For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/default_rules/def-000-bwp.md. A documentation index is available at /llms.txt.

Microsoft Defender for App Services should be enabled

azure.security

Description

Microsoft Defender for App Service detects attacks on web applications hosted in Azure App Service, including suspicious process execution, web shell activity, and connection-based threats. The plan must be enabled at the Standard tier on subscriptions that run App Service workloads.

Remediation

See Protect your applications with Defender for App Service for step-by-step instructions on enabling the plan.