Ensure that Vulnerability Assessment (VA) setting 'Send scan reports to' is configured for a SQL server
sqlserver_va_scan_reports_configured
Configure 'Send scan reports to' with email addresses of concerned data owners/stakeholders for a critical SQL servers.
Risk
Vulnerability Assessment (VA) scan reports and alerts will be sent to email addresses configured at 'Send scan reports to'. This may help in reducing time required for identifying risks and taking corrective measures
Run this check with Prowler CLI
prowler azure --checks sqlserver_va_scan_reports_configured
Remediation
https://docs.prowler.com/checks/azure/azure-general-policies/ensure-that-va-setting-send-scan-reports-to-is-configured-for-a-sql-server#terraform
1. Go to SQL servers 2. Select a server instance 3. Select Microsoft Defender for Cloud 4. Select Configure next to Enablement status 5. Set Microsoft Defender for SQL to On 6. Under Vulnerability Assessment Settings, select a Storage Account 7. Set Periodic recurring scans to On 8. Under Send scan reports to, provide email addresses for data owners and stakeholders 9. Click Save
Source Code
Resource Type
SQLServer