Alerting is based on vendor or generic best practices security recommendations for the relevant service or product

Question

Alerting should be based on vendor or generic what is the best practices security recommendations for the azure services and product.

Answer 1

Hi

Thanks for reaching out to Microsoft Q&A.

Here you go, security best practices and patterns: official doc from MS.

https://learn.microsoft.com/en-us/azure/security/fundamentals/best-practices-and-patterns

The complete framwork worth reading if you want to setup from scratch.

https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/secure/security-top-10

Please Upvote and Accept as answer if the reply was helpful, this will be helpful to other community members.

Answer 2

@Prateek Rana , Following-up to check if you had a chance to review the answers to this question.

I would like to add the following - Generally, the Vendor specific criteria are a good way to start implementing alerts keeping it the default, however you should also consider specific criteria for the resources being monitored. For example, while you may consider that 10% available space is a good criterion for alerting, if the disk size is in TBs, 10% would still mean approx. 100+GB left, and you may want to reduce it to a lower threshold. If there are specific scenarios in your mind, please do share them here so that they can be analyzed to get perspective from the community.

If the answer below helped, please click Accept answer so that it can help others in the community looking for help on similar topics.