To configure Azure Database Vulnerability Assessment, follow these steps:
- Navigate to your Azure SQL Database instance in the Azure portal.
- Select the “Security + compliance” tab in the left-hand menu.
- Click on “Vulnerability assessment” in the “Security” section.
- Click “Create a new scan” to start the configuration process.
- Select the subscription, resource group, and database that you want to scan.
- Choose the assessment type (Security or Compliance) and the scan frequency.
- Specify the storage account where the vulnerability assessment reports will be stored.
- Review and accept the terms of use.
- Click “Create” to start the vulnerability assessment.
Once the vulnerability assessment has been created, you can view the assessment results by clicking on the “Vulnerability assessment” tab in the left-hand menu. The assessment results will show you a list of potential security vulnerabilities and compliance issues that have been detected within your database. You can click on each vulnerability to view more details and recommendations for remediation.
You can also configure email notifications to be sent to specific individuals or groups when new vulnerabilities are detected. To configure email notifications, click on “Email notifications” in the “Vulnerability assessment” tab and specify the email recipients and notification settings.
In addition to using the Azure portal, you can also configure Azure Database Vulnerability Assessment using PowerShell. Microsoft provides a PowerShell module for Azure SQL Database that includes cmdlets for configuring and managing the vulnerability assessment feature.
