Cosmos DB Advanced Threat Protection is Disabled

Data protection

Cosmos DB Advanced Threat Protection is Disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
coppa
CPRA
GDPR
HITRUST
ISO/IEC 27001
Microsoft Cloud Security Benchmark
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

Azure Cosmos DB is a fully managed NoSQL database for modern app development. The Cosmos DB - {AzureCosmosDb} is configured with disabled Advanced Threat Protection. Advanced Threat Protection for Azure Cosmos DB represents an additional layer of protection that allows you to address cybersecurity threats and integrate them with central security monitoring systems like Azure Security Center in order to send email alerts when suspicious activity occurs. Enabling Advanced Threat Protection can help you safeguard your Azure Cosmos DB accounts against potentially harmful activities such as atypical client logins (e.g. access from unusual locations) and unusual data extraction.

Recommended Mitigation

It is recommended to review the cosmos db configuration and enable Advanced Threat Protection in order to add an additional layer of protection to Azure Cosmos DB accounts against cybersecurity threats.

Cosmos DB Advanced Threat Protection is Disabled

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS