| title | description | services | ms.service | ms.subservice | ms.custom | ms.topic | author | ms.author | ms.reviewer | ms.date |
|---|---|---|---|---|---|---|---|---|---|---|
Configure Advanced Threat Protection |
Advanced Threat Protection detects anomalous database activities indicating potential security threats to the database in Azure SQL Database |
sql-database |
sql-database |
security |
seo-dt-2019, sqldbrb=1 |
how-to |
rmatchoro |
ronmat |
vanto |
12/01/2020 |
[!INCLUDEappliesto-sqldb]
Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Advanced Threat Protection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials - see more details in Advanced Threat Protection alerts.
You can receive notifications about the detected threats via email notifications or Azure portal
Advanced Threat Protection is part of the Azure Defender for SQL offering, which is a unified package for advanced SQL security capabilities. Advanced Threat Protection can be accessed and managed via the central Azure Defender for SQL portal.
-
Sign into the Azure portal.
-
Navigate to the configuration page of the server you want to protect. In the security settings, select Security Center.
-
On the Azure Defender for SQL configuration page:
- Enable Azure Defender for SQL on the server.
- In Advanced Threat Protection Settings, provide the list of emails to receive security alerts upon detection of anomalous database activities in the Send alerts to text box.
:::image type="content" source="media/azure-defender-for-sql/set-up-advanced-threat-protection.png" alt-text="set up advanced threat protection":::
For a script example, see Configure auditing and Advanced Threat Protection using PowerShell.
- Learn more about Advanced Threat Protection.
- Learn more about Advanced Threat Protection in SQL Managed Instance.
- Learn more about Azure Defender for SQL.
- Learn more about auditing
- Learn more about Azure security center
- For more information on pricing, see the SQL Database pricing page