SQL Server Vulnerability Assessments should send scan reports to subscribed admins


Vulnerability Assessment (VA) scan reports and alerts will be sent to email addresses configured at ‘Send scan reports to’. This may help in reducing time required for identifying risks and taking corrective measures. Enabling these features on Microsoft Defender for SQL incurs additional costs per SQL server.


From the console

Azure is transitioning from Classic Configuration to Express Configuration. For specific configuration instructions that fit your use case, see Enable vulnerability assessment on your Azure SQL databases and servers.