Views:

Manage feature-specific settings for your connected Azure subscription.

The Configuration tab displays configurable settings for each feature enabled on your connected Azure subscription. Settings are organized by feature. Only features that are enabled for your subscription appear on this tab.

Cyber Risk Exposure Management - Cloud account assessment

Select the Assess this cloud connector checkbox to enable Cyber Risk Exposure Management for your Azure subscription. Enabling Cyber Risk Exposure Management grants you access to Attack Surface Discovery, Threat and Exposure Management, and Cloud Security Posture.
Note
Note
Enabling Cyber Risk Exposure Management consumes credits. Credits required are based on the number of assets in your subscription.

Agentless Vulnerability & Threat Detection

Configure the resource types and deployment regions for Agentless Vulnerability & Threat Detection. Use the Deployment dropdown to select the Azure regions to deploy the feature to.
The following tabs are available:
Vulnerability scanning
Select the resource types to include in vulnerability scans. The following resource types are available:
  • Managed Disks
  • Container Registry images
Anti-malware
Select the resource types to include in anti-malware scans. The following resource types are available:
  • Managed Disks
  • Container Registry images

Cloud Detections for Azure Activity Logs

Configure XDR data collection settings for Cloud Detections for Azure Activity Logs. Use the Deployment dropdown to select the Azure regions to deploy the feature to.
XDR capabilities
Select the XDR data collection checkbox to enable XDR data collection for your subscription.
XDR event types
The following event types are collected:
  • Administrative events
Note
Note
Cloud Detections for Azure Activity Logs has a billing requirement of 3 credits per GB of data collected annually, or pay-as-you-go.

Microsoft Defender for Endpoint Log Collection

Configure XDR data collection and forwarded event types for Microsoft Defender for Endpoint Log Collection.
XDR capabilities
Select the XDR data collection checkbox to enable XDR data collection, then select an existing log repository from the Select a log repo dropdown.
To add a new log repository, go to Third-Party Integration and add a log repository under Third-Party Log Collection.
Forwarded event types
Make sure you enable the required event types in the Microsoft Defender for Endpoint portal before configuring this section.
Alerts & Behaviors
  • AlertInfo
  • AlertEvidence
Devices
  • DeviceInfo
  • DeviceNetworkInfo
  • DeviceProcessEvents
  • DeviceNetworkEvents
  • DeviceFileEvents
  • DeviceRegistryEvents
  • DeviceLogonEvents
  • DeviceImageLoadEvents
  • DeviceEvents
  • DeviceFileCertificateInfo
Vulnerability, System Configuration
  • DeviceTvmSecureConfigurationAssessmentKB
  • DeviceTvmSecureConfigurationAssessment