How frequently Azure security center updates recommendations?

Gregory Suvalian 186 Reputation points

I have workflow setup using Logic Apps in security center and wondering what is exact process/schedule when it's supposed to be triggered, also if it's triggered once for each violation or will be keep triggering on each run?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,275 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Burak VAROL 361 Reputation points

    Hi artisticcheese,

    I believe this article has got the answer to your query:

    Security Center automatically runs continuous scans to analyze the security state of your Azure resources. When Security Center identifies potential security vulnerabilities, it creates recommendations that guide you through the process of configuring the needed security controls. Security Center updates its recommendations within 24 hours, with the following exceptions:

    • Operating system security configuration recommendations are updated within 48 hours
    • Endpoint Protection issues recommendations are updated within 8 hours
    0 comments No comments

  2. Gregory Suvalian 186 Reputation points

    Does it mean workflow is triggered only once for failure or each run?

    0 comments No comments