Azure should be configured with a security contact email

Description

Microsoft Defender for Cloud notifies subscription owners via email about high-severity alerts. An additional security contact email address should be provided for prompt notification about security alerts. This allows the organization’s security team to be aware of potential risks.

Remediation

From the console

  1. From the Azure Portal select the Portal menu.
  2. Select Microsoft Defender for Cloud.
  3. Click Environment Settings on the left side menu.
  4. Click on the appropriate management group, subscription, or workspace.
  5. Click Email notifications.
  6. Enter a valid security contact email address (or multiple addresses separated by commas) in the additional email addresses field.
  7. Click Save