---
title: Microsoft Defender for Resource Manager should be enabled
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Microsoft Defender for Resource Manager
  should be enabled
---

# Microsoft Defender for Resource Manager should be enabled
 
## Description{% #description %}

Microsoft Defender for Resource Manager monitors control-plane operations performed through Azure Resource Manager and detects suspicious activity such as the use of risky toolkits, abuse of service principals, and lateral movement attempts. Enabling this plan at the *Standard* tier covers every subscription that issues ARM operations.

## Remediation{% #remediation %}

See [Protect your resources with the Resource Manager plan](https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-resource-manager-plan) for step-by-step instructions on enabling the plan.