Migrate to Innovate Summit:
Learn how migrating and modernizing to Azure can boost your business's performance, resilience, and security, enabling you to fully embrace AI.Register now
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. Advanced Threat Protection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials - see more details in Advanced Threat Protection alerts.
Advanced Threat Protection is part of the Microsoft Defender for SQL offering, which is a unified package for advanced SQL security capabilities. Advanced Threat Protection can be accessed and managed via the central Microsoft Defender for SQL portal.
Set up Advanced Threat Protection in the Azure portal
Navigate to the configuration page of the server you want to protect. In the security settings, select Microsoft Defender for Cloud.
On the Microsoft Defender for Cloud configuration page:
If Microsoft Defender for SQL hasn't yet been enabled, select Enable Microsoft Defender for SQL.
Select Configure.
Under ADVANCED THREAT PROTECTION SETTINGS, select Add your contact details to the subscription's email settings in Defender for Cloud.
Provide the list of emails to receive notifications upon detection of anomalous database activities in the Additional email addresses (separated by commas) text box.
Optionally customize the severity of alerts that will trigger notifications to be sent under Notification types.
Select Save.
Set up Advanced Threat Protection using PowerShell
Administer an SQL Server database infrastructure for cloud, on-premises and hybrid relational databases using the Microsoft PaaS relational database offerings.
Learn about functionality for managing your database vulnerabilities and detecting anomalous activities that could indicate a threat to your database in Azure SQL Database, Azure SQL Managed Instance, or Azure Synapse.
Learn how to configure SQL vulnerability assessment and interpret the reports on Azure SQL Database, Azure SQL Managed Instance, and Synapse Analytics.
Learn how to find software vulnerabilities with the express configuration on Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics.