Microsoft Defender for Cosmos DB is Now Available in Public Preview
Last Update: Sep 04, 2024 | Published: Mar 03, 2022
Microsoft has announced the public preview of Microsoft Defender for Azure Cosmos DB, a new database protection solution for enterprise customers. The latest security offering allows organizations to constantly monitor and protect their cloud workloads against the most common critical threats across databases.
“The new cloud workload protection capabilities are designed as an Azure-native layer of security, that detect attempts to exploit databases in your Azure Cosmos DB accounts based on the most common attack techniques and known bad actors—enabling security teams to detect and respond to these threats more effectively, using the Microsoft Defender for Cloud toolset,” the company explained.
More specifically, this new security solution protects Cloud Cosmos DB accounts from the most critical threats, including SQL injections. The SQL injection attack is one of the most popular attack techniques that the threat actors use to access sensitive information such as user credentials and credit card details.
Microsoft Defender for Azure Cosmos DB can also block unusual and potentially harmful attempts to access account access keys. Additionally, it can detect suspicious behavior patterns that can potentially lead to malicious insiders, leaked keys, as well as compromised identities. You can find the full list of Defender for Azure Cosmos DB alerts on this support page.
How to configure Microsoft Defender for Cosmos DB
Microsoft says that IT Admins will be able to set up the Microsoft Defender for Cosmos DB protection by following the steps mentioned below:
- First of all, open the Azure portal.
- Head to the Settings menu and then select the Microsoft Defender for Cloud option.
- Finally, turn on the toggle button available in the Microsoft Defender for Cloud configuration blade and click the Save button.
Microsoft noted that Microsoft Defender for Cosmos DB support is currently only available in public preview for the Core (SQL) API. As of this writing, the new cloud workload protection capabilities are not available for Azure government and sovereign cloud customers.