| title | description | services | ms.service | ms.subservice | ms.custom | ms.devlang | ms.topic | author | ms.author | ms.reviewer | manager | ms.date |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Threat Detection - Azure SQL Database | Microsoft Docs |
Threat Detection detects anomalous database activities indicating potential security threats to the database in a single database or elastic pool. |
sql-database |
sql-database |
security |
conceptual |
rmatchoro |
ronmat |
vanto, carlrab |
craigg |
10/25/2018 |
Azure SQL Threat Detection for SQL Database Single databases detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Threat Detection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials - see more details in Threat Detection alerts.
You can receive notifications about the detected threats via email notifications or Azure portal
Threat Detection is part of the SQL Advanced Threat Protection (ATP) offering, which is a unified package for advanced SQL security capabilities. Threat Detection can be accessed and managed via the central SQL ATP portal. Threat detection service is charged 15$/month per Logical Server, with first 30 days free of charge.
-
Launch the Azure portal at https://portal.azure.com.
-
Navigate to the configuration page of the Azure SQL Database server you want to protect. In the security settings, select Advanced Threat Protection.
-
On the Advanced Threat Protection configuration page:
- Enable Advanced Threat Protection on the server.
- In Threat Detection Settings, in the Send alerts to text box, provide the list of emails to receive security alerts upon detection of anomalous database activities.
For a script example, see Configure auditing and threat detection using PowerShell.
- Learn more about Threat Detection.
- Learn more about Threat Detection in Managed Instance.
- Learn more about SQL Advanced Threat Protection.
- Learn more about Azure SQL Database Auditing
- Learn more about Azure Security Center
- For more information on pricing, see the SQL Database Pricing page