender are now called Microsoft Defender for Cloud. Microsoft also renamed Azure Defender plans to Microsoft Defender plans. For example, Azure Defender for Storage is now Microsoft Defender for Storage.

Microsoft Defender for Storage is an Azure-native layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit your storage accounts. It utilizes the advanced capabilities of security AI and Microsoft Threat Intelligence to provide contextual security alerts and recommendations.

Security alerts are triggered when anomalous activities occur. These alerts appear in Microsoft Defender for Cloud, and are also sent via email to subscription administrators, with details of suspicious activity and recommendations for how to investigate and remediate threats.

Availability

What are the benefits of Microsoft Defender for Storage?

Microsoft Defender for Storage provides:

• Azure-native security — With 1-click enablement, Defender for Storage protects data stored in Azure Blob, Azure Files, and Data Lakes. As an Azure-native service, Defender for Storage provides centralized security across all data assets managed by Azure and is integrated with other Azure security services such as Microsoft Sentinel.
• Rich detection suite — Powered by Microsoft Threat Intelligence, the detections in Defender for Storage cover the top storage threats such as anonymous access, compromised credentials, social engineering, privilege abuse, and malicious content.
• Response at scale — Defender for Cloud’s automation tools make it easier to prevent and respond to identified threats. Learn more in Automate responses to Defender for Cloud triggers.

What kind of alerts does Microsoft Defender for Storage provide?

Security alerts are triggered when there’s:

• Suspicious access patterns — such as successful access…