| title | description | services | author | manager | ms.service | ms.topic | ms.date | ms.author |
|---|---|---|---|---|---|---|---|---|
Advanced Threat Protection - Azure Database for MySQL | Microsoft Docs |
Threat Protection detects anomalous database activities indicating potential security threats to the database. |
mysql |
bolzmj |
kfile |
mysql |
article |
09/20/2018 |
mbolz |
Advanced Threat Protection for Azure Database for MySQL detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases.
Advanced Threat Protection is part of the Advanced Data Security offering, which is a unified package for advanced security capabilities. Advanced Threat Protection can be accessed and managed via the Azure portal and is currently in preview.
Note
The Advanced Threat Protection feature is not available in the following Azure government and sovereign cloud regions: US Gov Texas, US Gov Arizona, US Gov Iowa, US, Gov Virginia, US DoD East, US DoD Central, Germany Central, Germany North, China East, China East 2. Please visit products available by region for general product availability.
-
Launch the Azure portal at https://portal.azure.com.
-
Navigate to the configuration page of the Azure Database for MySQL server you want to protect. In the security settings, select Advanced Threat Protection (Preview).
-
On the Advanced Threat Protection (Preview) configuration page:
- Enable Advanced Threat Protection on the server.
- In Advanced Threat Protection Settings, in the Send alerts to text box, provide the list of emails to receive security alerts upon detection of anomalous database activities.
You receive an email notification upon detection of anomalous database activities. The email provides information on the suspicious security event including the nature of the anomalous activities, database name, server name, application name, and the event time. In addition, the email provides information on possible causes and recommended actions to investigate and mitigate the potential threat to the database.
-
Click the View recent alerts link in the email to launch the Azure portal and show the Azure Security Center alerts page, which provides an overview of active threats detected on the SQL database.
View active threats:
-
Click a specific alert to get additional details and actions for investigating this threat and remediating future threats.
SQL Database Threat Detection integrates its alerts with Azure Security Center. A live SQL threat detection tiles within the database and SQL ATP blades in the Azure portal tracks the status of active threats.
Click Threat detection alert to launch the Azure Security Center alerts page and get an overview of active SQL threats detected on the database.
- Learn more about Azure Security Center
- For more information on pricing, see the Azure Database for MySQL Pricing page