How frequently Azure security center updates recommendations?

Gregory Suvalian 176 Reputation points
2020-05-31T20:05:23.863+00:00

I have workflow setup using Logic Apps in security center and wondering what is exact process/schedule when it's supposed to be triggered, also if it's triggered once for each violation or will be keep triggering on each run?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
672 questions
No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Burak VAROL 361 Reputation points
    2020-05-31T20:46:55.857+00:00

    Hi artisticcheese,

    I believe this article has got the answer to your query:
    https://learn.microsoft.com/en-us/azure/security-center/security-center-using-recommendations

    Security Center automatically runs continuous scans to analyze the security state of your Azure resources. When Security Center identifies potential security vulnerabilities, it creates recommendations that guide you through the process of configuring the needed security controls. Security Center updates its recommendations within 24 hours, with the following exceptions:

    • Operating system security configuration recommendations are updated within 48 hours
    • Endpoint Protection issues recommendations are updated within 8 hours
    No comments

  2. Gregory Suvalian 176 Reputation points
    2020-05-31T20:53:24.38+00:00

    Does it mean workflow is triggered only once for failure or each run?

    No comments