---
title: Microsoft Defender for Key Vault should be enabled
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Microsoft Defender for Key Vault should
  be enabled
---

# Microsoft Defender for Key Vault should be enabled
 
## Description{% #description %}

Microsoft Defender for Key Vault detects unusual and potentially malicious access to Azure Key Vault keys, secrets, and certificates. Enabling this plan at the *Standard* tier ensures suspicious access patterns to vault contents are surfaced as alerts.

## Remediation{% #remediation %}

See [Protect your key vaults with the Defender for Key Vault plan](https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-key-vault-plan) for step-by-step instructions on enabling the plan.