Data protection

Cosmos DB Advanced Threat Protection is Disabled

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Azure Cosmos DB is a fully managed NoSQL database for modern app development. The Cosmos DB - {AzureCosmosDb} is configured with disabled Advanced Threat Protection. Advanced Threat Protection for Azure Cosmos DB represents an additional layer of protection that allows you to address cybersecurity threats and integrate them with central security monitoring systems like Azure Security Center in order to send email alerts when suspicious activity occurs. Enabling Advanced Threat Protection can help you safeguard your Azure Cosmos DB accounts against potentially harmful activities such as atypical client logins (e.g. access from unusual locations) and unusual data extraction.
  • Recommended Mitigation

    It is recommended to review the cosmos db configuration and enable Advanced Threat Protection in order to add an additional layer of protection to Azure Cosmos DB accounts against cybersecurity threats