For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/default_rules/def-000-014.md. A documentation index is available at /llms.txt.

Microsoft Defender for Storage should be enabled

azure.security

Description

Microsoft Defender for Storage detects malware uploads, sensitive data exfiltration, and anomalous access patterns on Azure Storage accounts. Enabling this plan at the Standard tier ensures malicious content and unusual data-plane activity are surfaced as security alerts.

Remediation

See Deploy Microsoft Defender for Storage for step-by-step instructions on enabling the plan.