Implement Microsoft Defender for Storage
Intermediate
Security Engineer
Azure Storage
Microsoft Defender for Cloud
Azure
Enable and configure Microsoft Defender for Storage to detect threats against Azure Blob Storage, Azure Files, and Azure Data Lake Storage. Configure activity monitoring, malware scanning with cost controls, sensitive data threat detection, and alert routing to ensure Defender outputs reach the appropriate security team.
Learning objectives
After completing this module, you'll be able to:
- Describe the three detection pillars of Microsoft Defender for Storage and how they differ from the classic plan
- Enable Defender for Storage at subscription and resource level using policy-driven deployment
- Configure malware scanning with monthly GB caps for cost control
- Configure sensitive data threat detection
- Configure alert notifications and verify that Defender outputs reach the appropriate security team
Prerequisites
- Microsoft Defender for Cloud enabled in your Azure subscription
- Familiarity with Microsoft Defender for Cloud plans and security recommendations
- Azure Storage accounts deployed in your environment
Get started with Azure
Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.